Results 1 to 10 of 12

Thread: I got a problem that's driving me crazy, and I can't fix it. Please help me!!!!

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Member
    Join Date
    Oct 2005
    Posts
    92

    Default I got a problem that's driving me crazy, and I can't fix it. Please help me!!!!

    I have an issue with my computer that appears to be slowing me down, and preventing me from opening files, intermittently. I've attached the Farbar documents, but can't run the aswMBR application. The logs are as follows:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-08-2020
    Ran by rabig (administrator) on LAPTOP (Dell Inc. Inspiron 5759) (28-08-2020 21:16:33)
    Running from C:\Users\rabig\Desktop
    Loaded Profiles: rabig
    Platform: Windows 10 Pro Version 2004 19041.450 (X64) Language: English (United States)
    Default browser: FF
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\acrotray.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Acrobat.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\AcroCEF\AcroCEF.exe <3>
    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
    (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0356863.inf_amd64_84f934538376d17d\B352547\atieclxx.exe
    (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0356863.inf_amd64_84f934538376d17d\B352547\atiesrxx.exe
    (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
    (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
    (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
    (Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
    (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
    (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
    (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
    (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
    (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
    (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxCUIService.exe
    (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\IntelCpHDCPSvc.exe
    (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\IntelCpHeciSvc.exe
    (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
    (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.7.124.0\McCSPServiceHost.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_6\mcapexe.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2007.24732.0_x64__8wekyb3d8bbwe\Cortana.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
    (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.518\DSAPI.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-07-09] (Synaptics Incorporated -> Synaptics Incorporated)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
    HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [516296 2016-03-27] (CyberLink Corp. -> CyberLink Corp.)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Acrotray.exe [1868336 2020-07-29] (Adobe Inc. -> Adobe Systems Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65704 2020-04-25] (Adobe Inc. -> Adobe Systems Inc)
    HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\Installer\chrmstp.exe [2020-08-18] (Google LLC -> Google LLC)
    HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-03] (Adobe Inc. -> Adobe Systems, Inc.)

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0CC3BF86-2EDE-41CC-B6F3-0FD6A5A7CC94} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-17] (Google LLC -> Google LLC)
    Task: {1F291728-8658-430C-B71F-309C84C8E533} - System32\Tasks\McUtilTask => C:\Program Files\Common Files\McAfee\UPDMGR\7.7.128.1\mcupdutl.exe [1328720 2020-07-27] (McAfee, LLC -> McAfee, LLC)
    Task: {37B5976A-559B-43C8-A875-752EE97D6EA7} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {3A67462E-8300-4759-9922-B4B105E94C17} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155488 2020-08-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {41A4AFF0-CF79-47CE-86F5-00D0D899714A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    Task: {55D05A99-8D48-4C27-9470-D997FFDD0508} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.10.620\mcdatrep.exe [1881392 2020-08-20] (McAfee, Inc. -> McAfee, LLC.)
    Task: {5FA5D143-425C-41B9-A4F7-4008498BC532} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2703312028-2751286023-2314976691-500 => C:\Users\rabig\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
    Task: {740F1B40-2DD9-4ACE-B71D-DCE6B9FE837E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
    Task: {773F10C9-16C9-4F08-BD42-D9CFC47A6E2A} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4194704 2020-07-22] (McAfee, Inc. -> McAfee, LLC)
    Task: {7D1C72E2-B9C7-432C-95D0-A709CDE6C9A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-17] (Google LLC -> Google LLC)
    Task: {7FB549E7-42E8-4F41-B9A5-B134E451086C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155488 2020-08-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {850645C1-B64D-4F30-BE8E-71A2D5DDC554} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1077064 2020-07-24] (McAfee, LLC -> McAfee, LLC)
    Task: {8AC0290A-D7CD-4968-A108-100F6CCBEB50} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4596480 2020-06-19] (McAfee, LLC -> McAfee, LLC)
    Task: {BE6E2858-4D79-4ADD-B92A-1A8CD20C8399} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {CF461E9F-C31D-4927-8507-785C99E1E739} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC)
    Task: {D2BE8F82-5201-4959-ACC8-3B9091EAFB09} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1045976 2020-07-06] (Dell Inc. -> Dell Inc.)
    Task: {E41D0C04-0082-4A42-9349-0A1339F39D72} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
    Task: {F1E72798-375E-4222-A36E-5E6F76B67491} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
    Task: {FE933384-877C-431E-8A5D-F7C533BB95F9} - System32\Tasks\Agent Activation Runtime\S-1-5-21-2703312028-2751286023-2314976691-1004 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-06-18] (Microsoft Windows -> )
    "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
    Task: {FF32A200-4B55-4EF0-BC19-31D4CAA16306} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1077064 2020-07-24] (McAfee, LLC -> McAfee, LLC)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
    Tcpip\..\Interfaces\{85caa427-0856-400b-b299-4fafce2b1c7c}: [DhcpNameServer] 10.0.0.1
    Tcpip\..\Interfaces\{b0e830f0-2f59-4b50-b3a3-d96386249133}: [DhcpNameServer] 10.1.0.112 10.1.0.51 8.8.8.8 8.8.4.4

    Internet Explorer:
    ==================
    HKU\S-1-5-21-2703312028-2751286023-2314976691-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.earthlink.net/
    SearchScopes: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004 -> DefaultScope {15F595F9-2F4A-4895-9C5D-B06468CDC74A} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
    SearchScopes: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004 -> {15F595F9-2F4A-4895-9C5D-B06468CDC74A} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-08-25] (McAfee, LLC -> McAfee, LLC)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-08-25] (McAfee, LLC -> McAfee, LLC)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2016-06-30] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-07-28] (McAfee, LLC -> McAfee, LLC)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-07-28] (McAfee, LLC -> McAfee, LLC)

    Edge:
    ======
    Edge Profile: C:\Users\rabig\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-28]
    Edge Extension: (Cisco Webex Extension) - C:\Users\rabig\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmihkeafcknlomclapaddfljaeegfbdl [2020-08-07]
    Edge HKLM-x32\...\Edge\Extension: [cmihkeafcknlomclapaddfljaeegfbdl]

