PDA

View Full Version : help please! mcafee and norton have officially lost it!



rcb56
2022-09-27, 21:16
not had either in over 10 years. norton adblocker and mcafee, both are driving me up the walls with their continued one after another pop ups sayng my ver. is about to expire. it is relentless.


i downloaded the Farbar tool, but it says windows won't open it. it wouldn't download aswMBR file.

Juliet
2022-09-27, 22:35
norton adblocker and mcafee
Look in the extensions list for which ever browser your using, and if there delete it

https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234
Follow the above link to boot your computer into safe mode and attempt to run Farbar again, if successful post the logs it creates.

rcb56
2022-09-28, 03:11
HELLO AGAIN JULIETT oops! ok thanks

Juliet
2022-09-28, 03:36
Getting a little late here, I'll have to check back in the morning.

rcb56
2022-09-28, 07:14
ok juliet, sorry it took so long but it appears something has jumped on here. i went in safe mode and opened my downloads folder which it was in and it now says network issue. i tried to go to the starting thread to try it again but it said i wasn't connected. ok, late here too...sweet dreams!

rcb56
2022-09-28, 08:01
well juliet i found a farbar download that loaded and here's the results of them but if they are inferior downloads let me know...

an result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2017 01 (ATTENTION: ====> FRSTversion is 1989 days old and could be outdated)
Ran by 18706 (administrator) on LAPTOP (27-09-2022 23:26:41)
Running from C:\Users\18706\Downloads
Loaded Profiles: 18706 (Available Profiles: 18706 & likit)
Platform: Windows 10 Home Version 2009 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> Registry
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7c484f80872e1cd8\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SweetLabs, Inc) C:\Users\18706\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(Farbar) C:\Users\18706\Downloads\FRST64 (4).exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [86016 2019-12-07] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-10-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2019-10-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2019-10-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle Corporation)
HKU\S-1-5-21-1634124706-516754031-2614381865-1002\...\Run: [MicrosoftEdgeAutoLaunch_D1958FC0C1B10F15E255846006945094] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [3795360 2022-09-22] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{21df0d93-a1d4-40f0-af0e-9c8c44203643}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{592115aa-222f-4ad9-b2a5-b129874fa802}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{95b16433-0be1-43d3-a9ce-053d12f5f22c}: [DhcpNameServer] 150.208.1.2

Internet Explorer:
==================
HKU\S-1-5-21-1634124706-516754031-2614381865-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1634124706-516754031-2614381865-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1634124706-516754031-2614381865-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.50\BHO\ie_to_edge_bho_64.dll [2022-09-22] (Microsoft Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.50\BHO\ie_to_edge_bho.dll [2022-09-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-09-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-09-24] (Oracle Corporation)

Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions [not found]

FireFox:
========
FF DefaultProfile: x0l4ausl.default
FF ProfilePath: C:\Users\18706\AppData\Roaming\Mozilla\Firefox\Profiles\x0l4ausl.default [2022-01-29]
FF Extension: (Disable Crash Auto Submit) - C:\Users\18706\AppData\Roaming\Mozilla\Firefox\Profiles\x0l4ausl.default\features\{d9b4f8a3-5c19-43bd-8ee7-6aa13396f85b}\disable-crash-autosubmit@mozilla.org.xpi [2020-06-29]
FF Extension: (Disable JavaScript Shared Memory) - C:\Users\18706\AppData\Roaming\Mozilla\Firefox\Profiles\x0l4ausl.default\features\{d9b4f8a3-5c19-43bd-8ee7-6aa13396f85b}\disable-js-shared-memory@mozilla.org.xpi [2020-06-29]
FF Extension: (Follow-on Search Telemetry) - C:\Users\18706\AppData\Roaming\Mozilla\Firefox\Profiles\x0l4ausl.default\features\{d9b4f8a3-5c19-43bd-8ee7-6aa13396f85b}\followonsearch@mozilla.com.xpi [2020-06-29]
FF Extension: (Hotfix for Firefox bug 1548973 (armagaddon 2.0) mitigation) - C:\Users\18706\AppData\Roaming\Mozilla\Firefox\Profiles\x0l4ausl.default\features\{d9b4f8a3-5c19-43bd-8ee7-6aa13396f85b}\hotfix-bug-1548973@mozilla.org.xpi [2020-06-29]
FF Extension: (Shield Recipe Client) - C:\Users\18706\AppData\Roaming\Mozilla\Firefox\Profiles\x0l4ausl.default\features\{d9b4f8a3-5c19-43bd-8ee7-6aa13396f85b}\shield-recipe-client@mozilla.org.xpi [2020-06-29]
FF Extension: (Fixing the geo timeline) - C:\Users\18706\AppData\Roaming\Mozilla\Firefox\Profiles\x0l4ausl.default\features\{d9b4f8a3-5c19-43bd-8ee7-6aa13396f85b}\timecop@mozilla.com.xpi [2020-06-29]
FF Plugin-x32: @flyordie.com/GamesPlugin -> C:\Program Files (x86)\Flyordie Plugin\npfod.dll [2020-06-27] (Solware)
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-09-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-09-24] (Oracle Corporation)