    FireFox:
    ========
    FF DefaultProfile: u8ylndvy.default
    FF ProfilePath: C:\Users\rabig\AppData\Roaming\Mozilla\Firefox\Profiles\u8ylndvy.default [2020-07-07]
    FF ProfilePath: C:\Users\rabig\AppData\Roaming\Mozilla\Firefox\Profiles\r242nyai.default-release-1593981884449 [2020-08-28]
    FF Homepage: Mozilla\Firefox\Profiles\r242nyai.default-release-1593981884449 -> hxxp://my.earthlink.net/
    FF Extension: (Cisco Webex Extension) - C:\Users\rabig\AppData\Roaming\Mozilla\Firefox\Profiles\r242nyai.default-release-1593981884449\Extensions\ciscowebexstart1@cisco.com.xpi [2020-07-05]
    FF Extension: (Cisco WebEx Extension) - C:\Program Files\Mozilla Firefox\distribution\extensions\ciscowebexstart1@cisco.com.xpi [2020-06-11]
    FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-04-25]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-07-28] (McAfee, LLC -> )
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-07-28] (McAfee, LLC -> )
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-06-11] (Cisco WebEx LLC -> Cisco WebEx LLC)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Air\nppdf32.dll [2020-07-29] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)

    Chrome:
    =======
    CHR Profile: C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default [2020-08-28]
    CHR Notifications: Default -> hxxps://www.facebook.com
    CHR Extension: (Slides) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-17]
    CHR Extension: (Docs) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-17]
    CHR Extension: (Google Drive) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-17]
    CHR Extension: (YouTube) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-17]
    CHR Extension: (Adobe Acrobat) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-08-06]
    CHR Extension: (Sheets) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-17]
    CHR Extension: (Google Docs Offline) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-14]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-17]
    CHR Extension: (Gmail) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-17]
    CHR Extension: (Chrome Media Router) - C:\Users\rabig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-16]
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
    CHR HKLM-x32\...\Chrome\Extension: [jlhmfgmfgeifomenelglieieghnjghma]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10566536 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
    R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
    R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3455536 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
    R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [294448 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
    R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [40656 2020-04-09] (Dell Inc -> )
    R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.518\DSAPI.exe [965104 2020-07-19] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
    R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36544 2020-04-17] (Dell Inc -> )
    R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955144 2020-08-25] (McAfee, LLC -> McAfee, LLC)
    R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-07-27] (McAfee, LLC -> McAfee, LLC)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.7.124.0\\McCSPServiceHost.exe [2726312 2020-07-29] (McAfee, LLC -> McAfee, LLC)
    S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
    R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
    R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1743864 2020-08-06] (McAfee, LLC -> McAfee, LLC)
    R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4221040 2020-07-29] (McAfee, LLC -> McAfee, LLC)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5097344 2020-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [33240 2020-07-06] (Dell Inc. -> Dell Inc.)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-29] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146240 2020-06-11] (Cisco WebEx LLC -> Cisco WebEx LLC)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-29] (Microsoft Windows Publisher -> Microsoft Corporation)

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
    R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35208 2020-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
    R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
    S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
    S3 IntelDFUACPI; C:\WINDOWS\System32\drivers\IntelDFUACPI.sys [24456 2014-10-16] (Intel(R) Software Products -> Intel(R) Corporation)
    R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
    R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
    S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
    R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
    R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
    R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
    S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
    R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
    R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
    S3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [60944 2015-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    R3 t6sta; C:\WINDOWS\System32\Drivers\t6sta.sys [161608 2020-06-01] (Magic Control Technology Corp. -> Magic Control Technology Corporation)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-29] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-29] (Microsoft Windows -> Microsoft Corporation)
    R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp. -> CyberLink Corp.)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-08-28 21:16 - 2020-08-28 21:20 - 000031305 _____ C:\Users\rabig\Desktop\FRST.txt
    2020-08-28 21:14 - 2020-08-28 21:19 - 000000000 ____D C:\FRST
    2020-08-28 21:12 - 2020-08-28 21:12 - 002298368 _____ (Farbar) C:\Users\rabig\Desktop\FRST64.exe
    2020-08-28 21:10 - 2020-08-28 21:10 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-LAPTOP-Windows-10-Pro-(64-bit).dat
    2020-08-28 21:10 - 2020-08-28 21:10 - 000000000 ____D C:\RegBackup
    2020-08-28 21:09 - 2020-08-28 21:09 - 000017985 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
    2020-08-28 21:09 - 2020-08-28 21:09 - 000002319 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2020-08-28 21:09 - 2020-08-28 21:09 - 000002319 _____ C:\ProgramData\Desktop\Tweaking.com - Registry Backup.lnk
    2020-08-28 21:09 - 2020-08-28 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2020-08-28 21:09 - 2020-08-28 21:09 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
    2020-08-28 21:07 - 2020-08-28 21:07 - 000270283 _____ C:\Users\rabig\Desktop\_BEFORE You POST_(Please read this Procedure Before Requesting Assistance)- Updated.pdf
    2020-08-28 21:03 - 2020-08-28 21:03 - 005766144 _____ (Tweaking.com) C:\Users\rabig\Desktop\tweaking.com_registry_backup_setup.exe
    2020-08-28 16:45 - 2020-08-28 16:45 - 000458224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2020-08-23 12:08 - 2020-08-23 12:08 - 000000000 ____D C:\Users\rabig\AppData\Local\cache
    2020-08-23 12:02 - 2020-08-23 12:02 - 000000000 ____D C:\ProgramData\Propagation
    2020-08-22 17:27 - 2020-08-22 17:27 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
    2020-08-22 17:27 - 2020-08-22 17:27 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
    2020-08-22 17:27 - 2020-08-22 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
    2020-08-22 17:27 - 2020-08-22 17:27 - 000000000 ____D C:\Program Files (x86)\AMD
    2020-08-22 17:21 - 2020-08-22 17:21 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
    2020-08-20 19:55 - 2020-08-20 19:55 - 000003474 _____ C:\WINDOWS\system32\Tasks\McUtilTask
    2020-08-20 19:54 - 2020-08-20 19:54 - 000002142 _____ C:\Users\Public\Desktop\McAfee LiveSafe.lnk
    2020-08-20 19:54 - 2020-08-20 19:54 - 000002142 _____ C:\ProgramData\Desktop\McAfee LiveSafe.lnk
    2020-08-20 19:54 - 2020-08-20 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2020-08-20 19:52 - 2020-08-20 19:52 - 000141193 _____ C:\Users\rabig\Downloads\dataConfig.cab
    2020-08-20 19:52 - 2020-08-20 19:52 - 000013749 _____ C:\Users\rabig\Downloads\daConfig.cab
    2020-08-20 19:52 - 2020-08-20 19:52 - 000000000 ____D C:\Users\rabig\Downloads\Scripts
    2020-08-20 19:52 - 2020-08-20 19:52 - 000000000 ____D C:\Users\rabig\AppData\Roaming\WSSInstallHelper
    2020-08-20 19:52 - 2020-08-20 19:52 - 000000000 ____D C:\Users\rabig\AppData\Roaming\CSISDownload
    2020-08-20 19:51 - 2020-08-20 19:51 - 021041952 _____ (McAfee, LLC) C:\Users\rabig\Downloads\WSSInstallHelper.exe
    2020-08-13 17:38 - 2020-08-13 17:38 - 004819968 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 004273664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 001707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 001423360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
    2020-08-13 17:38 - 2020-08-13 17:38 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 026271744 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 024264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 023434752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 019868160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 018766848 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 018071040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 008894656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 008229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 007596032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 007104000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 006406144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 005990344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 005820416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 004783328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 004523520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 004362832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 004307456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 003859968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 003661312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 003547280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2020-08-13 17:37 - 2020-08-13 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2020-08-13 17:37 - 2020-08-13 17:37 - 002686464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 002523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
    2020-08-13 17:37 - 2020-08-13 17:37 - 002520056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 002422072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 002265336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 002254544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
    2020-08-13 17:37 - 2020-08-13 17:37 - 002113032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 002018632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001980744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001879488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001818568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001719096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001717760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001616576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001557832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 001506616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001501000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001352248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001328936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001314616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001309512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2020-08-13 17:37 - 2020-08-13 17:37 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 001252864 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001233408 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 001225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001221632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001181200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001117328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001090560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 001014888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000945152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000930304 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000920904 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000913120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000801544 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdcpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000759784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2020-08-13 17:37 - 2020-08-13 17:37 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000696760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000675640 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000665256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2020-08-13 17:37 - 2020-08-13 17:37 - 000638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000630088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000600376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
    2020-08-13 17:37 - 2020-08-13 17:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000581576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000530440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000528360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000517976 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000500952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000495840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000471600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcIso.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
    2020-08-13 17:37 - 2020-08-13 17:37 - 000468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000442680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServerClient.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallControlPanel.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000367416 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Vault.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000362064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
    2020-08-13 17:37 - 2020-08-13 17:37 - 000360024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000353256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
    2020-08-13 17:37 - 2020-08-13 17:37 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FrameServerClient.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxpTaskSync.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000324424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallControlPanel.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000303288 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.FileExplorer.Common.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vault.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxpTaskSync.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000217912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000195128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dsui.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000166288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsievaluator.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000162616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsigpext.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercpl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dsui.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000142008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000138928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000137016 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcl.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\recovery.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountControlSettings.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsdefenderapplicationguardcsp.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndadmin.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidfdp.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcacli.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000042808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidnsp.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msidcrl40.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000009281 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
    2020-08-13 17:37 - 2020-08-13 17:37 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
    2020-08-13 17:37 - 2020-08-13 17:37 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
    2020-08-13 17:37 - 2020-08-13 17:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 014754816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 010925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 010336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 007972696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 007628208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 006362176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 006188544 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 005858136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 005420648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 005056000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 004746752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 004629312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 004003384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 003999744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 003913216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 003867136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 003843584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 003818472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 003810816 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 003806720 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 003750400 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 003588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 003181056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002994504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 002947584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 002918728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002806160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002744832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 002587464 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002541056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002450944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002433024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002403328 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002259968 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002245632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002202112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002178040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 002023688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001868152 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001805744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2020-08-13 17:36 - 2020-08-13 17:36 - 001777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001695216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001641472 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001596464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001538664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 001504768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001472824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 001430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 001394552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2020-08-13 17:36 - 2020-08-13 17:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001337168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001323520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001314616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001255424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001209624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 001197752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001158656 _____ C:\WINDOWS\system32\MBR2GPT.EXE
    2020-08-13 17:36 - 2020-08-13 17:36 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001095168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001044880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001041920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001024744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001019008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000994616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Facilitator.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000976680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000943416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000912744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000881624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000876544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000825864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000760120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000755664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000749960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000747864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000725608 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000707024 _____ C:\WINDOWS\system32\TextShaping.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000706032 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000660584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000647992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000639920 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000602184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000583608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000548544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000538440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000524088 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UiaManager.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000509248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000502600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2020-08-13 17:36 - 2020-08-13 17:36 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000440120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000417376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000381704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000373560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000288152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000264704 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000253016 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000249672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000213352 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000202568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000195248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000180040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000172496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000167896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000151864 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\control.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mskeyprotcli.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000134984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000132744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountControlSettings.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000123968 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000118072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MaintenanceUI.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000116040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidfdp.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000099640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000094496 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000092960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcacli.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndadmin.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidnsp.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000064824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000061752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagnosticdataquery.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDriverRetrievalClient.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000042312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000033096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
    2020-08-13 17:36 - 2020-08-13 17:36 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000017224 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
    2020-08-13 17:36 - 2020-08-13 17:36 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msidcrl40.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
    2020-08-13 17:36 - 2020-08-13 17:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 008004728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 006709248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 006192640 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 005771904 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 004582288 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
    2020-08-13 17:35 - 2020-08-13 17:35 - 003846144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 003779400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 003062784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 002242048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 002103712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 002101248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsudk.shellcommon.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001930200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001922048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001766912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001763640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 001514496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001184360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 001093432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001089336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001046528 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001030656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 001030656 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000938416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000900936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000843416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000808248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000678200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000639288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\UiaManager.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2020-08-13 17:35 - 2020-08-13 17:35 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000454984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000420464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000418800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000401720 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000359936 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000314168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000293176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApproveChildRequest.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000215880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000214840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mskeyprotcli.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\control.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000153600 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2020-08-13 17:35 - 2020-08-13 17:35 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000090416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\GPCSEWrapperCsp.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifidatacapabilityhandler.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
    2020-08-13 17:35 - 2020-08-13 17:35 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2020-08-13 17:35 - 2020-08-13 17:35 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
    2020-08-13 17:35 - 2020-08-13 17:35 - 000026600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IntelTA.sys
    2020-08-13 17:35 - 2020-08-13 17:35 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
    2020-08-13 17:15 - 2020-07-17 22:22 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2020-08-13 17:15 - 2020-07-17 22:01 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2020-08-13 10:30 - 2020-08-13 10:30 - 000056054 _____ C:\Users\rabig\Downloads\DAConfig.json
    2020-08-13 10:30 - 2020-08-13 10:30 - 000000085 _____ C:\Users\rabig\Downloads\DADataRetentionPolicy.json
    2020-08-07 17:57 - 2020-08-07 17:57 - 000014042 _____ C:\Users\rabig\Desktop\Transaction receipt from M AND M FACTORY SERVICE for $100.00 (USD) on 6-26-2020.pdf
    2020-08-07 17:41 - 2020-08-28 17:02 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2020-08-07 17:41 - 2020-08-28 17:02 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
    2020-08-07 17:41 - 2020-08-28 17:02 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
    2020-08-07 17:41 - 2020-08-28 16:51 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2020-08-07 17:41 - 2020-08-28 16:51 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
    2020-08-06 18:33 - 2020-08-06 18:33 - 000000000 ____D C:\Users\rabig\AppData\Roaming\Intel Corporation
    2020-08-05 18:20 - 2020-08-05 18:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2020-08-05 18:20 - 2020-08-05 18:20 - 000000000 ____D C:\Users\Default\AppData\Roaming\Intel Corporation
    2020-08-05 18:20 - 2020-08-05 18:20 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Intel Corporation
    2020-08-05 18:20 - 2020-08-05 18:20 - 000000000 ____D C:\Program Files\Common Files\Intel Corporation
    2020-08-05 18:19 - 2020-08-05 18:19 - 000000000 ____D C:\Program Files\Common Files\Intel
    2020-08-03 17:20 - 2020-08-03 17:20 - 000015872 _____ C:\Users\rabig\Desktop\Notes.msg
    2020-07-29 16:54 - 2020-07-29 16:54 - 000000000 ____D C:\ProgramData\PCDr_Backup_DBA678