Chrome:
=======
CHR HKU\S-1-5-21-1634124706-516754031-2614381865-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mhmphnocemakkjdampibehejoaleebpo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [461824 2022-09-25] (Microsoft Corporation)
S3 AarSvc; C:\WINDOWS\SysWOW64\AarSvc.dll [352256 2022-09-25] (Microsoft Corporation)
S3 AarSvc_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
S3 AarSvc_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [385960 2020-05-19] (Windows (R) Win 7 DDK provider)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [114176 2021-05-12] (Microsoft Corporation)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1384960 2022-08-02] (Microsoft Corporation)
S3 BcastDVRUserService_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
S3 BcastDVRUserService_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [500736 2021-05-12] (Microsoft Corporation)
R3 BluetoothUserService_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
R3 BluetoothUserService_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [247296 2021-05-12] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1023488 2021-05-12] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [733696 2021-05-12] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [391168 2022-08-02] (Microsoft Corporation)
R3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [391168 2021-05-12] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [130560 2021-05-12] (Microsoft Corporation)
S3 CaptureService_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
S3 CaptureService_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1025024 2022-08-02] (Microsoft Corporation)
R3 cbdhsvc_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
R3 cbdhsvc_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [170496 2021-05-12] (Microsoft Corporation)
S3 ConsentUxUserSvc_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
S3 ConsentUxUserSvc_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHeciSvc.exe [513272 2021-01-25] (Intel Corporation)
R2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHDCPSvc.exe [527608 2021-01-25] (Intel Corporation)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [382696 2021-09-25] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_613e8; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [382696 2021-09-25] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [250000 2022-09-25] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [195240 2022-09-25] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [484352 2022-08-02] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [342016 2022-08-02] (Microsoft Corporation)
S3 DevicePickerUserSvc_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
S3 DevicePickerUserSvc_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\WINDOWS\System32\DevicesFlowBroker.dll [597504 2022-09-25] (Microsoft Corporation)
S3 DevicesFlowUserSvc_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
S3 DevicesFlowUserSvc_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
S3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [205824 2022-09-25] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [379392 2022-08-02] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1192448 2021-05-12] (Microsoft Corporation)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc.)
R2 DusmSvc; C:\WINDOWS\System32\dusmsvc.dll [341504 2019-12-07] (Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-27] (Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224144 2020-06-27] (Microsoft Corporation)
S3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [106496 2021-05-12] (Microsoft Corporation)
R2 igccservice; C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe [40696 2021-01-25] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe [409336 2021-01-25] (Intel Corporation)
S3 InstallService; C:\WINDOWS\system32\InstallService.dll [2429440 2022-09-25] (Microsoft Corporation)
S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1837568 2022-09-25] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\SocketHeciServer.exe [861976 2020-09-17] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\TPMProvisioningService.exe [784664 2020-09-17] (Intel(R) Corporation)
S3 IpxlatCfgSvc; C:\WINDOWS\System32\IpxlatCfg.dll [66048 2019-12-07] (Microsoft Corporation)
R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_7c484f80872e1cd8\jhi_service.exe [629760 2020-10-12] (Intel Corporation)
S2 LMS; C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe [4064384 2021-09-02] (Intel Corporation)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [436736 2022-09-25] (Microsoft Corporation)
S3 McpManagementService; C:\WINDOWS\System32\McpManagementService.dll [258048 2022-08-02] (Microsoft Corporation)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.50\elevation_service.exe [1685920 2022-09-22] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [134768 2021-05-12] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [104824 2021-05-12] (Microsoft Corporation)
S3 NaturalAuthentication; C:\WINDOWS\System32\NaturalAuth.dll [454656 2021-05-12] (Microsoft Corporation)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4490376 2020-09-18] (Logitech)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [106496 2021-05-12] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [463360 2022-09-25] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [372224 2022-09-25] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
S3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [333824 2022-08-02] (Microsoft Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [193104 2020-05-21] (Qualcomm Technologies Inc.)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe [2156512 2019-08-21] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [267760 2019-10-21] (Realtek Semiconductor)
R3 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [988104 2022-09-25] (Microsoft Corporation)
S3 SEMgrSvc; C:\WINDOWS\system32\SEMgrSvc.dll [1223680 2022-08-02] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [329504 2021-05-12] (Microsoft Corporation)
S3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [307200 2022-08-02] (Microsoft Corporation)
S3 spectrum; C:\WINDOWS\system32\spectrum.exe [877056 2022-08-02] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [382976 2021-05-12] ()
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd.)
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [339424 2019-12-02] (Synaptics Incorporated)
R3 TokenBroker; C:\WINDOWS\System32\TokenBroker.dll [1522176 2022-08-02] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1234944 2022-08-02] (Microsoft Corporation)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [487936 2022-08-02] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [73728 2021-05-12] (Microsoft Corporation)
S3 UdkUserSvc; C:\WINDOWS\System32\windowsudk.shellcommon.dll [2240000 2022-08-02] (Microsoft Corporation)
S3 UdkUserSvc_613e8; C:\WINDOWS\system32\svchost.exe [55320 2022-08-02] (Microsoft Corporation)
S3 UdkUserSvc_613e8; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-08-02] (Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [346448 2022-03-23] (Microsoft Corporation)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [570368 2022-09-25] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [382720 2021-05-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [427520 2022-09-25] (Microsoft Corporation)
S3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [65536 2019-12-07] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-23] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\WINDOWS\System32\wfdsconmgrsvc.dll [677888 2021-09-25] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-23] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [753568 2022-09-25] (Microsoft Corporation)
S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1253888 2021-05-12] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [854528 2022-09-25] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1866752 2022-09-25] (Microsoft Corporation)
S3 XboxGipSvc; C:\WINDOWS\System32\XboxGipSvc.dll [72704 2021-05-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [694272 2022-08-02] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [44032 2022-09-25] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [30720 2022-09-25] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-12-07] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [45568 2019-12-07] (Advanced Micro Devices, Inc)
R1 bam; C:\WINDOWS\System32\drivers\bam.sys [78136 2019-12-07] (Microsoft Corporation)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_fc93ae411c02f280\BasicDisplay.sys [68608 2022-09-25] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_ed345fdc37d65139\BasicRender.sys [38912 2022-09-25] (Microsoft Corporation)
R2 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [145768 2022-08-02] (Microsoft Corporation)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [89160 2020-05-19] (Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 BthLEEnum; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496 2021-05-12] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [45568 2022-09-25] (Microsoft Corporation)
S0 bttflt; C:\WINDOWS\System32\drivers\bttflt.sys [43832 2019-12-07] (Microsoft Corporation)
R3 CAD; C:\WINDOWS\System32\drivers\CAD.sys [66576 2019-12-07] (Microsoft Corporation)
R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [98816 2022-09-25] ()
R2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [496640 2022-09-25] (Microsoft Corporation)
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-24] (C-MEDIA)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd.)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [23040 2019-12-07] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [66560 2019-12-07] (Microsoft Corporation)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [35128 2019-12-07] (Microsoft Corporation)
S3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [30208 2019-12-07] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-12-07] (Intel Corporation)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185232 2019-05-09] (Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1035744 2019-08-21] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [884752 2019-12-07] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igdkmd64.sys [27071224 2021-01-25] (Intel Corporation)
R3 IntcDAud; C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_1b570d7b9a790b1a\IntcDAud.sys [349944 2020-05-19] (Intel(R) Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Corporation)
S3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [59704 2019-12-07] (Microsoft Corporation)
R3 iriuna0; C:\WINDOWS\system32\drivers\iriuna0.sys [46976 2021-04-06] (Windows (R) Win 7 DDK provider)
R3 iriunvid; C:\WINDOWS\System32\DriverStore\FileRepository\iriunvid.inf_amd64_031604b3a1860b9d\iriunvid.sys [164992 2022-05-05] (Windows (R) Win 7 DDK provider)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [172344 2019-12-07] (Avago Technologies)
S3 mausbhost; C:\WINDOWS\System32\drivers\mausbhost.sys [537608 2019-12-07] (Microsoft Corporation)
S3 mausbip; C:\WINDOWS\System32\drivers\mausbip.sys [64016 2019-12-07] (Microsoft Corporation)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [386048 2022-08-02] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [105480 2019-12-07] (Avago Technologies)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_e9ffe3f2557dd9e9\x64\TeeDriverW10x64.sys [300040 2020-10-12] (Intel Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024 2019-12-07] (Microsoft Corporation)
R3 MpKsl6e05d4a4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EE5A7B5D-9430-49D0-9C60-9375CFBE9B1D}\MpKslDrv.sys [228600 2022-09-27] (Microsoft Corporation)
R3 MsQuic; C:\WINDOWS\System32\drivers\msquic.sys [322376 2021-05-12] (Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [72720 2019-12-07] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [210944 2022-08-02] (Microsoft Corporation)
S0 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [168464 2019-12-07] (Microsoft Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [131424 2022-08-02] (Microsoft Corporation)
S0 pmem; C:\WINDOWS\System32\drivers\pmem.sys [142176 2022-09-25] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [27136 2019-12-07] (Microsoft Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2432592 2020-05-21] (Qualcomm Atheros, Inc.)
S0 Ramdisk; C:\WINDOWS\System32\DRIVERS\ramdisk.sys [42296 2019-12-07] (Microsoft Corporation)
S3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1167552 2020-05-13] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [453328 2019-08-16] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [35128 2019-12-07] (Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [88080 2019-12-07] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [209720 2019-12-07] (Microsemi Corportation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [49144 2019-12-02] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [49624 2019-12-02] (Synaptics Incorporated)
S3 spaceparser; C:\WINDOWS\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Corporation)
S3 SpatialGraphFilter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [90936 2019-12-07] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [62968 2019-12-02] (Synaptics Incorporated)
R0 Telemetry; C:\WINDOWS\System32\drivers\IntelTA.sys [26608 2021-05-12] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [113152 2021-05-12] (Microsoft Corporation)
R3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys [34104 2019-12-07] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys [110608 2019-12-07] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys [58368 2019-12-07] (Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys [32056 2019-12-07] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys [29496 2019-12-07] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2021-05-12] (Microsoft Corporation)
S3 VirtualRender; C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-23] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-23] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [23560 2019-12-07] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-23] (Microsoft Corporation)
S3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [261120 2022-08-02] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-27 23:26 - 2022-09-27 23:27 - 00035332 _____ C:\Users\18706\Downloads\FRST.txt
2022-09-27 23:25 - 2022-09-27 23:26 - 00000000 ____D C:\FRST
2022-09-27 23:24 - 2022-09-27 23:25 - 02424832 _____ (Farbar) C:\Users\18706\Downloads\FRST64 (4).exe
2022-09-27 23:20 - 2022-09-27 23:21 - 02371072 _____ (Farbar) C:\Users\18706\Downloads\Unconfirmed 769046.crdownload
2022-09-27 23:20 - 2022-09-27 23:21 - 02371072 _____ (Farbar) C:\Users\18706\Downloads\Unconfirmed 315624.crdownload
2022-09-27 23:16 - 2022-09-27 23:17 - 02371072 _____ (Farbar) C:\Users\18706\Downloads\Unconfirmed 67396.crdownload
2022-09-27 23:15 - 2022-09-27 23:17 - 02371072 _____ (Farbar) C:\Users\18706\Downloads\Unconfirmed 844787.crdownload
2022-09-27 22:52 - 2022-09-27 23:04 - 00293978 _____ C:\WINDOWS\ntbtlog.txt
2022-09-27 22:52 - 2022-09-27 22:52 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-09-27 12:44 - 2022-09-27 12:44 - 07333288 _____ (Tweaking.com) C:\Users\18706\Downloads\tweaking.com_registry_backup_setup (1).exe
2022-09-27 12:21 - 2022-09-27 12:22 - 05198336 _____ (AVAST Software) C:\Users\18706\Downloads\Unconfirmed 735206.crdownload