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-08-28 21:12 - 2020-06-17 18:10 - 000000000 ____D C:\Users\rabig\AppData\LocalLow\Mozilla
    2020-08-28 21:12 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2020-08-28 21:08 - 2020-06-17 23:33 - 000000000 ____D C:\Users\rabig\Documents\Outlook
    2020-08-28 21:07 - 2020-06-19 22:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
    2020-08-28 21:07 - 2020-06-19 22:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
    2020-08-28 20:08 - 2020-06-17 21:21 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
    2020-08-28 19:53 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
    2020-08-28 19:52 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Registration
    2020-08-28 19:47 - 2020-06-18 22:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2020-08-28 19:47 - 2020-06-18 21:49 - 000008192 ___SH C:\DumpStack.log.tmp
    2020-08-28 19:47 - 2020-06-15 21:16 - 000000000 ____D C:\Intel
    2020-08-28 19:47 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
    2020-08-28 19:45 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2020-08-28 19:06 - 2020-06-18 21:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2020-08-28 17:29 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
    2020-08-28 17:29 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
    2020-08-28 17:17 - 2020-06-18 22:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
    2020-08-28 16:46 - 2020-06-17 19:13 - 000000000 ____D C:\Program Files (x86)\McAfee
    2020-08-28 16:45 - 2020-07-03 16:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2020-08-27 22:27 - 2020-06-17 18:10 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2020-08-25 18:23 - 2020-07-04 21:29 - 000000000 ____D C:\Users\rabig\AppData\Local\D3DSCache
    2020-08-24 17:31 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2020-08-24 17:03 - 2020-06-17 17:56 - 000000000 ____D C:\Users\rabig\AppData\Local\AMD
    2020-08-24 07:17 - 2019-12-07 05:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2020-08-23 19:41 - 2020-06-17 17:54 - 000000000 ____D C:\Users\rabig\AppData\Local\Packages
    2020-08-23 18:45 - 2020-06-17 22:40 - 000000000 ____D C:\Users\rabig\Documents\Recipes
    2020-08-22 17:27 - 2020-06-15 21:15 - 000000000 ____D C:\Program Files\AMD
    2020-08-22 17:25 - 2020-06-15 21:15 - 000000000 ____D C:\ProgramData\Package Cache
    2020-08-22 17:22 - 2020-06-15 21:15 - 000000000 ____D C:\AMD
    2020-08-20 17:08 - 2020-06-17 17:54 - 000000000 __SHD C:\Users\rabig\IntelGraphicsProfiles
    2020-08-19 22:49 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2020-08-19 19:37 - 2020-07-01 20:34 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2020-08-19 17:49 - 2020-07-04 18:56 - 000000000 ____D C:\Users\rabig\AppData\Local\ElevatedDiagnostics
    2020-08-18 20:21 - 2020-06-17 18:08 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2020-08-18 20:21 - 2020-06-17 18:08 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2020-08-18 20:21 - 2020-06-17 18:08 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
    2020-08-17 21:08 - 2020-06-17 22:40 - 000000000 ____D C:\Users\rabig\Documents\Resume
    2020-08-17 17:06 - 2020-06-17 19:53 - 000000000 ____D C:\Program Files\Microsoft Office
    2020-08-17 16:57 - 2020-06-18 21:55 - 000797554 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2020-08-16 16:49 - 2020-06-17 19:12 - 000000000 ____D C:\Program Files\Common Files\McAfee
    2020-08-16 16:48 - 2020-06-18 22:02 - 000003316 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
    2020-08-16 16:46 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2020-08-14 00:02 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2020-08-14 00:02 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
    2020-08-13 18:53 - 2020-06-18 22:02 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
    2020-08-13 18:23 - 2020-06-18 22:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
    2020-08-13 18:16 - 2020-06-17 22:40 - 000000000 ____D C:\Users\rabig\Documents\Receipts
    2020-08-13 17:43 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
    2020-08-13 16:57 - 2020-06-18 18:43 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
    2020-08-13 16:57 - 2020-06-18 18:43 - 000002131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
    2020-08-05 18:23 - 2020-06-18 18:04 - 000000000 ____D C:\ProgramData\Intel
    2020-08-05 18:21 - 2020-06-15 21:16 - 000000000 ____D C:\Program Files\Intel
    2020-08-05 18:20 - 2020-06-18 18:40 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2020-08-05 18:20 - 2020-06-18 18:04 - 000000000 ____D C:\Program Files (x86)\Intel
    2020-07-31 17:25 - 2020-06-17 22:40 - 000000000 ____D C:\Users\rabig\Documents\Queens College

    ==================== Files in the root of some directories ========

    2020-06-20 07:09 - 2020-06-20 07:09 - 000000000 _____ () C:\Users\rabig\AppData\Local\oobelibMkey.log

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-08-2020
    Ran by rabig (28-08-2020 21:20:52)
    Running from C:\Users\rabig\Desktop
    Windows 10 Pro Version 2004 19041.450 (X64) (2020-06-19 02:03:26)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2703312028-2751286023-2314976691-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-2703312028-2751286023-2314976691-503 - Limited - Disabled)
    Guest (S-1-5-21-2703312028-2751286023-2314976691-501 - Limited - Disabled)
    rabig (S-1-5-21-2703312028-2751286023-2314976691-1004 - Administrator - Enabled) => C:\Users\rabig
    WDAGUtilityAccount (S-1-5-21-2703312028-2751286023-2314976691-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
    FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat DC (2015) (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0E0F06755100}) (Version: 15.006.30527 - Adobe Systems Incorporated)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
    Catalyst Control Center Next Localization BR (HKLM\...\{658D9D92-2733-E8FA-B31E-C264902DDFBD}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (HKLM\...\{743885D6-1B53-7B56-437D-56B32DAAF522}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (HKLM\...\{19F1603B-1CC7-9057-27D6-7376D2EC0165}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (HKLM\...\{51D588C1-A0C9-1C56-DF03-7BECEB829770}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (HKLM\...\{D1000796-511E-0A49-39B4-D125C8258CA6}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (HKLM\...\{DBB0B902-73E6-3521-15C2-6998C63A6129}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (HKLM\...\{99B2E1B4-5D98-8B59-DD39-4E4992821703}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (HKLM\...\{A67403D6-8FA6-BEB2-E55B-91635BFF70B3}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (HKLM\...\{DD0C2473-8594-5D35-8048-5FAF76196D9E}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (HKLM\...\{FFED5E09-AA96-7352-22FB-944FC47BBCB5}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (HKLM\...\{416D7723-3B10-D406-0A84-8DF69ED131ED}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (HKLM\...\{75959794-FADB-743F-70C9-1BFAB0B37E24}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (HKLM\...\{B7CC66D4-D5B7-C345-BF1D-1695ABF7C23A}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (HKLM\...\{3261D423-2791-D2C6-68FF-B248B1412F12}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (HKLM\...\{884B39AE-C737-8EE2-AB54-64E593B42C4C}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (HKLM\...\{C7A04DCF-0305-1955-6663-8905CF530A11}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (HKLM\...\{D7438F64-B441-1F37-FB0A-C9EAF4ECFDAB}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (HKLM\...\{4D447284-F649-D2BC-5FD7-E8853CA26E24}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (HKLM\...\{C1776FAC-8CC8-3EE2-47A5-38671A83661B}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (HKLM\...\{967CEFF4-8D1A-C70C-FACE-C81F07DF0553}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (HKLM\...\{7D7982D5-9BA1-47EF-DE19-896D78027265}) (Version: 2016.1206.1960.35982 - Advanced Micro Devices, Inc.) Hidden
    Cisco Webex Meetings (HKLM-x32\...\{C138C448-9453-F523-D6F2-95B8F573AC85}) (Version: 40.6.3.8 - Cisco Webex LLC)
    CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1510.60 - CyberLink Corp.)
    Dell Digital Delivery (HKLM-x32\...\{7B2D0B6F-F02D-4363-ACDF-00DE6247ACBC}) (Version: 3.5.2015.0 - Dell Products, LP)
    Dell Digital Delivery Services (HKLM-x32\...\{CC5730C7-C867-43BD-94DA-00BB3836906F}) (Version: 4.0.52.0 - Dell Inc.)
    Dell SupportAssist (HKLM\...\{57CBE96A-3AA5-4421-A87C-6C6C3B6C5ECA}) (Version: 3.6.0.97 - Dell Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.135 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
    HP Color LaserJet Pro M452 (HKLM-x32\...\{60cc8319-2c81-4d9b-84ca-88a4faa33aff}) (Version: 16.0.19116.636 - Hewlett-Packard)
    HP Color LaserJet Pro MFP M477 (HKLM-x32\...\{15758d59-89d2-4595-b92f-0145a142f8f7}) (Version: 16.0.19137.738 - Hewlett-Packard)
    HP Dropbox Plugin (HKLM-x32\...\{19EDEC5D-055E-4AD0-88AC-C342608FC47E}) (Version: 36.0.445.57508 - HP)
    HP Google Drive Plugin (HKLM-x32\...\{1B225296-B1F1-40B3-8427-844E97CB2D1B}) (Version: 36.0.445.57508 - HP)
    HPCLJProM452 (HKLM-x32\...\{E7E2297B-B657-470B-9575-1B5ED16581D5}) (Version: 0.05.0000 - Hewlett-Packard) Hidden
    HPCLJProMFPM477 (HKLM-x32\...\{9F4A8FAA-994E-4623-AB4C-D00F51DA189D}) (Version: 0.05.0000 - Hewlett-Packard) Hidden
    HPDXP (HKLM-x32\...\{6606E82C-8500-4D36-B453-7D41274B14BB}) (Version: 3.0.26.15 - HP) Hidden
    HPDXP (HKLM-x32\...\{76D91695-09BD-4006-BDBF-DD68BD27B62C}) (Version: 3.0.26.16 - HP) Hidden
    I.R.I.S. OCR (HKLM-x32\...\{CF10F6BC-C710-4F6F-B7E1-4057699A59AA}) (Version: 12.3.6.10 - HP)
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
    Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
    Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
    LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
    McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R27 - McAfee, LLC)
    Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13029.20344 - Microsoft Corporation)
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.41 - Microsoft Corporation)
    Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
    Mozilla Firefox 80.0 (x64 en-US) (HKLM\...\Mozilla Firefox 80.0 (x64 en-US)) (Version: 80.0 - Mozilla)
    Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20236 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
    Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
    WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.145 - McAfee, LLC)

    Packages:
    =========
    Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.41.5.0_x86__kgqvnymyfvs32 [2020-08-21] (king.com)
    Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.52.0_x64__htrsf667h5kn2 [2020-06-17] (Dell Inc)
    Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.6.6.0_x64__htrsf667h5kn2 [2020-07-19] (Dell Inc)
    Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.42.4.0_x86__kgqvnymyfvs32 [2020-08-18] (king.com)
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-06-17] (HP Inc.)
    iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa [2020-07-30] (Apple Inc.) [Startup Task]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-17] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-17] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-19] (Microsoft Studios) [MS Ad]
    MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-06-17] (Microsoft Corporation)
    MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-06-17] (Microsoft Corporation) [MS Ad]
    Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0 [2020-08-21] (Spotify AB) [Startup Task]