2022-09-27 12:21 - 2022-09-27 12:21 - 05198336 _____ (AVAST Software) C:\Users\18706\Downloads\Unconfirmed 701804.crdownload
2022-09-27 12:20 - 2022-09-27 12:20 - 05198336 _____ (AVAST Software) C:\Users\18706\Downloads\Unconfirmed 986206.crdownload
2022-09-27 12:16 - 2022-09-27 12:17 - 02371072 _____ (Farbar) C:\Users\18706\Downloads\Unconfirmed 458401.crdownload
2022-09-27 12:15 - 2022-09-27 12:15 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-LAPTOP-Windows-10-Home-(64-bit).dat
2022-09-27 12:15 - 2022-09-27 12:15 - 00000000 ____D C:\RegBackup
2022-09-27 12:14 - 2022-09-27 12:14 - 00019833 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2022-09-27 12:14 - 2022-09-27 12:14 - 00002315 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2022-09-27 12:14 - 2022-09-27 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2022-09-27 12:14 - 2022-09-27 12:14 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2022-09-27 12:13 - 2022-09-27 12:13 - 07333288 _____ (Tweaking.com) C:\Users\18706\Downloads\tweaking.com_registry_backup_setup.exe
2022-09-27 04:53 - 2022-09-27 04:53 - 00139223 _____ C:\Users\18706\Downloads\Screenshot 2021-11-08 173158.pdf
2022-09-25 23:38 - 2022-09-25 23:38 - 09486848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 04999680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 04408832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00966656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2022-09-25 23:38 - 2022-09-25 23:38 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSRESM.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2022-09-25 23:38 - 2022-09-25 23:38 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\quickassist.exe
2022-09-25 23:38 - 2022-09-25 23:38 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSSVC.exe
2022-09-25 23:38 - 2022-09-25 23:38 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quickassist.exe
2022-09-25 23:38 - 2022-09-25 23:38 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSTIFF.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXST30.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2022-09-25 23:38 - 2022-09-25 23:38 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2022-09-25 23:38 - 2022-09-25 23:38 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2022-09-25 23:38 - 2022-09-25 23:38 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSXP32.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00095176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2022-09-25 23:38 - 2022-09-25 23:38 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOM.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSROUTE.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2022-09-25 23:38 - 2022-09-25 23:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSMON.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinFax.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinFax.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUNATD.exe
2022-09-25 23:38 - 2022-09-25 23:38 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSEVENT.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 24272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 18767872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 06500352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 05357144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 04799336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 03656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 03560200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 02522120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 02341840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01957576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01542480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01542304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01532456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01439984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01439744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2022-09-25 23:37 - 2022-09-25 23:37 - 01353304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01345384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01302648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01261256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01136408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 01015952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00961696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2022-09-25 23:37 - 2022-09-25 23:37 - 00914168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00666112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlsrv32.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00601168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-09-25 23:37 - 2022-09-25 23:37 - 00560880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00532008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-09-25 23:37 - 2022-09-25 23:37 - 00424272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00398336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2022-09-25 23:37 - 2022-09-25 23:37 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00268040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdiageng.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00130160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.SecurityMitigationsBroker.dll
2022-09-25 23:37 - 2022-09-25 23:37 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdiagnhost.exe
2022-09-25 23:37 - 2022-09-25 23:37 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShextAutoplay.exe
2022-09-25 23:37 - 2022-09-25 23:37 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShextAutoplay.exe
2022-09-25 23:36 - 2022-09-25 23:36 - 19866112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 18080768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 04374224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2022-09-25 23:36 - 2022-09-25 23:36 - 01254912 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PayloadRestrictions.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2022-09-25 23:36 - 2022-09-25 23:36 - 00481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00380720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2022-09-25 23:36 - 2022-09-25 23:36 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdiageng.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcwutl.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00120168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2022-09-25 23:36 - 2022-09-25 23:36 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdiagschd.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngprovider.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capiprovider.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adprovider.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpapiprovider.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdiagnhost.exe
2022-09-25 23:36 - 2022-09-25 23:36 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredprovider.dll
2022-09-25 23:36 - 2022-09-25 23:36 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcwrun.exe
2022-09-25 23:35 - 2022-09-25 23:35 - 26268672 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 23446528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 07714816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2022-09-25 23:35 - 2022-09-25 23:35 - 02031952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 01953280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2022-09-25 23:35 - 2022-09-25 23:35 - 01763176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 01129592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2022-09-25 23:35 - 2022-09-25 23:35 - 01071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlsrv32.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00678736 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2022-09-25 23:35 - 2022-09-25 23:35 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2022-09-25 23:35 - 2022-09-25 23:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00380240 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_10ec.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00308584 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00299360 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00240992 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_14e4.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpresult.exe
2022-09-25 23:35 - 2022-09-25 23:35 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00150864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.HardwareId.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassvcs.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00098136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngprovider.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\capiprovider.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\adprovider.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapiprovider.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00050000 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_0C_8086.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.SecurityMitigationsBroker.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00045408 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_1969.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00045392 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_15b3.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredprovider.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00032616 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_10df.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_19a2.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2022-09-25 23:35 - 2022-09-25 23:35 - 00027488 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_1137.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00021344 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_1af4.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00019800 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_07_1415.dll
2022-09-25 23:35 - 2022-09-25 23:35 - 00018784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet_uart16550.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 14777344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 08900872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 06920704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 06377736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 06191104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 06013592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 04514184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 02752512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2022-09-25 23:34 - 2022-09-25 23:34 - 02633080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 02606592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 02433024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 02314752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 02273144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01965288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01837568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01699896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01679872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01679648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01635248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01623304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01573736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 01449984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01331544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01316704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2022-09-25 23:34 - 2022-09-25 23:34 - 01315328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01274728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01061376 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01039192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01014368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01013584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 01010264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00973312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PayloadRestrictions.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00941056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00897688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00897120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00874336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00863048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00809320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00766000 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00753568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00752520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00721576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00701424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00641896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00637712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00583144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00533552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00508928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00483680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00477808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00460200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2022-09-25 23:34 - 2022-09-25 23:34 - 00447832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00411112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00409096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingDiagSpp.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2022-09-25 23:34 - 2022-09-25 23:34 - 00324880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00321208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00311984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00295280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Print.PrintSupport.Source.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00223592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00214344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00212312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServicingUAPI.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00202592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00196736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00196264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00195248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00184368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00176608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00164232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00150320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netjoin.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00119120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00098144 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00096112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2022-09-25 23:34 - 2022-09-25 23:34 - 00094008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00085232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00073864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00073576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Integrity.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Print.Workflow.Source.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00070792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00070496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Background.