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\rabig\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\rabig\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\rabig\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => No File
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-07-28] (McAfee, LLC -> McAfee, LLC)
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_763182f3860a4408\igfxDTCM.dll [2020-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-07-28] (McAfee, LLC -> McAfee, LLC)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    ==================== Loaded Modules (Whitelisted) =============

    2020-04-09 20:11 - 2020-04-09 20:11 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
    2020-07-29 15:32 - 2020-07-29 15:32 - 000508003 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\plug_ins\Accessibility.api
    2020-07-29 15:32 - 2020-07-29 15:32 - 000112739 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\plug_ins\IA32.api
    2020-07-29 15:32 - 2020-07-29 15:32 - 000436835 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\plug_ins\SaveAsRTF.api
    2020-07-29 15:32 - 2020-07-29 15:32 - 000139363 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\plug_ins\Updater.api
    2020-02-26 04:05 - 2020-02-26 04:05 - 001518592 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
    2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
    2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
    2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
    2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
    2020-05-03 05:13 - 2020-05-03 05:13 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
    2020-02-26 04:13 - 2020-02-26 04:13 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
    2019-12-04 03:48 - 2019-12-04 03:48 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
    2019-12-04 03:49 - 2019-12-04 03:49 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
    2020-02-26 04:13 - 2020-02-26 04:13 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer trusted/restricted ==========

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2019-03-19 00:49 - 2019-03-19 00:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2703312028-2751286023-2314976691-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\rabig\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
    DNS Servers: 10.0.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{30EEC998-82BB-4A4E-BBD5-2DC2B83273C1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD16\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.)
    FirewallRules: [{862A6606-7367-4C49-B841-23AB6ACD74C5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD16\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
    FirewallRules: [{7FEDAC1C-A724-4EF3-B48A-F18650BBEFFB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe (CyberLink Corp. -> CyberLink Corp.)
    FirewallRules: [{43977C62-6DDE-4255-BEEC-3BE194D89B32}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe (CyberLink Corp. -> CyberLink)
    FirewallRules: [{32D51641-1DB6-444D-964D-A2DCFC2B952E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
    FirewallRules: [{B5DAFD69-F5F7-4DA9-88ED-01AEE5AD9B95}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
    FirewallRules: [{20EC0648-A74B-40E7-9EBF-CDE888D213BF}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
    FirewallRules: [{3728FB45-C145-4E15-9B68-61C5DE73B370}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
    FirewallRules: [{E20F8370-6DBE-425A-8400-3462D616304F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{ED315F27-6F5B-4C03-A949-447BFB155E39}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{899662CD-A004-4E13-9150-87CC403C93A5}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\60cc8319-2c81-4d9b-84ca-88a4faa33aff\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
    FirewallRules: [{FF48055F-DD7D-4168-AFB4-50F8A70CD70B}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\60cc8319-2c81-4d9b-84ca-88a4faa33aff\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
    FirewallRules: [{9DFB5ED7-D0ED-4167-9451-102B8AE2359F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{A0AA94C3-E8D1-4B54-9EBB-6A85859C946B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{1486CAC3-664A-4FCE-880F-33A019AAC435}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{964FC925-BB5E-4694-B653-B59055055360}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{1F2B1DCE-6A70-4922-919C-73934F61E309}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{A1F648C4-48F0-41BD-A34F-48909447354D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{D76CAA7E-51F0-42E7-909F-83ED66393C57}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{7BBE5606-6C18-4AE6-8E90-9F734AE9DEE9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{16E90CA3-255A-475A-8075-12AA91074BE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{6A63263E-6FB3-4778-8874-664AA4BE1AB9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{20775493-CB3D-48CE-B411-5DC054FCE911}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{B81C5F3A-1B04-4929-8CBA-3208FA29DC8D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{D90EEF25-3EDD-473C-AE69-F52F015F2AF2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{BF5CBC9F-CE23-48C2-9DC6-C326616F76FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{654381F4-CA4E-439B-B1F1-1FD2F34AE0ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{5C41E8B7-CE7E-4A1E-8C5F-3729D512BCB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{DE7F7110-9E77-494F-BF1B-B4065892B8A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{A043591D-3D2E-4A3C-836D-34EB02817759}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{BCDEE8C2-F6B1-42B5-8463-6F2EA40109E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{1FEBBCFE-B624-4A48-815C-A09443C28FA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{2C34530D-11CA-4BEC-BF30-7C93C9287722}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{B90066B4-9BF0-4B40-806A-51D8E079459B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

    ==================== Restore Points =========================

    22-08-2020 16:49:29 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (08/28/2020 05:29:02 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: svchost.exe_AarSvc, version: 10.0.19041.1, time stamp: 0x7f0c4c00
    Faulting module name: ucrtbase.dll, version: 10.0.19041.423, time stamp: 0xccf6a09c
    Exception code: 0xc0000409
    Fault offset: 0x000000000007284e
    Faulting process id: 0x3234
    Faulting application start time: 0x01d67d823d6c7b43
    Faulting application path: C:\WINDOWS\system32\svchost.exe
    Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
    Report Id: 606ceb94-6919-4e56-ba49-8a8998c9e14d
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (08/27/2020 11:59:43 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
    .

    Error: (08/27/2020 11:59:43 PM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
    ]

    Error: (08/27/2020 11:59:43 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
    .

    Error: (08/27/2020 11:59:43 PM) (Source: VSS) (EventID: 13) (User: )
    Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
    ]

    Error: (08/27/2020 05:17:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program explorer.exe version 10.0.19041.423 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 1b14

    Start Time: 01d67cb74f258fe8

    Termination Time: 0

    Application Path: C:\Windows\explorer.exe

    Report Id: f92720a4-d76b-4aad-980c-6d9b74427d50

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown

    Error: (08/26/2020 05:11:30 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: svchost.exe_AarSvc, version: 10.0.19041.1, time stamp: 0x7f0c4c00
    Faulting module name: agentactivationruntime.dll, version: 10.0.19041.423, time stamp: 0x5da6e79a
    Exception code: 0xc0000005
    Fault offset: 0x000000000005baf5
    Faulting process id: 0x3108
    Faulting application start time: 0x01d67bed74783cfa
    Faulting application path: C:\WINDOWS\system32\svchost.exe
    Faulting module path: c:\windows\system32\agentactivationruntime.dll
    Report Id: 4d793995-98a0-47b8-9453-909b0a81de04
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (08/25/2020 05:03:28 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: svchost.exe_AarSvc, version: 10.0.19041.1, time stamp: 0x7f0c4c00
    Faulting module name: ucrtbase.dll, version: 10.0.19041.423, time stamp: 0xccf6a09c
    Exception code: 0xc0000409
    Fault offset: 0x000000000007284e
    Faulting process id: 0x3024
    Faulting application start time: 0x01d67b2319f1effd
    Faulting application path: C:\WINDOWS\system32\svchost.exe
    Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
    Report Id: 9e6085b5-2e0d-45fd-860d-1a71e0931bad
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (08/28/2020 05:29:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Agent Activation Runtime_493f3b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (08/27/2020 11:59:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
    Description: The server {C82192EE-6CB5-4BC0-9EF0-FB818773790A} did not register with DCOM within the required timeout.

    Error: (08/27/2020 11:59:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
    Description: The server {C82192EE-6CB5-4BC0-9EF0-FB818773790A} did not register with DCOM within the required timeout.

    Error: (08/27/2020 11:59:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
    Description: The server {C82192EE-6CB5-4BC0-9EF0-FB818773790A} did not register with DCOM within the required timeout.

    Error: (08/27/2020 11:59:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
    Description: The server {C82192EE-6CB5-4BC0-9EF0-FB818773790A} did not register with DCOM within the required timeout.

    Error: (08/27/2020 11:59:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
    Description: The server {C82192EE-6CB5-4BC0-9EF0-FB818773790A} did not register with DCOM within the required timeout.

    Error: (08/27/2020 11:59:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
    Description: The server {C82192EE-6CB5-4BC0-9EF0-FB818773790A} did not register with DCOM within the required timeout.

    Error: (08/27/2020 05:24:28 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Intel(R) Management and Security Application Local Management Service service hung on starting.


    Windows Defender:
    ===================================
    Date: 2020-06-29 22:26:36.0700000Z
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan ID: {3AE495DB-0113-4210-907B-BD943743769B}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    CodeIntegrity:
    ===================================

    Date: 2020-08-28 20:16:19.4770000Z
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

    Date: 2020-08-28 20:16:19.4210000Z
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

    Date: 2020-08-28 19:54:09.2270000Z
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

    Date: 2020-08-28 19:54:09.2180000Z
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

    Date: 2020-08-28 19:54:09.2060000Z
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

    Date: 2020-08-28 19:52:19.2700000Z
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-08-28 19:52:19.2610000Z
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-08-28 19:52:19.2540000Z
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    BIOS: Dell Inc. 1.7.0 05/10/2019
    Motherboard: Dell Inc. 05NVNV
    Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
    Percentage of memory in use: 33%
    Total physical RAM: 16275.9 MB
    Available physical RAM: 10845.39 MB
    Total Virtual: 18707.9 MB
    Available Virtual: 11777.74 MB

    ==================== Drives ================================

    Drive c: (Windows) (Fixed) (Total:1861.9 GB) (Free:1554.24 GB) NTFS

    \\?\Volume{bd92cc2c-331d-41c1-b362-5388970a38fc}\ (Recovery) (Fixed) (Total:0.73 GB) (Free:0.28 GB) NTFS
    \\?\Volume{45487981-198a-483c-bca7-75a0bf9a2346}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (Size: 1863 GB) (Disk ID: 3A709739)

    Partition: GPT.

    ==================== End of Addition.txt =======================
    Bigalo

  2. #2
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,935

    Default

    Hi
    Not really seeing anything malicious here but, I am seeing some errors thrown out from event viewer.

    https://www.thewindowsclub.com/syste...estore-windows

    To check if your System Restore has been disabled or not, type Control Panel in Start Search and hit Enter to open it. Click on System to open Control Panel’s System applet.

    In the left pane, you will see System protection. Click on it to open System Properties. Under System Protection tab, you will see the Protection Settings.

    Ensure that Protection is set to ‘On’ for the System drive.

    If not, select the System Drive or C Drive and press the Configure button.

    Select Turn on system protection and click on Apply.

    You will have enabled System Restore on Windows 10/8/7.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Let's get rid of some junk first.

    Start Farbar Recovery Scan Tool with Administrator privileges
    (Right click on the FRST icon and select Run as administrator)

    highlight on the text below and select Copy.
    beginning with Start:: and finishing with End::
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Highlight the entire content of the quote box below and select Copy.


    Start::
    CloseProcesses:
    CreateRestorePoint:
    HKLM-x32\...\Run: [] => [X]
    SearchScopes: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    CustomCLSID: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\rabig\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\rabig\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\rabig\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    EmptyTemp:
    C:\Windows\Temp\*.*
    End::
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    Start FRST (FRST64) with Administrator privileges
    Press the Fix button. FRST will process the lines copied above from the clipboard.
    When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

    Please copy and paste its contents in your next reply.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Download and run AdwCleaner

    Download AdwCleaner from here and save it to your desktop.

    • run AdwCleaner by clicking on Scan Now
    • when it has finished, leave everything that was found checked, (ticked), then click on Clean and Repair
    • if it asks to reboot, allow the reboot
    • on reboot, click on View Log File; please attach the content of the log to your next reply.

    ============================================



    Run Malwarebytes Anti-Malware

    You may have Malwarebytes Anti-Malware installed but if not, you can download it from here:
    • run the program
    • click on the ‘Dashboard’ to make sure everything is up to date, (it is not necessary to upgrade to the premium version of MBAM)
    • click on the ‘Scan’ tab, (directly below the Dashboard tab)
    • select the Threat Scan option
    • slick the Scan Now button
    • Threat Scan will begin
    • when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
    • if prompted to restart the computer, close all other programs and click Yes to restart your computer
    • once you are back at your desktop, open MBAM once more
    • click on the ‘Reports’ tab
    • double-click on the most recent Scan Report
    • click on Export, then Copy to Clipboard

    Logs to include with the next post:

    Fixlog.txt
    AdwCleaner log
    Mbam.txt




    The logs do not indicate any obvious infection

    McAfee also looks to be possibly blocking some valid programs, but further research may be needed with their support.
    Date: 2020-08-28 20:16:19.4770000Z
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~```
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Member
    Join Date
    Oct 2005
    Posts
    92

    Default

    Fix result of Farbar Recovery Scan Tool (x64) Version: 29-08-2020
    Ran by rabig (29-08-2020 12:56:08) Run:1
    Running from C:\Users\rabig\Desktop
    Loaded Profiles: rabig
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    CloseProcesses:
    CreateRestorePoint:
    HKLM-x32\...\Run: [] => [X]
    SearchScopes: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    CustomCLSID: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\rabig\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\rabig\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\rabig\AppData\Local\Microsoft\OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll => No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    EmptyTemp:
    C:\Windows\Temp\*.*