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndadmin.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00062800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00054264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.SystemManufacturers.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2022-09-25 23:34 - 2022-09-25 23:34 - 00022384 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2022-09-25 23:34 - 2022-09-25 23:34 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.Native.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-25 23:34 - 2022-09-25 23:34 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2022-09-25 23:34 - 2022-09-25 23:34 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 10847592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 07645760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 04630384 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 03907584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 03819520 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 03576320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 03503912 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 02991952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 02949720 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 02846552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 02818560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 02813432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 02493440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 02203392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 02201600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 02028944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 02010464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 01948672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01876952 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01828984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2022-09-25 23:33 - 2022-09-25 23:33 - 01793536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01772544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01752504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01659392 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01577320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 01561856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 01396616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2022-09-25 23:33 - 2022-09-25 23:33 - 01395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01384192 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01328496 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01324032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01290208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01206032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 01200896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 01185112 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01129064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01078960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00925720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00906240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00883744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00821272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00807936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00757088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00747472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00649232 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00630696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00586592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00570736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00543576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00503632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2022-09-25 23:33 - 2022-09-25 23:33 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00489656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowService.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00432472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00415568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingDiagSpp.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00382800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.PrintSupport.Source.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00272752 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00268632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00266504 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00254088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\feclient.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00241200 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2022-09-25 23:33 - 2022-09-25 23:33 - 00229880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00229728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00212320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00196808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00193160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00190592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00186728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00186704 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00181096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\netjoin.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00161720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFCompanionHost.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00136040 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00134776 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rekeywiz.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00101736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00093032 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rassstp.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00070800 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00070296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndadmin.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagnosticdataquery.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00041312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00040784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpata.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00038232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00028512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdstub.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2022-09-25 23:33 - 2022-09-25 23:33 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dmpusbstor.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2022-09-25 23:33 - 2022-09-25 23:33 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2022-09-25 23:33 - 2022-09-25 23:33 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 17560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 10352936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 09037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 07987696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 06427136 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 05751776 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 04009472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 03814744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 03813376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 03769344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 03750912 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 03350528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 03283456 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 03182080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 02975232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 02626408 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 02505032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 02429440 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 02250240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 02244608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 02220376 _____ (Microsoft Corporation) C:\WINDOWS\system32\clipwinrt.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 02100592 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01880064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01712128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 01378816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01189224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01119256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01104216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 01099264 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01070936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 01054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2022-09-25 23:32 - 2022-09-25 23:32 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00995672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00988104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00962048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00904024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 00892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2022-09-25 23:32 - 2022-09-25 23:32 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00763392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00700896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00540312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2022-09-25 23:32 - 2022-09-25 23:32 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00456024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00426072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00417368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00250000 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 00221592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cimfs.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00181584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 00165744 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00134496 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00133784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00107976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Integrity.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-25 23:32 - 2022-09-25 23:32 - 00088912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00072032 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00065064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2022-09-25 23:32 - 2022-09-25 23:32 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2022-09-25 23:32 - 2022-09-25 23:32 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 05141208 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2022-09-25 23:31 - 2022-09-25 23:31 - 02657792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 02108912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 01866752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 01836544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 01787232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 01580544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 01568192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 01328464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 01271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 01172480 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 01171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00995328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00964096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00940480 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00861496 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2022-09-25 23:31 - 2022-09-25 23:31 - 00822096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00727376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00687440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00632808 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2022-09-25 23:31 - 2022-09-25 23:31 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2022-09-25 23:31 - 2022-09-25 23:31 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00491864 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2022-09-25 23:31 - 2022-09-25 23:31 - 00481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00473424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00470544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00421032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00349136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00332176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00306536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00299048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00259840 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00234344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00225104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00219984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00218464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00213856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00190800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00190288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipRenew.exe
2022-09-25 23:31 - 2022-09-25 23:31 - 00187240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2022-09-25 23:31 - 2022-09-25 23:31 - 00162128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingCSP.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2022-09-25 23:31 - 2022-09-25 23:31 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pmem.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00139624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2022-09-25 23:31 - 2022-09-25 23:31 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguagePackManagementCSP.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.ModernDeployment.ConfigProviders.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2022-09-25 23:31 - 2022-09-25 23:31 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00095576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppListBackupLauncher.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00091976 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2022-09-25 23:31 - 2022-09-25 23:31 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrinterCleanupTask.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00083816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00064856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00057680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifidatacapabilityhandler.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2022-09-25 23:31 - 2022-09-25 23:31 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00030488 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00017752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2022-09-25 23:31 - 2022-09-25 23:31 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2022-09-25 23:31 - 2022-09-25 23:31 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2022-09-25 22:49 - 2022-09-25 22:49 - 00000000 ___HD C:\$WinREAgent
2022-09-25 22:48 - 2022-07-11 23:00 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2022-09-25 22:48 - 2022-07-11 22:40 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2022-09-25 22:33 - 2022-08-03 16:57 - 01593744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfshim.dll
2022-09-25 22:33 - 2022-08-03 16:57 - 01178512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfshim.dll
2022-09-23 20:03 - 2022-09-23 20:03 - 00000000 ____D C:\WINDOWS\SystemTemp
2022-09-22 17:57 - 2022-09-24 00:52 - 00000000 ____D C:\Users\18706\Desktop\x

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-27 23:10 - 2021-05-12 06:01 - 00795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-27 23:10 - 2020-06-26 22:37 - 00000000 ____D C:\Users\18706\AppData\Local\Host App Service
2022-09-27 23:10 - 2019-12-07 04:13 - 00000000 ____D C:\WINDOWS\INF
2022-09-27 23:09 - 2019-12-07 04:14 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-27 23:06 - 2020-06-26 22:40 - 00000000 __SHD C:\Users\18706\IntelGraphicsProfiles
2022-09-27 23:05 - 2021-05-12 06:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-27 23:05 - 2021-05-12 05:44 - 00008192 ___SH C:\DumpStack.log.tmp
2022-09-27 23:05 - 2020-06-26 22:51 - 00000000 ____D C:\Intel
2022-09-27 23:05 - 2019-12-07 04:03 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-27 22:20 - 2021-05-12 05:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-27 04:07 - 2020-12-04 01:12 - 02502656 _____ C:\Users\18706\Documents\dwyco-backup-diff-f378fe210434de34b558.sql
2022-09-27 03:04 - 2020-06-27 11:07 - 00000000 ____D C:\Users\18706\AppData\Local\D3DSCache
2022-09-27 03:03 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\AppReadiness
2022-09-27 02:53 - 2021-05-12 05:44 - 00267280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-27 02:48 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-27 02:48 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-27 02:47 - 2019-12-07 04:52 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SystemResources
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\setup
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\oobe
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\Dism
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\DDFs
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\ShellExperiences
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\Provisioning
2022-09-27 02:47 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\bcastdvr
2022-09-27 02:44 - 2021-05-12 05:52 - 00000000 ____D C:\Users\18706
2022-09-26 17:36 - 2022-01-29 23:02 - 00003588 _____ C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-1634124706-516754031-2614381865-1002
2022-09-26 17:36 - 2021-05-12 06:14 - 00003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1634124706-516754031-2614381865-1002
2022-09-26 17:36 - 2021-05-12 05:52 - 00002386 _____ C:\Users\18706\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-26 17:32 - 2019-12-07 04:03 - 00000000 ____D C:\WINDOWS\CbsTemp
2022-09-25 23:31 - 2021-05-12 05:48 - 03011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-25 20:32 - 2019-12-07 04:14 - 00000000 ___HD C:\Program Files\WindowsApps
2022-09-25 20:30 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-09-24 16:22 - 2018-04-17 14:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2022-09-23 22:51 - 2020-06-27 11:05 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-23 22:51 - 2020-06-27 11:05 - 00002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-23 20:06 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2022-09-23 20:06 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-09-23 20:06 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-09-23 20:06 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-09-23 20:06 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-09-23 20:06 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-09-23 20:06 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2022-09-23 20:05 - 2019-12-07 04:14 - 00000000 ___SD C:\WINDOWS\system32\UNP
2022-09-23 20:05 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-09-23 20:05 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\migwiz
2022-09-23 20:05 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2022-09-23 20:05 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2022-09-23 20:05 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\et-EE
2022-09-23 20:05 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\es-MX
2022-09-23 20:05 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\en-GB
2022-09-23 20:04 - 2019-12-07 04:14 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-09-23 20:04 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\system32\appraiser
2022-09-23 20:03 - 2019-12-07 04:14 - 00000000 ___RD C:\WINDOWS\PrintDialog
2022-09-23 20:03 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\ShellComponents
2022-09-23 20:03 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2022-09-23 20:03 - 2019-12-07 04:14 - 00000000 ____D C:\WINDOWS\DiagTrack
2022-09-23 20:03 - 2019-12-07 04:14 - 00000000 ____D C:\Program Files\Common Files\System
2022-09-23 20:03 - 2019-12-07 04:03 - 00000000 ____D C:\WINDOWS\servicing
2022-09-23 12:50 - 2020-06-27 01:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2022-09-23 12:46 - 2020-06-27 01:20 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-23 12:44 - 2018-04-17 14:02 - 00000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-09-22 23:02 - 2020-12-04 01:12 - 02019328 _____ C:\Users\18706\Documents\dwyco-backup-diff-f378fe210434de34b558.old.sql
2022-09-22 19:43 - 2021-05-12 06:14 - 00003536 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-09-22 19:43 - 2021-05-12 06:14 - 00003412 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-09-22 17:57 - 2021-05-09 03:27 - 00000000 ____D C:\Users\18706\Desktop\no no
2022-09-22 16:32 - 2020-06-26 22:40 - 00000000 ____D C:\Users\18706\AppData\Local\Packages

==================== Files in the root of some directories =======

2020-06-26 22:50 - 2020-06-26 22:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2020-06-26 22:51 - 2020-06-26 22:51 - 0000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Some files in TEMP:
====================
2021-05-17 12:25 - 2021-05-17 12:26 - 2084616 _____ (Oracle Corporation) C:\Users\18706\AppData\Local\Temp\jre-8u291-windows-au.exe
2021-09-24 16:10 - 2021-09-24 16:10 - 2107200 _____ (Oracle Corporation) C:\Users\18706\AppData\Local\Temp\jre-8u301-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION

==================== End of FRST.txt ============================

dditional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by 18706 (27-09-2022 23:29:26)
Running from C:\Users\18706\Downloads
Windows 10 Home Version 2009 (X64) (2021-05-12 11:16:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

18706 (S-1-5-21-1634124706-516754031-2614381865-1002 - Administrator - Enabled) => C:\Users\18706
Administrator (S-1-5-21-1634124706-516754031-2614381865-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1634124706-516754031-2614381865-503 - Limited - Disabled)
Guest (S-1-5-21-1634124706-516754031-2614381865-501 - Limited - Disabled)
likit (S-1-5-21-1634124706-516754031-2614381865-1003 - Limited - Enabled) => C:\Users\likit
WDAGUtilityAccount (S-1-5-21-1634124706-516754031-2614381865-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Dolby Audio X2 Windows API SDK (Version: 0.8.8.88 - Dolby Laboratories, Inc.) Hidden
Dwyco CDC-X version 2.31 (HKU\S-1-5-21-1634124706-516754031-2614381865-1002\...\Dwyco CDC-X_is1) (Version: 2.31 - Dwyco, Inc.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1052 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (x32 Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (x32 Version: 1.47.715.0 - Intel Corporation) Hidden
Iriun Webcam version 2.7.5 (HKLM-x32\...\IriunWebcam_is1) (Version: 2.7.5 - Iriun)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Lenovo App Explorer (HKU\S-1-5-21-1634124706-516754031-2614381865-1002\...\Host App Service) (Version: 0.273.4.468 - SweetLabs for Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-1634124706-516754031-2614381865-1002\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 2.12.8.0 - Logitech Europe S.A.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.167.21 - )
Microsoft OneDrive (HKU\S-1-5-21-1634124706-516754031-2614381865-1002\...\OneDriveSetup.exe) (Version: 22.186.0904.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.16 (x86) (HKLM-x32\...\{eadb038c-8c60-4258-8cf9-e43e809329a4}) (Version: 3.1.16.30112 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
SuperNova Player (HKU\S-1-5-21-1634124706-516754031-2614381865-1002\...\TacticsTechnologySuperNova) (Version: - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 4.0.0 - Tweaking.com)
Vulkan Run Time Libraries 1.0.65.1 (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WGT Launcher (HKLM-x32\...\{E4340AAD-E352-4209-9DA2-53C71C2C7F81}) (Version: 1.2 - Topgolf USA, Inc.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1634124706-516754031-2614381865-1002_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\18706\AppData\Local\Microsoft\OneDrive\22.186.0904.0001\FileCoAuthLib64.dll (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {008539BF-83F9-4483-9E0A-EEEE6EAC0A08} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask
Task: {077333D6-06BA-4EA4-BDF4-1CD1439558F2} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {0ADF630D-EDBE-4DCC-A006-37EA17B9829E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2019-10-21] (Realtek Semiconductor)
Task: {0C598A8C-23A0-48F4-AE22-4D130EC13501} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [2022-09-23] (Microsoft Corporation)
Task: {0CBABB27-6DFC-4155-BAE7-AE919B92FEF2} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2022-08-02] (Microsoft Corporation)
Task: {0CEC0B91-4AE9-4E8A-ACB2-3B4C811F442C} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {0E2DCCB3-7B11-40CF-B973-90F22732E317} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2022-09-25] ()
Task: {1BA86AA9-BB01-499E-904B-9B574295D639} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup
Task: {26B4BEF5-3F15-40F4-8560-717B83668E26} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask
Task: {28455D79-92A4-4170-AADF-21FBDFB39D94} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange
Task: {2E6C34AC-E9FC-4625-90EB-58A9C69BA10A} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => Rundll32.exe %windir%\system32\PcaSvc.dll,PcaPatchSdbTask
Task: {304D2127-E6ED-4C82-B9B3-63B3B54A4D66} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan
Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {35525E8D-FD60-47BF-8D11-FA4F778C57C3} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-12-07] (Microsoft Corporation)
Task: {359963E2-D6ED-4234-A7F8-1B8602B84FAE} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing
Task: {3FC4BE91-4A96-48F5-8858-1628CB88EFB5} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2021-09-25] (Microsoft Corporation)
Task: {44AF7ADA-1C0D-43B1-A063-9E7581F7730B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {4703766D-D9E9-4B92-8C84-FBEFC534C708} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload
Task: {4A0DEFDA-A2B8-4736-88E1-A578E00D9704} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable
Task: {4AC64E85-22D7-4C80-AAAA-3A43E5D0DC40} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-27] (Microsoft Corporation) <==== ATTENTION
Task: {4BCE6391-0B05-40B4-B642-910B37FB1CE6} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {4F2030CE-BA8E-4122-B9A8-29AA5858973E} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {55B1C85E-5BEF-4EDB-ADD0-ECEAEF261E7C} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2022-08-02] (Microsoft Corporation)
Task: {56459180-EFEE-41F5-A5DE-1AAC75A3848F} - System32\Tasks\App Explorer => C:\Users\18706\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2022-05-23] (SweetLabs, Inc)
Task: {571A0A5E-B60E-4A25-BEFB-ABB3C6BB6B78} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {5831B3AB-A28F-4CFE-934A-A4999D092B45} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1634124706-516754031-2614381865-1002 => C:\Users\18706\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2021-12-29] (Lenovo Group Limited)
Task: {58CCC4DA-C86D-4E3D-8FAF-A7B24D8F3950} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {5D109245-B76D-4071-8593-4E0A62836A31} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "&amp; %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {5E351EE7-F0D4-4F41-A05C-907EB1A33CE8} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {5FF0A67E-795F-4586-8EEE-DFBE97892E7C} - System32\Tasks\Hewlett-Packard\HP Web Products Detection => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPWPD.exe
Task: {618B0BF2-8255-4DDC-8AEA-BF202A9572BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [2022-09-23] (Microsoft Corporation)
Task: {62D537AE-AC65-4428-B535-B9E6D5F127CB} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange
Task: {66A3F618-0C70-4F70-9BBA-735CCDB43A09} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {672936C3-A019-49BC-8E00-AE2F8B05BE8F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {6772CDAE-5113-458E-82E6-36915EF8A6B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [2022-09-23] (Microsoft Corporation)
Task: {6947E864-39F6-47B9-9634-E54685794DF7} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-27] (Microsoft Corporation) <==== ATTENTION
Task: {7C4733D2-81D6-4CA3-B30C-E00B496B9857} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable
Task: {7E2889C2-8610-40DB-A13C-8F5C812CBFF5} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner
Task: {83210F9A-2769-4E39-BC42-F98DC1356447} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery
Task: {87094343-6C1F-4855-A6B9-305BA74AB761} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {886C0D03-AA89-4B48-8A96-C6AB81E92380} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [2022-09-23] (Microsoft Corporation)
Task: {8ED2C411-7510-43C9-A180-9D84045CF0DC} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2019-10-21] (Realtek Semiconductor)
Task: {9B29B882-A95C-438B-BF91-E7C31B1D82D1} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {A08D6A77-C926-4E78-9ED0-09836E2769AE} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {A2FADBDF-6855-42F7-BDFC-F0C510EDA9BC} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {A499FA48-7057-4AC1-9702-44C6FD924058} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {A60D9ECB-A6F4-4FE1-9BD7-B049487A67E7} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings
Task: {A74EF9D1-6D6B-4566-8E25-782430F970E5} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {AF73DAAA-53AE-4CC8-8671-BE29D886B057} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {B276199D-679D-4C14-BB0A-F2687D8C14A7} - System32\Tasks\Hewlett-Packard\HPDeviceCheck => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe
Task: {BACA115B-2AD4-4EEF-94F1-3B5B8449B4AC} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {BD76146D-5506-4D93-AFD4-C6EFBF677F4F} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2022-09-25] (Microsoft Corporation)
Task: {C0D40F39-515D-4FA6-A2A4-5F17794320DF} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2022-09-25] (Microsoft Corporation)
Task: {C5D47392-881C-422A-9BF8-E4916B55CD22} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {C9316F1B-D034-4F63-B21D-28606D20E8E7} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2022-08-02] (Microsoft Corporation)
Task: {CAB76809-EDC0-40D2-A888-AD9BEDF4E88A} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2022-08-02] (Microsoft Corporation)
Task: {CADF1293-5495-426F-8E37-A30F69274AF4} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable
Task: {DA42085F-11E4-4EE1-A363-1898204812F5} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable
Task: {DAA99462-6405-4330-9689-B9A9D489C432} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting
Task: {E179D655-7FE6-4C90-BDAD-BD065AB4D1FE} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "&amp; %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {EBF36B46-CBDF-45A6-B321-60F118CB9CC3} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {EC3EFE4E-A2E4-4C66-975C-CA2EFD0D42CD} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {F8FEDA28-6261-4385-844A-684E6C988577} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {FA6D3E51-BDBD-490F-B0FD-8CECC50F7079} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2019-10-21] (Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\18706\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\18706\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2021-05-12 07:51 - 2021-05-12 07:51 - 00064552 _____ () C:\WINDOWS\system32\UMPDC.dll
2021-05-12 07:51 - 2021-05-12 07:51 - 00064552 _____ () c:\windows\system32\UMPDC.dll
2021-05-12 07:51 - 2021-05-12 07:51 - 00064552 _____ () C:\WINDOWS\SYSTEM32\UMPDC.dll
2021-09-25 22:08 - 2021-09-25 22:08 - 00657464 _____ () C:\Windows\System32\windowmanagementapi.dll
2022-08-02 17:47 - 2022-08-02 17:47 - 00706536 _____ () C:\WINDOWS\system32\TextShaping.dll
2021-05-12 18:15 - 2021-01-25 08:44 - 00164192 ____N () C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igdinfo64.dll
2021-05-12 07:51 - 2021-05-12 07:51 - 00064552 _____ () C:\WINDOWS\System32\UMPDC.dll
2022-08-02 17:47 - 2022-08-02 17:47 - 02260480 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-08-02 17:47 - 2022-08-02 17:47 - 00706536 _____ () C:\WINDOWS\SYSTEM32\TextShaping.dll
2021-09-25 22:08 - 2021-09-25 22:08 - 00657464 _____ () C:\Windows\System32\WindowManagementAPI.dll
2021-05-12 08:05 - 2021-05-12 08:05 - 00095744 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2021-05-12 07:52 - 2021-05-12 07:52 - 00363520 _____ () C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll
2019-12-07 04:08 - 2019-12-07 04:08 - 00499200 _____ () C:\Windows\ShellExperiences\TileControl.dll
2021-09-25 22:09 - 2021-09-25 22:09 - 02158592 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2022-09-23 22:50 - 2022-09-22 04:02 - 05954944 _____ () C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.50\libglesv2.dll
2022-09-23 22:50 - 2022-09-22 04:02 - 00479616 _____ () C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.50\libegl.dll
2022-09-23 22:51 - 2022-09-22 04:00 - 04169120 _____ () C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.50\vk_swiftshader.dll
2022-08-02 17:48 - 2022-08-02 17:48 - 00793416 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2021-09-25 22:08 - 2021-09-25 22:08 - 00657464 _____ () C:\WINDOWS\SYSTEM32\WindowManagementAPI.dll
2021-05-12 07:51 - 2021-05-12 07:51 - 00064552 _____ () C:\Windows\System32\UMPDC.dll
2022-09-25 23:38 - 2022-09-25 23:38 - 00461312 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\Search.Core.dll
2019-12-07 04:08 - 2019-12-07 04:08 - 00039424 _____ () C:\Windows\System32\usocoreps.dll
2022-09-25 23:31 - 2022-09-25 23:31 - 00288768 _____ () C:\WINDOWS\System32\Windows.Management.InprocObjects.dll
2022-09-23 12:51 - 2022-09-23 13:01 - 152108408 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\libcef.dll
2022-09-23 12:51 - 2022-09-23 13:02 - 05649784 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\libglesv2.dll
2022-09-23 12:51 - 2022-09-23 13:02 - 00365432 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\libegl.dll
2021-05-12 18:15 - 2021-01-25 08:44 - 00141936 ____N () C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igdinfo32.dll
2022-09-23 12:51 - 2022-09-23 13:03 - 03555192 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\vk_swiftshader.dll
2022-09-23 12:51 - 2022-09-23 13:02 - 00418168 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\RuntimeComponent.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\18706\Downloads\cdcxdwy.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\FRST64 (4).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\IriunWebcam-2.7.5.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\LogiCameraSettings_2.12.8.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\LSBSetup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\SuperNovaSetup (1).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\SuperNovaSetup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\TotalAV_Setup (1).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\TotalAV_Setup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\tweaking.com_registry_backup_setup (1).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\tweaking.com_registry_backup_setup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 315624.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 458401.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 67396.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 769046.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 844787.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\WGTLauncher.msi:SmartScreen [7]
AlternateDataStreams: C:\Users\likit\Downloads\cdcxdwy.exe:SmartScreen [7]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 18:38 - 2018-04-11 18:36 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1634124706-516754031-2614381865-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [UDP Query User{96763BC2-2B16-4C4F-B2B0-639447D3FB45}C:\users\18706\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\18706\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [TCP Query User{2144CD20-5EAE-4B7D-8CED-17A70197B775}C:\users\18706\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\18706\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [UDP Query User{F902AD70-5D19-4D50-9BC0-DF5F8A08344E}C:\users\18706\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\18706\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [TCP Query User{1C90FCDA-5F80-4618-B20B-6EFE2EE4C81F}C:\users\18706\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\18706\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [{817DE9D5-44B6-4ECF-AD3E-50CE3F1490BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{74DE449E-BE97-4FDC-B3AE-38D65310F93C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DA6E1FBA-F764-4E1D-BE57-C27171C06A34}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B3DE17B-83D5-4EDA-B535-1A1D6452F574}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68A18C2B-DA57-474E-87B7-4F1B95611589}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16010.9126.2116.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe
FirewallRules: [{256CE163-370D-4657-96D0-1A72557A19A7}] => (Allow) C:\Program Files (x86)\Iriun Webcam\IriunWebcam.exe
FirewallRules: [TCP Query User{CE455C7F-09D5-4534-A647-62A6B690CD77}C:\users\likit\documents\dwyco\cdc-x\cdcx.exe] => (Block) C:\users\likit\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [UDP Query User{29B882F1-CB5E-414B-8092-8702FCDEF25C}C:\users\likit\documents\dwyco\cdc-x\cdcx.exe] => (Block) C:\users\likit\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [{8FC42F58-7013-4111-9349-21E625E6DAE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{24B23B53-597D-4AEF-A824-C288B5D2F081}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{FA8B3430-2876-42C0-ACBD-30E1AF90E935}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{F3C307F4-4635-48A6-A769-5E14183187D2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
FirewallRules: [{FC63FFCB-F794-438B-875B-9E983E61569B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{52013DA0-0E9B-4F9D-8E42-010ACA6FD196}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C478014E-F93C-4853-BA64-3E218A99B0F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{86A3CAB0-F540-4F9C-9519-4A52F3AEB415}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{797B4379-7067-472D-BBFF-389F88EB15BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E65E3C9D-F5F8-46AF-9B51-1DA75558AAF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4BA7337C-6169-4508-806E-BFA024D40489}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{50BEC010-FD17-42B5-8EEF-F972DB263B9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.194.874.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BC31FBCC-6191-4588-970D-DDB4D357A3F8}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

==================== Restore Points =========================

02-08-2022 16:36:30 Windows Modules Installer
25-09-2022 20:27:04 Windows Modules Installer

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/25/2022 08:31:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.18.2207.7, time stamp: 0xababb3a4
Faulting module name: mpengine.dll, version: 1.1.19600.3, time stamp: 0x9c25097e
Exception code: 0xc0000005
Fault offset: 0x00000000003e5ee6
Faulting process id: 0x2e70
Faulting application start time: 0x01d8d076afc68e2d
Faulting application path: C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
Faulting module path: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B93B77CD-7087-40A9-B084-29223B10C53A}\mpengine.dll
Report Id: 3e4809a4-e7ca-4ddd-aa50-43336451687d
Faulting package full name:
Faulting package-relative application ID:

Error: (09/24/2022 07:35:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MsMpEng.exe, version: 4.18.2207.7, time stamp: 0xababb3a4
Faulting module name: mpengine.dll, version: 1.1.19600.3, time stamp: 0x9c25097e
Exception code: 0xc0000005
Fault offset: 0x000000000013f786
Faulting process id: 0x117c
Faulting application start time: 0x01d8cfb3ce3ff615
Faulting application path: C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
Faulting module path: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34666B1E-C3B5-4B76-9D23-C94BB64AB85C}\mpengine.dll
Report Id: e7667ec3-f88a-4202-aee8-25dd488443bb
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (09/27/2022 11:08:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dolby DAX2 API Service service to connect.

Error: (09/27/2022 11:06:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.

Error: (09/27/2022 11:04:56 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/27/2022 11:04:37 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP)
Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Unavailable" in order to run the server:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (09/27/2022 11:04:37 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP)
Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Unavailable" in order to run the server:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (09/27/2022 11:04:23 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP)
Description: DCOM got error "1084" attempting to start the service camsvc with arguments "Unavailable" in order to run the server:
Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (09/27/2022 11:04:06 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP)
Description: DCOM got error "1084" attempting to start the service netprofm with arguments "Unavailable" in order to run the server:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (09/27/2022 11:04:06 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP)
Description: DCOM got error "1084" attempting to start the service netprofm with arguments "Unavailable" in order to run the server:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (09/27/2022 11:04:03 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/27/2022 11:04:01 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP)
Description: DCOM got error "1084" attempting to start the service TokenBroker with arguments "Unavailable" in order to run the server:
Windows.Internal.Security.Authentication.Web.WamProviderRegistration


CodeIntegrity:
===================================
Date: 2022-09-27 23:29:54.0700000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-27 23:19:21.8650000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-27 23:08:06.8710000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-27 22:20:33.7680000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-27 19:46:36.9400000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-27 19:36:05.6040000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-27 19:24:32.7470000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-27 19:00:17.7930000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-27 17:09:04.7050000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-27 12:07:08.8860000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-8130U CPU @ 2.20GHz
Percentage of memory in use: 79%
Total physical RAM: 4005.22 MB
Available physical RAM: 801.47 MB
Total Virtual: 6821.22 MB
Available Virtual: 2967.81 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:884.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 346005D8)

Partition: GPT.

==================== End of Addition.txt ============================

Juliet
2022-09-28, 17:28
OK
This is a mess. Not sure where Farbar was downloaded from?, but it states it's very out dated?

I've put together a small script that I'm not sure if you can get it to run or not....So we'll have to experiment with that.
If possible please try to do this in normal mode, if that doesn't work let's try to go back into safe mode with networking and attempt it again.


Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator, just open it and let it wait)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::


Start::
CloseProcesses:
CreateRestorePoint:
2021-05-17 12:25 - 2021-05-17 12:26 - 2084616 _____ (Oracle Corporation) C:\Users\18706\AppData\Local\Temp\jre-8u291-windows-au.exe
2021-09-24 16:10 - 2021-09-24 16:10 - 2107200 _____ (Oracle Corporation) C:\Users\18706\AppData\Local\Temp\jre-8u301-windows-au.exe
Task: {6947E864-39F6-47B9-9634-E54685794DF7} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-27] (Microsoft Corporation) <==== ATTENTION
ShortcutWithArgument: C:\Users\18706\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\18706\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
AlternateDataStreams: C:\Users\18706\Downloads\cdcxdwy.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\FRST64 (4).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\IriunWebcam-2.7.5.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\LogiCameraSettings_2.12.8.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\LSBSetup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\SuperNovaSetup (1).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\SuperNovaSetup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\TotalAV_Setup (1).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\TotalAV_Setup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\tweaking.com_registry_backup_setup (1).exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\tweaking.com_registry_backup_setup.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 315624.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 458401.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 67396.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 769046.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\Unconfirmed 844787.crdownload:SmartScreen [7]
AlternateDataStreams: C:\Users\18706\Downloads\WGTLauncher.msi:SmartScreen [7]
AlternateDataStreams: C:\Users\likit\Downloads\cdcxdwy.exe:SmartScreen [7]
Hosts:
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
EmptyTemp:
C:\Windows\Temp\*.*
End::

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


While in safe mode with networking let's try a couple of other tools and see if they will run.


Please download AdwCleaner (https://downloads.malwarebytes.com/file/adwcleaner) and save it to your Desktop
Close all open programs and browsers
Right click on the icon and select Run as administrator
Click Scan now
Allow the program to Quarantine what it finds except for Pre-installed applications if you would like to keep those or other entries you would like to keep
When completed click View Scan Log File
Copy and paste the contents in your reply
Click Skip Basic Repair if it appears then close the program


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

You may have Malwarebytes Anti-Malware installed but if not, you can download it from here (https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/):

run the program
click on the ‘Dashboard’ to make sure everything is up to date, (it is not necessary to upgrade to the premium version of MBAM)
click on the ‘Scan’ tab, (directly below the Dashboard tab)
select the Threat Scan option
slick the Scan Now button
Threat Scan will begin
when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
if prompted to restart the computer, close all other programs and click Yes to restart your computer
once you are back at your desktop, open MBAM once more
click on the ‘Reports’ tab
double-click on the most recent Scan Report
click on Export, then Copy to Clipboard

rcb56
2022-09-28, 23:29
well! i did the copy and paste and got a prompt that it looked like i didn't know what i was doing and the tool would close! then poof! :sad::clown:

Juliet
2022-09-29, 00:22
Did you try to download and run the 2 other tools suggested?

rcb56
2022-09-29, 22:56
sorry to be so slow here but yes i ran mbam and here's that report. i guess it deleted them for when i went to look in quarantine it was empty.



# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-29-2022
# Duration: 00:01:23
# OS: Windows 10 (Build 19044.2006)
# Scanned: 32094
# Detected: 25


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki C:\Users\18706\AppData\Local\Host App Service
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\likit\AppData\Local\Host App Service
PUP.Optional.Legacy C:\Users\18706\Documents\TotalAV
PUP.Optional.PCProtect C:\ProgramData\SecuritySuite

***** [ Files ] *****

Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer
PUP.Optional.TotalAV C:\Users\18706\Downloads\TOTALAV_SETUP.EXE

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.pokki C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Adware.pokki HKCU\Software\App Host Service
Adware.pokki HKCU\Software\Host App Service
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56459180-EFEE-41F5-A5DE-1AAC75A3848F}
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.PCProtect HKCU\Software\SSProtect
PUP.Optional.TotalAV HKLM\SOFTWARE\Classes\*\shell\TotalAV
PUP.Optional.TotalAV HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\Software\Classes\totalav

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\18706\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.LenovoServiceBridge Folder C:\Users\18706\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Juliet
2022-09-30, 16:03
OK, I can see the AdwCleaner scan by chance were you able to download and run Malwarebytes Anti-Malware?
Also, you allowed it to delete or quarantine what was found?

With the computer in normal mode, what is happening now?

rcb56
2022-09-30, 19:47
yes, i'm sorry this has taken so long i've just been busy. it deleted the quarantine on it's own. when i saw the report i went to see what they were but there was nothing there.it seems to be doing ok. normally by now i'd have pop ups big time but not seen any yet. i'll hang around a bit and see.

Juliet
2022-09-30, 20:26
If you could download and run MalwareBytes it could go after remnants.

Also, you can run an online scan

ESET Online Scanner

--------------------

Note: You can expect this process to take a long time, up to several hours or more.
Download ESET Free Online Scanner (https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe) and save it to your Desktop
Right click on esetonlinescanner_enu.exe and select Run as administrator
Click Computer Scan
Click Full scan
Select Enable ESET to detect and quarantine potentially unwanted applications
Click Start scan
Once completed click Save scan log and save it to your Desktop as ESETScan.txt
Click Continue then finally click Close
Copy and paste the ESETScan.txt file contents in your reply
=================================================

rcb56
2022-10-02, 08:12
finally i made it back on, been trying all day to and one glitch after another. the pop ups are gone it seems thank you. i'll post results to the eset tomorrow. sorry i've been gone.

rcb56
2022-10-05, 03:06
well still waiting on eset to finish. it has done 68,000 files in two days. :sad::red:

Juliet
2022-10-05, 16:03
Find anything yet?
Thats a remarkable amount of time for the scanner to run, are you multitasking too?

All in all how are the pop ups now, still gone?

rcb56
2022-10-13, 05:37
ok, still no luck with eset. it's been about a week now and it has scanned 235,000 files and still going. it has listed 0 scan result files. it has taken a while before but not this long. again i apologize for my absence. this pc is an old lenovo ideapad 330 and is so slow it makes me almost cry.

Juliet
2022-10-14, 18:54
Let's bring that to an end.
If it's still running I would open task manager and do an End Task on the scanner.
Check add/remove programs list and if you see Eset listed there I would uninstall it, no sense to keep it there.

I think we can remove tools and quarantine folders now. You really need to do this sense the version of Farbar you used was outdated.

Use this tool to remove quarantined items:

Please download KpRm (https://toolslib.net/downloads/viewdownload/951-kprm) by Kernel-panik and save to your Desktop.

Click on KpRm.exe to run the tool.


Vista/Windows 7/8/10 users right-click and select Run As Administrator (http://windows.microsoft.com/en-US/windows7/How-do-I-run-an-application-once-with-a-full-administrator-access-token).

Put a check mark next to these items:


- Delete tools
- Delete now

Click the "Run" button.



When the tool has finished, it will create and open a log report and delete itself.