    *****************

    Processes closed successfully.
    Restore point was successfully created.
    "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\" => removed successfully
    HKU\S-1-5-21-2703312028-2751286023-2314976691-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
    HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
    HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
    HKU\S-1-5-21-2703312028-2751286023-2314976691-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
    HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully

    =========== "C:\Windows\Temp\*.*" ==========

    C:\Windows\Temp\adobegc.log => moved successfully
    C:\Windows\Temp\af397ef28e484961ba48646a5d38cf54.db.ses => moved successfully
    Could not move "C:\Windows\Temp\CMcUploader.log" => Scheduled to move on reboot.
    "C:\Windows\Temp\dat268F.tmp" => not found
    C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
    C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
    C:\Windows\Temp\LAPTOP-20200827-1714.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200827-2001.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200827-2104.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200827-2200.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200828-1646.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200828-1650.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200828-1650a.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200828-1709.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200828-1734.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200828-1948.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200828-1954.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200828-2139.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200828-2145.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200829-1206.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200829-1213.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200829-1213a.log => moved successfully
    C:\Windows\Temp\LAPTOP-20200829-1213b.log => moved successfully
    Could not move "C:\Windows\Temp\LAPTOP-20200829-1256.log" => Scheduled to move on reboot.
    C:\Windows\Temp\mat-debug-10008.log => moved successfully
    C:\Windows\Temp\mat-debug-10120.log => moved successfully
    C:\Windows\Temp\mat-debug-13192.log => moved successfully
    C:\Windows\Temp\mat-debug-14520.log => moved successfully
    C:\Windows\Temp\mat-debug-9584.log => moved successfully
    C:\Windows\Temp\msedge_installer.log => moved successfully
    C:\Windows\Temp\officeclicktorun.exe_streamserver(2020082819481412AC).log => moved successfully
    C:\Windows\Temp\officeclicktorun.exe_streamserver(2020082912062713AC).log => moved successfully
    Could not move "C:\Windows\Temp\officeclicktorun.exe_streamserver(202008291256091008).log" => Scheduled to move on reboot.

    ========= End -> "C:\Windows\Temp\*.*" ========


    =========== EmptyTemp: ==========

    BITS transfer queue => 11821056 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 83144300 B
    Java, Flash, Steam htmlcache => 0 B
    Windows/system/drivers => 3316150 B
    Edge => 3066247 B
    Chrome => 732731261 B
    Firefox => 1145408710 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 6656 B
    Users => 6656 B
    ProgramData => 6656 B
    Public => 6656 B
    systemprofile => 2776505 B
    systemprofile32 => 2776505 B
    LocalService => 3186973 B
    NetworkService => 3207649 B
    rabig => 63138169 B

    RecycleBin => 0 B
    EmptyTemp: => 1.9 GB temporary data Removed.

    ================================

    Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-08-2020 13:12:02)

    C:\Windows\Temp\CMcUploader.log => Could not move
    C:\Windows\Temp\LAPTOP-20200829-1256.log => Is moved successfully
    C:\Windows\Temp\officeclicktorun.exe_streamserver(202008291256091008).log => Is moved successfully

    ==== End of Fixlog 13:12:02 ====

    # -------------------------------
    # Malwarebytes AdwCleaner 8.0.7.0
    # -------------------------------
    # Build: 07-22-2020
    # Database: 2020-07-20.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 08-29-2020
    # Duration: 00:00:03
    # OS: Windows 10 Pro
    # Cleaned: 15
    # Failed: 0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    No malicious folders cleaned.

    ***** [ Files ] *****

    Deleted C:\Users\rabig\Downloads\ReimageRepair.exe
    Deleted C:\Windows\Reimage.ini

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks cleaned.

    ***** [ Registry ] *****

    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    Deleted HKCU\Software\Reimage
    Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
    Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
    Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
    Deleted HKLM\Software\Reimage
    Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
    Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
    Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs cleaned.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries cleaned.

    ***** [ Preinstalled Software ] *****

    No Preinstalled Software cleaned.


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [3783 octets] - [29/08/2020 13:19:22]
    AdwCleaner[S01].txt - [3844 octets] - [29/08/2020 13:21:08]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 8/29/20
    Scan Time: 1:35 PM
    Log File: 0e91f26e-ea1e-11ea-a6bd-28f10e4af884.json

    -Software Information-
    Version: 4.2.0.82
    Components Version: 1.0.1025
    Update Package Version: 1.0.29203
    License: Trial

    -System Information-
    OS: Windows 10 (Build 19041.450)
    CPU: x64
    File System: NTFS
    User: LAPTOP\rabig

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 285889
    Threats Detected: 1
    Threats Quarantined: 1
    Time Elapsed: 5 min, 24 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 1
    PUP.Optional.Reimage, HKU\S-1-5-21-2703312028-2751286023-2314976691-1004\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Fixer - Windows Problem Relief., Quarantined, 388, 709541, 1.0.29203, , ame, , ,

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)
    Bigalo

  4. #4
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,935

    Default

    Download
    ESET Online Scanner
    and save it to your desktop.

    • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
    • When the tool opens, click Get Started.
    • Read and accept the license agreement.
    • At the Welcome to ESET Online Scanner window, click Get Started.
    • Select whether you would like to send anonymous data to ESET.
    • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
    • Click on the Full Scan option.
    • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
    • ESET will now begin scanning your computer. This may take some time.
    • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
    • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
    • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
    • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

    ---------------------------------------------------

    How is the computer now?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #5
    Member
    Join Date
    Oct 2005
    Posts
    92

    Default

    My system appears to be running fine; however, my mouse pointer continues to flicker as it if waiting on an action to complete. In addition, I had to run the scan twice. After it ran the first time, it stated that there was one item that was detected. As I was getting ready to save the file, I lost power. After running it again, there were no items detected. The report is as follows:

    8/30/2020 17:59:42 PM
    Files scanned: 338561
    Detected files: 0
    Cleaned files: 0
    Total scan time: 02:40:09
    Scan status: Finished
    Bigalo

  6. #6
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,935

    Default

    The mouse acting as it does sounds like Hardware....or battery?
    Have you checked the manufacturer web site to see if you have updates for your computer?

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
    Let's try the below and see if it has some kind of effect.

    System File Checker in Windows 10/8/7
    Open start and search for cmd or Command prompt and right click on it and run it as administrator and then type the following command:

    sfc /scannow

    And let it runs and see what is the result.

    https://www.thewindowsclub.com/how-t...indows-7-vista
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •