Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2021 01 Ran by 91709 (administrator) on DESKTOP-GNNB30U (Dell Inc. G3 3579) (09-05-2021 02:28:03) Running from C:\Users\91709\Desktop Loaded Profiles: 91709 Platform: Windows 10 Home Single Language Version Dev 21370.1 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\25_dell_corp_mobile_cfl_iigd_dch.inf_amd64_2273390925f9b131\IntelCpHDCPSvc.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\25_dell_corp_mobile_cfl_iigd_dch.inf_amd64_2273390925f9b131\IntelCpHeciSvc.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b45888eb9ae3930b\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b45888eb9ae3930b\igfxEM.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_6e36ff62fa5f51a5\OneApp.IGCC.WinService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Client Connectivity Division SW -> Intel Corporation) C:\Program Files (x86)\Intel\Thunderbolt Software\ConditionalAppStarter.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> ) C:\Windows\System32\AggregatorHost.exe (Microsoft Windows -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.21370.1_none_7bd85180aa17e897\TiWorker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\NisSrv.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmsi.inf_amd64_f8cde6a00407aaae\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3326348feda52885\RtkAudUService64.exe <3> (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe [1222536 2018-12-06] (Waves Inc -> Waves Audio Ltd.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3326348feda52885\RtkAudUService64.exe [1232240 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [431160 2021-02-22] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-27] (Adobe Inc. -> ) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [287648 2021-04-06] (IDSA Production signing key 2021 -> Intel) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-2768028787-2044878470-836221256-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-27] (Adobe Inc. -> ) HKU\S-1-5-21-2768028787-2044878470-836221256-1001\...\Run: [Discord] => C:\Users\91709\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> HKLM\Software\...\Winlogon\GPExtensions: [{8472C2C4-6B70-4301-A20D-A6CEA5F82B7E}] -> C:\WINDOWS\System32\StartTileData.dll [2021-04-25] (Microsoft Windows -> Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04B19CAD-E951-4025-AC0E-2A6DF3F8A621} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe] Task: {04C91C94-9F61-4CBF-BDCB-B74AECF6C725} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_AcquireFOD => C:\WINDOWS\System32\ShellUpdateAgentTask.exe [72704 2021-04-25] (Microsoft Windows -> Microsoft Corporation) Task: {0B7E9313-5BB8-4D72-9414-9622FD3FB80E} - System32\Tasks\Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup => C:\WINDOWS\system32\MdmDiagnosticsTool.exe [90112 2021-04-25] (Microsoft Windows -> Microsoft Corporation) Task: {0BEDE2D5-AF79-4B29-A6F6-776BBA03CDE9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0CE04987-C3BC-45DC-A939-7156DDEA438C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {10A09D49-EA10-4AD9-8535-F535CFABC46A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-13] (Google LLC -> Google LLC) Task: {1AB44333-73E7-4158-8902-A827644236BF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {36FFE4A9-56EC-42DC-918D-C3D492B04B68} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll [245760 2021-04-25] (Microsoft Windows -> Microsoft Corporation) Task: {4434A079-6913-4211-B447-0B0DBACA646B} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_SetCBSEndOfLife => C:\WINDOWS\System32\ShellUpdateAgentTask.exe [72704 2021-04-25] (Microsoft Windows -> Microsoft Corporation) Task: {443805BC-33B9-4E3E-998B-B6C7BD350D08} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe Task: {49E15489-157C-4C90-BC89-C308D184613A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {4AB7D5D7-58B1-4F7D-BEE1-541348572EC1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {4D64E0C3-519E-4B68-9FA7-80994E58E5B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {528DBB28-E1CA-4F77-9DB4-7FDC6BCCECA7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {5657A7E8-C7A2-4E0D-937A-2EFC606F1148} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {5ABA60F7-AE62-4AB8-B112-3E5B22CB1B1D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {5ED5FB00-24C1-4136-A6EA-41B9433BD247} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {62E0EED4-B253-470A-A94F-07022F73B0B0} - System32\Tasks\microsoft\windows\capabilityaccessmanager\maintenancetasks => %windir%\system32\rundll32.exe %windir%\system32\CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance Task: {64AF7B04-9B93-4354-85CC-1BA9406E9F81} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {6884439A-3AE2-4385-A37B-539E83BA95F3} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {710FE49F-7206-4B83-8D4C-0EACF881985B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService Task: {8374EE05-80C3-4770-8DE6-C70FF6BD3336} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {84387CFB-A7CC-4F25-928E-B8115E0B8F42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-13] (Google LLC -> Google LLC) Task: {848CFF33-F0D2-4F42-8C83-EB4B3BCB977D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) Task: {863EED01-A161-463F-9384-08F0E7A6CDC6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9227380F-7C02-49F5-BA41-ED8638E98F14} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\Windows\System32\PrinterCleanupTask.dll [118784 2021-04-25] (Microsoft Windows -> Microsoft Corporation) Task: {9C593750-95AA-405D-A690-C697D0FAF54E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {9D345AB6-E705-44B5-B4CA-78789792C4BC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {9E3B33EE-958B-4AA8-9BEB-320328895DC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {ABB94CC2-E54E-4603-AC1A-FD08967EC48A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B2B0556F-99AD-4B5F-9388-B287259301D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B3AD6C6A-3DDA-4B88-A7E4-B90E98993BC1} - System32\Tasks\Microsoft\Windows\Kernel\La57Cleanup => C:\WINDOWS\system32\la57setup.exe [36864 2021-04-25] (Microsoft Windows -> Microsoft Corporation) Task: {B4596AD9-DB70-42A2-BC5E-76DD198F623D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {B926A9E5-40C8-417F-9E06-A76E75535C5C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BDB6644B-BF9D-4C18-BCCD-E33CD90EEDE8} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [98304 2021-04-25] (Microsoft Windows -> Microsoft Corporation) Task: {C4B25315-05E9-425B-816A-964E890018C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C5A4D71C-C65A-41EE-B84D-C4417DE20667} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {C656E815-FE7A-419A-ABA6-02D35B0964CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CB9A8B44-612A-49E7-BAC9-8C0E0997D279} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MpCmdRun.exe [591160 2021-05-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E6CAE4E3-B39C-460B-AF84-0893777DE9EC} - System32\Tasks\Microsoft\Windows\Shell\UpdateAgentTask_RemoveFOD => C:\WINDOWS\System32\ShellUpdateAgentTask.exe [72704 2021-04-25] (Microsoft Windows -> Microsoft Corporation) Task: {EB6E4091-352D-427B-93EC-11D3B0C155CB} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7a0ababa-50cd-412f-b8ff-df7da9f117ad}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7d7798d7-bd8f-4fc4-8d99-a906de0e3ad1}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: C:\Users\91709\Downloads Edge DefaultProfile: Default Edge Profile: C:\Users\91709\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-08] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\91709\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-05-08] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-08] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-08] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-02-22] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\91709\AppData\Local\Google\Chrome\User Data\Default [2021-05-09] CHR Notifications: Default -> hxxps://service.mcafee.com CHR Extension: (Google Drive) - C:\Users\91709\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-15] CHR Extension: (YouTube) - C:\Users\91709\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-15] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\91709\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-05-08] CHR Extension: (Grammarly for Chrome) - C:\Users\91709\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-05-07] CHR Extension: (Quick translator) - C:\Users\91709\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmgfjbnbdobnciflclaceibkcailcac [2021-03-15] CHR Extension: (Chrome Web Store Payments) - C:\Users\91709\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-15] CHR Extension: (Gmail) - C:\Users\91709\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-15] CHR Extension: (Chrome Media Router) - C:\Users\91709\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2021-02-22] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation) S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-25] (Dell Technologies Inc. -> Dell Technologies Inc.) S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-25] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-25] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [48832 2020-11-19] (Dell Inc -> ) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-01-14] (PC-Doctor, Inc. -> PC-Doctor, Inc.) S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{BFC50D8E-A06C-4803-9283-AA5AF54CA779} [41248 2021-04-25] (Microsoft Windows -> Microsoft Corporation) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> ) S3 FrameServerMonitor; C:\WINDOWS\system32\FrameServerMonitor.dll [319488 2021-04-25] (Microsoft Windows -> Microsoft Corporation) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2021-03-09] (Mixbyte Inc -> Freemake) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-08] (Malwarebytes Inc -> Malwarebytes) S3 McpManagementService; C:\WINDOWS\System32\McpManagementService.dll [299008 2021-04-25] (Microsoft Windows -> Microsoft Corporation) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2021-03-19] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2021-03-19] (McAfee, Inc. -> McAfee, LLC) S3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [646248 2021-03-19] (McAfee, Inc. -> McAfee, LLC) S3 NPSMSvc; C:\WINDOWS\System32\npsm.dll [225280 2021-04-25] (Microsoft Windows -> Microsoft Corporation) S3 NPSMSvc; C:\WINDOWS\SysWOW64\npsm.dll [163840 2021-04-25] (Microsoft Windows -> Microsoft Corporation) S3 P9RdrService; C:\WINDOWS\system32\p9rdrservice.dll [122880 2021-04-25] (Microsoft Windows -> Microsoft Corporation) R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.) S2 Red Giant Service; C:\Program Files\Red Giant\Services\Red Giant Service.exe [5950024 2020-01-05] (Red Giant LLC -> Red Giant LLC) S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.) R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3326348feda52885\RtkAudUService64.exe [1232240 2021-01-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks) R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\NisSrv.exe [2599312 2021-05-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0\MsMpEng.exe [128376 2021-05-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmsi.inf_amd64_f8cde6a00407aaae\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmsi.inf_amd64_f8cde6a00407aaae\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3436320 2021-04-25] (Microsoft Windows -> Marvell Semiconductor Inc.) S0 ebdrv0; C:\WINDOWS\System32\drivers\evbd0a.sys [3418912 2021-04-25] (Microsoft Windows -> QLogic Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-08] (Malwarebytes Inc -> Malwarebytes) S3 ExecutionContext; C:\WINDOWS\System32\Drivers\ExecutionContext.sys [61440 2021-04-25] (Microsoft Windows -> Microsoft Corporation) S3 HidSpiCx; C:\WINDOWS\System32\drivers\HidSpiCx.sys [118784 2021-04-25] (Microsoft Windows -> Microsoft Corporation) R0 IntelPMT; C:\WINDOWS\System32\drivers\IntelPMT.sys [69952 2021-04-25] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-08] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-08] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-08] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-08] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-08] (Malwarebytes Inc -> Malwarebytes) S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [96032 2021-04-25] (Microsoft Windows -> Broadcom Inc) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [531896 2021-03-19] (McAfee, Inc. -> McAfee, LLC) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [385464 2021-03-19] (McAfee, Inc. -> McAfee, LLC) R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [107448 2021-03-19] (McAfee, Inc. -> McAfee, LLC) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85944 2021-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522168 2021-03-19] (McAfee, Inc. -> McAfee, LLC) R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [91576 2021-03-19] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1019832 2021-03-19] (McAfee, Inc. -> McAfee, LLC) R1 mfenlfk; C:\WINDOWS\system32\DRIVERS\mfenlfk.sys [82360 2021-03-19] (McAfee, Inc. -> McAfee, LLC) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2021-03-19] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2021-03-19] (McAfee, Inc. -> McAfee, LLC) S0 mpi3drvi; C:\WINDOWS\System32\drivers\mpi3drvi.sys [83232 2021-04-25] (Microsoft Windows -> Broadcom Limited) S3 MpKsl1dc3b2e2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3FD7217D-C6FF-4707-81EC-8AC4D17AAF95}\MpKslDrv.sys [107744 2021-05-08] (Microsoft Windows -> Microsoft Corporation) S3 NDKPerf; C:\WINDOWS\System32\drivers\NDKPerf.sys [74016 2021-04-25] (Microsoft Windows -> ) S0 nvmedisk; C:\WINDOWS\System32\drivers\nvmedisk.sys [78112 2021-04-25] (Microsoft Windows -> Microsoft Corporation) R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_f0d3ef86545db657\rtcx21x64.sys [409000 2021-04-19] (Realtek Semiconductor Corp. -> Realtek) R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 Usb4DeviceRouter; C:\WINDOWS\System32\DriverStore\FileRepository\usb4devicerouter.inf_amd64_3b99e8905466b4fd\Usb4DeviceRouter.sys [774432 2021-04-25] (Microsoft Windows -> Microsoft Corporation) S3 Usb4HostRouter; C:\WINDOWS\System32\DriverStore\FileRepository\usb4hostrouter.inf_amd64_f5c36ae970d6d89b\Usb4HostRouter.sys [520480 2021-04-25] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-08] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-05-09 02:28 - 2021-05-09 02:30 - 000034725 _____ C:\Users\91709\Desktop\FRST.txt 2021-05-09 00:57 - 2021-05-09 02:33 - 1039987604 _____ C:\Users\91709\Downloads\_Getintopc.com_Adobe_Media_Encoder_2021_v15.0.0.37x64.rar 2021-05-08 23:11 - 2021-05-08 23:11 - 000002479 _____ C:\Users\91709\Desktop\FSS.txt 2021-05-08 23:02 - 2021-05-08 23:02 - 000909824 _____ (Farbar) C:\Users\91709\Desktop\FSS.exe 2021-05-08 23:01 - 2021-05-09 02:26 - 000000000 ____D C:\Users\91709\AppData\LocalLow\IGDump 2021-05-08 23:01 - 2021-05-08 23:01 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-05-08 23:00 - 2021-05-08 23:00 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-05-08 23:00 - 2021-05-08 23:00 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-05-08 22:50 - 2021-05-08 22:50 - 000001093 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2021-05-08 22:50 - 2021-05-08 22:50 - 000001093 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk 2021-05-08 22:49 - 2021-05-08 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2021-05-08 22:49 - 2021-05-08 22:49 - 000000000 ____D C:\Program Files\VS Revo Group 2021-05-08 21:57 - 2021-05-08 21:57 - 000001227 _____ C:\Users\91709\Desktop\report Malwarebytes.txt 2021-05-08 21:43 - 2021-05-08 21:43 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-05-08 21:43 - 2021-05-08 21:43 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-05-08 21:43 - 2021-05-08 21:43 - 000002031 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-05-08 21:43 - 2021-05-08 21:43 - 000000000 ____D C:\Users\91709\AppData\Local\mbam 2021-05-08 21:42 - 2021-05-08 21:42 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-05-08 21:42 - 2021-05-08 21:42 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-05-08 21:42 - 2021-05-08 21:42 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-05-08 21:42 - 2021-05-08 21:42 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-05-08 21:42 - 2021-05-08 21:42 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-05-08 21:41 - 2021-05-08 21:41 - 000000000 ____D C:\Program Files\Malwarebytes 2021-05-08 21:36 - 2021-05-08 21:36 - 002078632 _____ (Malwarebytes) C:\Users\91709\Desktop\MBSetup.exe 2021-05-08 21:31 - 2021-05-08 21:31 - 008534696 _____ (Malwarebytes) C:\Users\91709\Downloads\adwcleaner_8.2.exe 2021-05-08 21:03 - 2021-05-08 21:06 - 000018252 _____ C:\Users\91709\Downloads\Fixlog.txt 2021-05-08 20:50 - 2021-05-08 20:51 - 000002020 _____ C:\Users\91709\Desktop\Fixlog.txt 2021-05-08 20:37 - 2021-05-08 20:37 - 016931420 _____ C:\Users\91709\Downloads\_Getintopc.com_Revo_Uninstaller_Pro_4.3.3_Multilingual.rar 2021-05-08 20:35 - 2021-05-08 20:36 - 007495512 _____ (VS Revo Group ) C:\Users\91709\Downloads\revosetup.exe 2021-05-08 19:42 - 2021-05-08 19:42 - 003761896 _____ (AnyDesk Software GmbH) C:\Users\91709\Downloads\AnyDesk.exe 2021-05-08 19:12 - 2021-05-08 19:12 - 002298880 _____ (Farbar) C:\Users\91709\Desktop\FRST64.exe 2021-05-08 10:20 - 2021-05-08 10:17 - 000164640 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2021-05-08 06:57 - 2021-05-08 06:57 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000026-000000.txt 2021-05-08 05:23 - 2021-05-08 05:23 - 000000000 ____D C:\Users\91709\Documents\VideoCopilot 2021-05-08 04:38 - 2021-05-08 04:38 - 000001272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2021.lnk 2021-05-08 04:38 - 2021-05-08 04:38 - 000000000 ____D C:\Users\Public\Documents\Adobe 2021-05-08 04:38 - 2021-05-08 04:38 - 000000000 ____D C:\ProgramData\Documents\Adobe 2021-05-06 22:27 - 2021-05-06 22:27 - 000000000 ____D C:\Users\91709\AppData\Roaming\Telegram Desktop UWP 2021-05-04 16:38 - 2021-05-08 10:36 - 000000000 ___HD C:\$WINDOWS.~BT 2021-05-02 11:10 - 2021-05-02 11:10 - 002690882 _____ C:\Users\91709\Downloads\wp-rocket_3.8.8.zip 2021-05-02 11:06 - 2021-05-02 11:06 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2768028787-2044878470-836221256-1001 2021-05-02 11:06 - 2021-05-02 11:06 - 000002381 _____ C:\Users\91709\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-01 14:09 - 2021-05-01 14:11 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2021-05-01 14:08 - 2021-05-01 14:09 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2021-05-01 14:08 - 2021-05-01 14:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2021-05-01 00:51 - 2021-05-01 00:51 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-05-01 00:48 - 2021-05-09 02:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-05-01 00:48 - 2021-05-08 20:47 - 000064773 _____ C:\WINDOWS\diagwrn.xml 2021-05-01 00:48 - 2021-05-08 20:47 - 000064773 _____ C:\WINDOWS\diagerr.xml 2021-05-01 00:48 - 2021-05-01 00:48 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-05-01 00:48 - 2021-05-01 00:48 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-05-01 00:48 - 2021-05-01 00:48 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-05-01 00:48 - 2021-05-01 00:48 - 000003308 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1B246034-A936-42CA-8BA5-8C8552BD36CE} 2021-05-01 00:48 - 2021-05-01 00:48 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d737ced25e7023 2021-05-01 00:48 - 2021-05-01 00:48 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-05-01 00:48 - 2021-05-01 00:48 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2021-05-01 00:48 - 2021-05-01 00:48 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2021-05-01 00:48 - 2021-05-01 00:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2768028787-2044878470-836221256-1005 2021-05-01 00:48 - 2021-05-01 00:48 - 000002770 _____ C:\WINDOWS\system32\Tasks\Red Giant Link 2021-05-01 00:48 - 2021-05-01 00:48 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-01 00:48 - 2021-05-01 00:48 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2021-05-01 00:48 - 2021-05-01 00:48 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2021-05-01 00:48 - 2021-05-01 00:48 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2021-05-01 00:48 - 2021-05-01 00:48 - 000000020 ___SH C:\Users\91709\ntuser.ini 2021-05-01 00:48 - 2021-05-01 00:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software 2021-05-01 00:48 - 2021-05-01 00:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel 2021-05-01 00:48 - 2021-05-01 00:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2021-05-01 00:47 - 2021-05-08 23:08 - 000805324 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-05-01 00:43 - 2021-05-09 02:28 - 000000000 ____D C:\Users\postgres 2021-05-01 00:43 - 2021-05-09 02:26 - 000000000 ____D C:\Users\91709 2021-05-01 00:43 - 2021-04-25 16:21 - 000001281 _____ C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk 2021-05-01 00:43 - 2021-04-25 16:21 - 000001281 _____ C:\Users\91709\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk 2021-05-01 00:43 - 2021-04-25 16:21 - 000000407 _____ C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk 2021-05-01 00:43 - 2021-04-25 16:21 - 000000407 _____ C:\Users\91709\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk 2021-05-01 00:41 - 2021-05-09 02:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-05-01 00:41 - 2021-05-01 00:42 - 000451384 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-05-01 00:28 - 2021-05-01 00:28 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000025-000000.txt 2021-04-30 14:27 - 2021-05-08 10:59 - 000000000 ___DC C:\WINDOWS\Panther 2021-04-29 08:15 - 2021-04-29 08:15 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000024-000000.txt 2021-04-27 16:51 - 2021-04-27 17:11 - 000400791 _____ C:\Users\91709\Desktop\cm.ai 2021-04-25 20:54 - 2021-04-25 20:54 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-04-25 17:41 - 2021-04-25 17:41 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2021-04-25 17:41 - 2021-04-25 17:41 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2021-04-25 17:41 - 2021-04-25 17:41 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-04-25 17:41 - 2021-04-25 17:41 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-04-25 17:41 - 2021-04-25 17:40 - 000020244 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2021-04-25 17:41 - 2021-04-25 16:22 - 000023461 _____ C:\WINDOWS\Core.xml 2021-04-25 17:40 - 2021-04-25 17:40 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2021-04-25 17:40 - 2021-04-25 17:40 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-04-25 17:40 - 2021-04-25 17:40 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2021-04-25 17:40 - 2021-04-25 17:40 - 000000000 ____D C:\WINDOWS\addins 2021-04-25 17:40 - 2021-04-25 17:40 - 000000000 ____D C:\ProgramData\ssh 2021-04-25 17:40 - 2021-04-22 21:15 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-04-25 17:39 - 2021-04-25 06:25 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx 2021-04-25 17:39 - 2021-04-25 05:03 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2021-04-25 17:39 - 2021-04-25 04:55 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.tlb 2021-04-25 17:39 - 2021-04-25 04:55 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\amcompat.tlb 2021-04-25 17:39 - 2021-04-25 03:44 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.tlb 2021-04-25 17:39 - 2021-04-25 03:44 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amcompat.tlb 2021-04-25 17:39 - 2021-04-25 03:39 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll 2021-04-25 17:29 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2021-04-25 17:29 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\0409 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\winrm 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\WCN 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\slmgr 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\0409 2021-04-25 17:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\DigitalLocker 2021-04-25 16:44 - 2021-04-25 16:44 - 000000000 _SHDL C:\Users\Default User 2021-04-25 16:44 - 2021-04-25 16:44 - 000000000 _SHDL C:\Users\All Users 2021-04-25 16:32 - 2021-05-01 14:08 - 000000000 ____D C:\WINDOWS\Setup 2021-04-25 16:28 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\system32\Pbr 2021-04-25 16:28 - 2021-04-25 16:25 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2021-04-25 16:28 - 2021-04-25 16:25 - 000078336 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2021-04-25 16:28 - 2021-04-25 16:25 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config 2021-04-25 16:28 - 2021-04-25 16:25 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2021-04-25 16:27 - 2021-05-09 02:32 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2021-04-25 16:27 - 2021-05-09 02:32 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-25 16:27 - 2021-05-09 02:30 - 000000000 ____D C:\WINDOWS\SystemTemp 2021-04-25 16:27 - 2021-05-09 02:27 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-25 16:27 - 2021-05-09 02:26 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-25 16:27 - 2021-05-08 21:42 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-25 16:27 - 2021-05-08 21:39 - 000000000 ___RD C:\Program Files (x86) 2021-04-25 16:27 - 2021-05-08 21:21 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-25 16:27 - 2021-05-08 11:08 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-04-25 16:27 - 2021-05-08 10:37 - 000000000 ____D C:\WINDOWS\Registration 2021-04-25 16:27 - 2021-05-01 14:11 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2021-04-25 16:27 - 2021-05-01 14:11 - 000000000 __RHD C:\Users\Public\Libraries 2021-04-25 16:27 - 2021-05-01 14:11 - 000000000 ____D C:\WINDOWS\system32\spool 2021-04-25 16:27 - 2021-05-01 14:11 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-04-25 16:27 - 2021-05-01 14:11 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-04-25 16:27 - 2021-05-01 14:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2021-04-25 16:27 - 2021-05-01 14:11 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-04-25 16:27 - 2021-05-01 14:11 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-04-25 16:27 - 2021-05-01 14:11 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-04-25 16:27 - 2021-05-01 14:06 - 000000000 ____D C:\WINDOWS\OCR 2021-04-25 16:27 - 2021-05-01 08:29 - 000000000 ____D C:\WINDOWS\appcompat 2021-04-25 16:27 - 2021-05-01 08:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-04-25 16:27 - 2021-05-01 00:49 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-25 16:27 - 2021-05-01 00:48 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-25 16:27 - 2021-05-01 00:48 - 000000000 ____D C:\Program Files\Windows Defender 2021-04-25 16:27 - 2021-05-01 00:42 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-04-25 16:27 - 2021-05-01 00:42 - 000000000 ____D C:\WINDOWS\system32\config\TxR 2021-04-25 16:27 - 2021-04-25 17:41 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-25 16:27 - 2021-04-25 17:41 - 000000000 ____D C:\WINDOWS\SystemApps 2021-04-25 16:27 - 2021-04-25 17:41 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-04-25 16:27 - 2021-04-25 17:41 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-25 16:27 - 2021-04-25 17:40 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\system32\id-ID 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2021-04-25 16:27 - 2021-04-25 17:29 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ___SD C:\WINDOWS\system32\dsc 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\MUI 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\system32\Com 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\IME 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\Help 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\WINDOWS\BrowserCore 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\Program Files\Windows NT 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\Program Files\Common Files\System 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\Program Files (x86)\Windows NT 2021-04-25 16:27 - 2021-04-25 17:27 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 __SHD C:\Program Files\Windows Sidebar 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\Web 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\system32\winevt 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\system32\ras 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\system32\PointOfService 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\SKB 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\security 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\schemas 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\Resources 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\PLA 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\Media 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\InputMethod 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\IdentityCRL 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\Globalization 2021-04-25 16:27 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\WUModels 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\UUS 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2021-04-25 16:27 - 2021-04-25 16:28 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ___SD C:\WINDOWS\system32\Nui 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ___SD C:\WINDOWS\system32\lxss 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\WaaS 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\Vss 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\tracing 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\TAPI 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\ProximityToast 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\Ipmi 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\IME 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\icsxml 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\ias 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\DriverState 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\downlevel 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\config\RegBack 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\config\Journal 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\System 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\SchCache 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\rescache 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\Performance 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\ModemLogs 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\L2Schemas 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\Cursors 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\Containers 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\Branding 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\ProgramData\USOShared 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\ProgramData\USOPrivate 2021-04-25 16:27 - 2021-04-25 16:27 - 000000000 ____D C:\Program Files\ModifiableWindowsApps 2021-04-25 16:27 - 2021-04-25 16:25 - 000215943 _____ C:\WINDOWS\system32\dssec.dat 2021-04-25 16:27 - 2021-04-25 16:25 - 000114688 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll 2021-04-25 16:27 - 2021-04-25 16:25 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2021-04-25 16:27 - 2021-04-25 16:25 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config 2021-04-25 16:27 - 2021-04-25 16:25 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2021-04-25 16:27 - 2021-04-25 16:25 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT 2021-04-25 16:26 - 2021-05-09 02:32 - 000000000 ____D C:\WINDOWS\INF 2021-04-25 16:23 - 2021-04-25 17:40 - 000316640 _____ C:\WINDOWS\WMSysPr9.prx 2021-04-25 16:23 - 2021-04-25 17:40 - 000196096 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\l3codecp.acm 2021-04-25 16:23 - 2021-04-25 17:40 - 000118784 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll 2021-04-25 16:23 - 2021-04-25 17:40 - 000070656 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\l3codeca.acm 2021-04-25 16:23 - 2021-04-25 16:23 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb 2021-04-25 16:23 - 2021-04-25 16:23 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb 2021-04-25 16:23 - 2021-04-25 16:23 - 000010429 _____ C:\WINDOWS\system32\ScavengeSpace.xml 2021-04-25 16:23 - 2021-04-25 16:23 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb 2021-04-25 16:23 - 2021-04-25 16:23 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb 2021-04-25 16:23 - 2021-04-25 16:23 - 000002349 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk 2021-04-25 16:23 - 2021-04-25 16:23 - 000000112 _____ C:\WINDOWS\SysWOW64\MixedRealityRuntime.json 2021-04-25 16:23 - 2021-04-25 16:23 - 000000112 _____ C:\WINDOWS\system32\MixedRealityRuntime.json 2021-04-25 16:22 - 2021-04-25 17:40 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2021-04-25 16:22 - 2021-04-25 17:40 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2021-04-25 16:22 - 2021-04-25 17:40 - 000208896 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\l3codecp.acm 2021-04-25 16:22 - 2021-04-25 17:40 - 000114688 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\l3codeca.acm 2021-04-25 16:22 - 2021-04-25 16:22 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 003635200 _____ C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.Analysis.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 003440660 _____ C:\WINDOWS\SysWOW64\Drivers\gm.dls 2021-04-25 16:22 - 2021-04-25 16:22 - 003416864 _____ C:\WINDOWS\system32\rdpnanoTransport.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 003170304 _____ C:\WINDOWS\SysWOW64\boot.sdi 2021-04-25 16:22 - 2021-04-25 16:22 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-04-25 16:22 - 2021-04-25 16:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-04-25 16:22 - 2021-04-25 16:22 - 002126336 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 002075816 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 001894912 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 001741600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-04-25 16:22 - 2021-04-25 16:22 - 001300976 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000839680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ir41_32original.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Bubbles.scr 2021-04-25 16:22 - 2021-04-25 16:22 - 000774144 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx 2021-04-25 16:22 - 2021-04-25 16:22 - 000746496 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ir50_32original.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000704440 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\winsqlite3.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000613016 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx 2021-04-25 16:22 - 2021-04-25 16:22 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000513536 _____ C:\WINDOWS\SysWOW64\SearchIndexerCore.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000460800 _____ C:\WINDOWS\SysWOW64\SettingSyncDownloadHelper.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-04-25 16:22 - 2021-04-25 16:22 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2021-04-25 16:22 - 2021-04-25 16:22 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx 2021-04-25 16:22 - 2021-04-25 16:22 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe 2021-04-25 16:22 - 2021-04-25 16:22 - 000386560 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe 2021-04-25 16:22 - 2021-04-25 16:22 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hdwwiz.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000373024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx 2021-04-25 16:22 - 2021-04-25 16:22 - 000345088 _____ C:\WINDOWS\SysWOW64\ssdm.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2021-04-25 16:22 - 2021-04-25 16:22 - 000338432 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir41_qcxoriginal.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000331776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-04-25 16:22 - 2021-04-25 16:22 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2021-04-25 16:22 - 2021-04-25 16:22 - 000307488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000292352 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000287008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSNP.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000286720 _____ C:\WINDOWS\system32\EsclScan.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000264992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000264192 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000262656 _____ C:\WINDOWS\SysWOW64\HeatCore.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2021-04-25 16:22 - 2021-04-25 16:22 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr 2021-04-25 16:22 - 2021-04-25 16:22 - 000247808 _____ C:\WINDOWS\SysWOW64\pku2u.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000223520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000221184 _____ C:\WINDOWS\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\desk.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv 2021-04-25 16:22 - 2021-04-25 16:22 - 000217376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSNP.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000211938 _____ C:\WINDOWS\SysWOW64\lcphrase.tbl 2021-04-25 16:22 - 2021-04-25 16:22 - 000211938 _____ C:\WINDOWS\system32\lcphrase.tbl 2021-04-25 16:22 - 2021-04-25 16:22 - 000200992 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000200192 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir50_qcoriginal.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000197632 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\ir32_32original.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000197632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iac25_32.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000196608 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000195618 _____ C:\WINDOWS\system32\C_10002.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\desk.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000183808 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir50_qcxoriginal.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000177698 _____ C:\WINDOWS\system32\C_10003.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Ribbons.scr 2021-04-25 16:22 - 2021-04-25 16:22 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mystify.scr 2021-04-25 16:22 - 2021-04-25 16:22 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000173602 _____ C:\WINDOWS\system32\C_10008.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000167640 _____ C:\WINDOWS\SysWOW64\chs_singlechar_pinyin.dat 2021-04-25 16:22 - 2021-04-25 16:22 - 000163840 _____ C:\WINDOWS\system32\EsclProtocol.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000162850 _____ C:\WINDOWS\system32\C_10001.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000160032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Kswdmcap.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000157472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000146944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ivfsrc.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000145622 _____ C:\WINDOWS\SysWOW64\devmgmt.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000145519 _____ C:\WINDOWS\SysWOW64\perfmon.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000145519 _____ C:\WINDOWS\system32\perfmon.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000145127 _____ C:\WINDOWS\SysWOW64\eventvwr.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000145127 _____ C:\WINDOWS\system32\eventvwr.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000145059 _____ C:\WINDOWS\SysWOW64\taskschd.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000144998 _____ C:\WINDOWS\SysWOW64\lusrmgr.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000144909 _____ C:\WINDOWS\SysWOW64\fsmgmt.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000144862 _____ C:\WINDOWS\SysWOW64\tpm.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000143872 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000142904 _____ C:\WINDOWS\SysWOW64\slmgr.vbs 2021-04-25 16:22 - 2021-04-25 16:22 - 000135168 _____ C:\WINDOWS\system32\ResBParser.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000131360 _____ (Microsoft Corporation) C:\WINDOWS\system32\kstvtune.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\telephon.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000124118 _____ C:\WINDOWS\SysWOW64\comexp.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000123168 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisrndr.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\remotesp.tsp 2021-04-25 16:22 - 2021-04-25 16:22 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\joy.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-04-25 16:22 - 2021-04-25 16:22 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000120608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Kswdmcap.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000120320 _____ (Intel Corporation.) C:\WINDOWS\SysWOW64\ir41_qcoriginal.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000119072 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdaplgin.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000118272 _____ C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000115109 _____ C:\WINDOWS\SysWOW64\WF.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000114976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSTPager.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000114976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mpeg2Data.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmview.ocx 2021-04-25 16:22 - 2021-04-25 16:22 - 000113256 _____ C:\WINDOWS\SysWOW64\compmgmt.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000113256 _____ C:\WINDOWS\system32\compmgmt.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb 2021-04-25 16:22 - 2021-04-25 16:22 - 000110880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSDvbNP.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2021-04-25 16:22 - 2021-04-25 16:22 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\telephon.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2021-04-25 16:22 - 2021-04-25 16:22 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx 2021-04-25 16:22 - 2021-04-25 16:22 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqlsrv32.rll 2021-04-25 16:22 - 2021-04-25 16:22 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000099104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kstvtune.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\joy.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000094496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksxbar.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqlsrv32.rll 2021-04-25 16:22 - 2021-04-25 16:22 - 000093702 _____ C:\WINDOWS\SysWOW64\SubRange.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000093702 _____ C:\WINDOWS\system32\SubRange.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000092746 _____ C:\WINDOWS\SysWOW64\services.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000092746 _____ C:\WINDOWS\system32\services.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000090704 _____ C:\WINDOWS\system32\gatherNetworkInfo.vbs 2021-04-25 16:22 - 2021-04-25 16:22 - 000090112 _____ C:\WINDOWS\system32\BWContextHandler.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remotesp.tsp 2021-04-25 16:22 - 2021-04-25 16:22 - 000086528 _____ (Radius Inc.) C:\WINDOWS\SysWOW64\iccvid.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000086304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisrndr.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000084256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bdaplgin.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\g711codc.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000078624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSTPager.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000078112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbisurf.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000077824 _____ C:\WINDOWS\system32\UPPrinterInstaller.exe 2021-04-25 16:22 - 2021-04-25 16:22 - 000077312 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000076064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mpeg2Data.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2021-04-25 16:22 - 2021-04-25 16:22 - 000074528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSDvbNP.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000074016 _____ C:\WINDOWS\system32\Drivers\NDKPerf.sys 2021-04-25 16:22 - 2021-04-25 16:22 - 000073216 _____ C:\WINDOWS\SysWOW64\windows.applicationmodel.conversationalagent.proxystub.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000068608 _____ (Twain Working Group) C:\WINDOWS\twain_32.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_875.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_870.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_500.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_21027.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_21025.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20924.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20905.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20880.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20871.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20838.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20833.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20424.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20423.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20420.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20297.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20290.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20285.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20284.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20280.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20278.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20277.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20273.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20269.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20108.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20107.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20106.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_20105.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1149.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1148.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1147.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1146.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1145.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1144.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1143.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1142.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1141.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1140.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1047.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_1026.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10082.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10081.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10079.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10029.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10021.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10017.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10010.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10007.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10006.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10005.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10004.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_10000.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000066082 _____ C:\WINDOWS\system32\C_037.NLS 2021-04-25 16:22 - 2021-04-25 16:22 - 000065824 _____ (Microsoft Corporation) C:\WINDOWS\system32\vidcap.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000065024 _____ C:\WINDOWS\SysWOW64\sstpcfg.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000063081 _____ C:\WINDOWS\SysWOW64\certlm.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000063081 _____ C:\WINDOWS\system32\certlm.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000063070 _____ C:\WINDOWS\SysWOW64\certmgr.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000063070 _____ C:\WINDOWS\system32\certmgr.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000062976 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Dialogs.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000062240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksxbar.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000061728 _____ C:\WINDOWS\system32\HvSocket.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000061440 _____ C:\WINDOWS\SysWOW64\WwanPrfl.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000061440 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\irprops.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidphone.tsp 2021-04-25 16:22 - 2021-04-25 16:22 - 000060458 _____ C:\WINDOWS\SysWOW64\ideograf.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000060458 _____ C:\WINDOWS\system32\ideograf.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000060267 _____ C:\WINDOWS\system32\srms.dat 2021-04-25 16:22 - 2021-04-25 16:22 - 000057344 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\g711codc.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000051712 _____ C:\WINDOWS\SysWOW64\CredProvCommonCore.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000049152 _____ C:\WINDOWS\SysWOW64\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\more.com 2021-04-25 16:22 - 2021-04-25 16:22 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2021-04-25 16:22 - 2021-04-25 16:22 - 000047682 _____ C:\WINDOWS\SysWOW64\diskmgmt.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\format.com 2021-04-25 16:22 - 2021-04-25 16:22 - 000046368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbisurf.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000045568 _____ (Microsoft) C:\WINDOWS\SysWOW64\oflc-nz.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\cliconfg.rll 2021-04-25 16:22 - 2021-04-25 16:22 - 000043520 _____ (Microsoft) C:\WINDOWS\SysWOW64\csrr.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000041587 _____ C:\WINDOWS\SysWOW64\azman.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000041587 _____ C:\WINDOWS\system32\azman.msc 2021-04-25 16:22 - 2021-04-25 16:22 - 000041472 _____ (Microsoft) C:\WINDOWS\SysWOW64\fpb.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2021-04-25 16:22 - 2021-04-25 16:22 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp 2021-04-25 16:22 - 2021-04-25 16:22 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cliconfg.rll 2021-04-25 16:22 - 2021-04-25 16:22 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2021-04-25 16:22 - 2021-04-25 16:22 - 000036640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vidcap.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000036179 _____ C:\WINDOWS\SysWOW64\ctac.json 2021-04-25 16:22 - 2021-04-25 16:22 - 000034816 _____ (Microsoft) C:\WINDOWS\SysWOW64\cero.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000033792 _____ (Microsoft) C:\WINDOWS\SysWOW64\esrb.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msgsm32.acm 2021-04-25 16:22 - 2021-04-25 16:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrnsave.scr 2021-04-25 16:22 - 2021-04-25 16:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hidphone.tsp 2021-04-25 16:22 - 2021-04-25 16:22 - 000031232 _____ (Microsoft) C:\WINDOWS\SysWOW64\usk.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000030720 _____ (Microsoft) C:\WINDOWS\SysWOW64\cob-au.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000029184 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imaadp32.acm 2021-04-25 16:22 - 2021-04-25 16:22 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\irprops.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Firewall.cpl 2021-04-25 16:22 - 2021-04-25 16:22 - 000028392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msadp32.acm 2021-04-25 16:22 - 2021-04-25 16:22 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2021-04-25 16:22 - 2021-04-25 16:22 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv 2021-04-25 16:22 - 2021-04-25 16:22 - 000024576 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\more.com 2021-04-25 16:22 - 2021-04-25 16:22 - 000024114 _____ C:\WINDOWS\SysWOW64\lcptr.tbl 2021-04-25 16:22 - 2021-04-25 16:22 - 000024114 _____ C:\WINDOWS\system32\lcptr.tbl 2021-04-25 16:22 - 2021-04-25 16:22 - 000024006 _____ C:\WINDOWS\SysWOW64\gb2312.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000024006 _____ C:\WINDOWS\system32\gb2312.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000022984 _____ C:\WINDOWS\SysWOW64\bopomofo.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000022984 _____ C:\WINDOWS\system32\bopomofo.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000021656 _____ C:\WINDOWS\system32\NetTrace.PLA.Diagnostics.xml 2021-04-25 16:22 - 2021-04-25 16:22 - 000021152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msg711.acm 2021-04-25 16:22 - 2021-04-25 16:22 - 000020992 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi-pt.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000020480 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000020268 _____ C:\WINDOWS\system32\DeliveryOptimizationMIProv.mof 2021-04-25 16:22 - 2021-04-25 16:22 - 000019485 _____ C:\WINDOWS\SysWOW64\srms-apr.dat 2021-04-25 16:22 - 2021-04-25 16:22 - 000019485 _____ C:\WINDOWS\system32\srms-apr.dat 2021-04-25 16:22 - 2021-04-25 16:22 - 000019456 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000019456 _____ (Microsoft) C:\WINDOWS\SysWOW64\grb.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb 2021-04-25 16:22 - 2021-04-25 16:22 - 000017935 _____ C:\WINDOWS\SysWOW64\EventViewer_EventDetails.xsl 2021-04-25 16:22 - 2021-04-25 16:22 - 000017935 _____ C:\WINDOWS\system32\EventViewer_EventDetails.xsl 2021-04-25 16:22 - 2021-04-25 16:22 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2021-04-25 16:22 - 2021-04-25 16:22 - 000016740 _____ C:\WINDOWS\SysWOW64\ShiftJIS.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000016740 _____ C:\WINDOWS\system32\ShiftJIS.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\simpdata.tlb 2021-04-25 16:22 - 2021-04-25 16:22 - 000015360 _____ (Microsoft) C:\WINDOWS\SysWOW64\pcbp.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000015360 _____ (Microsoft) C:\WINDOWS\SysWOW64\djctq.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000013824 _____ C:\WINDOWS\SysWOW64\prxyqry.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000012876 _____ C:\WINDOWS\SysWOW64\korean.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000012876 _____ C:\WINDOWS\system32\korean.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000012818 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-25 16:22 - 2021-04-25 16:22 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2021-04-25 16:22 - 2021-04-25 16:22 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdatsrc.tlb 2021-04-25 16:22 - 2021-04-25 16:22 - 000011776 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2021-04-25 16:22 - 2021-04-25 16:22 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ir41_32.ax 2021-04-25 16:22 - 2021-04-25 16:22 - 000011292 _____ C:\WINDOWS\SysWOW64\srms-apr-v.dat 2021-04-25 16:22 - 2021-04-25 16:22 - 000011292 _____ C:\WINDOWS\system32\srms-apr-v.dat 2021-04-25 16:22 - 2021-04-25 16:22 - 000009578 _____ C:\WINDOWS\system32\ResPriHMImageList 2021-04-25 16:22 - 2021-04-25 16:22 - 000009574 _____ C:\WINDOWS\system32\ResPriImageList 2021-04-25 16:22 - 2021-04-25 16:22 - 000009563 _____ C:\WINDOWS\system32\ResPriUHMImageList 2021-04-25 16:22 - 2021-04-25 16:22 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfime.ime 2021-04-25 16:22 - 2021-04-25 16:22 - 000009208 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost 2021-04-25 16:22 - 2021-04-25 16:22 - 000009104 _____ C:\WINDOWS\system32\ResPriLMImageList 2021-04-25 16:22 - 2021-04-25 16:22 - 000008740 _____ C:\WINDOWS\system32\ResPriImageListLowCost 2021-04-25 16:22 - 2021-04-25 16:22 - 000008484 _____ C:\WINDOWS\SysWOW64\kanji_2.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000008484 _____ C:\WINDOWS\system32\kanji_2.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\simpdata.tlb 2021-04-25 16:22 - 2021-04-25 16:22 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole32.tlb 2021-04-25 16:22 - 2021-04-25 16:22 - 000006948 _____ C:\WINDOWS\SysWOW64\kanji_1.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000006948 _____ C:\WINDOWS\system32\kanji_1.uce 2021-04-25 16:22 - 2021-04-25 16:22 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll 2021-04-25 16:22 - 2021-04-25 16:22 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdatsrc.tlb 2021-04-25 16:22 - 2021-04-25 16:22 - 000004608 _____ (Microsoft) C:\WINDOWS\SysWOW64\WEB.rs 2021-04-25 16:22 - 2021-04-25 16:22 - 000004453 _____ C:\WINDOWS\SysWOW64\odbcconf.rsp 2021-04-25 16:22 - 2021-04-25 16:22 - 000004014 _____ C:\WINDOWS\SysWOW64\xwizard.dtd 2021-04-25 16:22 - 2021-04-25 16:22 - 000004014 _____ C:\WINDOWS\system32\xwizard.dtd 2021-04-25 16:22 - 2021-04-25 16:22 - 000003666 _____ C:\WINDOWS\SysWOW64\sysprtj.sep 2021-04-25 16:22 - 2021-04-25 16:22 - 000003660 _____ C:\WINDOWS\system32\WwanFeatureTests.xml 2021-04-25 16:22 - 2021-04-25 16:22 - 000003317 _____ C:\WINDOWS\SysWOW64\sysprint.sep 2021-04-25 16:22 - 2021-04-25 16:22 - 000003224 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml 2021-04-25 16:22 - 2021-04-25 16:22 - 000002404 _____ C:\WINDOWS\SysWOW64\WimBootCompress.ini 2021-04-25 16:22 - 2021-04-25 16:22 - 000002233 _____ C:\WINDOWS\SysWOW64\12520850.cpx 2021-04-25 16:22 - 2021-04-25 16:22 - 000002151 _____ C:\WINDOWS\SysWOW64\12520437.cpx 2021-04-25 16:22 - 2021-04-25 16:22 - 000002044 _____ C:\WINDOWS\system32\DeliveryOptimizationMIProvUninstall.mof 2021-04-25 16:22 - 2021-04-25 16:22 - 000001820 _____ C:\WINDOWS\SysWOW64\rasctrnm.h 2021-04-25 16:22 - 2021-04-25 16:22 - 000001673 _____ C:\WINDOWS\SysWOW64\tcpbidi.xml 2021-04-25 16:22 - 2021-04-25 16:22 - 000001649 _____ C:\WINDOWS\SysWOW64\WindowsCodecsRaw.txt 2021-04-25 16:22 - 2021-04-25 16:22 - 000001649 _____ C:\WINDOWS\system32\WindowsCodecsRaw.txt 2021-04-25 16:22 - 2021-04-25 16:22 - 000000714 _____ C:\WINDOWS\SysWOW64\RestartManager.mof 2021-04-25 16:22 - 2021-04-25 16:22 - 000000646 _____ C:\WINDOWS\SysWOW64\Drivers\gmreadme.txt 2021-04-25 16:22 - 2021-04-25 16:22 - 000000565 _____ C:\WINDOWS\SysWOW64\NdfEventView.xml 2021-04-25 16:22 - 2021-04-25 16:22 - 000000565 _____ C:\WINDOWS\system32\NdfEventView.xml 2021-04-25 16:22 - 2021-04-25 16:22 - 000000263 _____ C:\WINDOWS\system32\odbcconf.rsp 2021-04-25 16:22 - 2021-04-25 16:22 - 000000176 _____ C:\WINDOWS\SysWOW64\RestartManagerUninstall.mof 2021-04-25 16:22 - 2021-04-25 16:22 - 000000150 _____ C:\WINDOWS\SysWOW64\pcl.sep 2021-04-25 16:22 - 2021-04-25 16:22 - 000000051 _____ C:\WINDOWS\SysWOW64\pscript.sep 2021-04-25 16:21 - 2021-04-25 16:21 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 004355072 _____ C:\WINDOWS\system32\Windows.UI.Input.Inking.Analysis.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 003170304 _____ C:\WINDOWS\system32\boot.sdi 2021-04-25 16:21 - 2021-04-25 16:21 - 002621440 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 002545656 ____R (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 002318336 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 002300584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-25 16:21 - 2021-04-25 16:21 - 002125824 _____ C:\WINDOWS\system32\dwmscene.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 002025024 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 001850128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-04-25 16:21 - 2021-04-25 16:21 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000931736 _____ (SQLite Development Team) C:\WINDOWS\system32\winsqlite3.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000839928 _____ C:\WINDOWS\SysWOW64\locale.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000839928 _____ C:\WINDOWS\system32\locale.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000723448 _____ C:\WINDOWS\system32\TextShaping.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000673088 _____ C:\WINDOWS\SysWOW64\mlang.dat 2021-04-25 16:21 - 2021-04-25 16:21 - 000673088 _____ C:\WINDOWS\system32\mlang.dat 2021-04-25 16:21 - 2021-04-25 16:21 - 000647168 _____ C:\WINDOWS\system32\SearchIndexerCore.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000630784 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-04-25 16:21 - 2021-04-25 16:21 - 000499712 _____ C:\WINDOWS\system32\HealthAttestationClientAgent.exe 2021-04-25 16:21 - 2021-04-25 16:21 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2021-04-25 16:21 - 2021-04-25 16:21 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hdwwiz.cpl 2021-04-25 16:21 - 2021-04-25 16:21 - 000360448 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000352256 _____ C:\WINDOWS\system32\HeatCore.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000339968 _____ C:\WINDOWS\system32\pku2u.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000311296 _____ C:\WINDOWS\system32\Microsoft.Internal.FrameworkUdk.System.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000294912 _____ C:\WINDOWS\system32\pnpdiag.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe 2021-04-25 16:21 - 2021-04-25 16:21 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl 2021-04-25 16:21 - 2021-04-25 16:21 - 000258336 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2021-04-25 16:21 - 2021-04-25 16:21 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2021-04-25 16:21 - 2021-04-25 16:21 - 000212992 _____ C:\WINDOWS\system32\BthpanContextHandler.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000204074 _____ C:\WINDOWS\SysWOW64\winrm.vbs 2021-04-25 16:21 - 2021-04-25 16:21 - 000204074 _____ C:\WINDOWS\system32\winrm.vbs 2021-04-25 16:21 - 2021-04-25 16:21 - 000196642 _____ C:\WINDOWS\system32\C_950.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000196642 _____ C:\WINDOWS\system32\C_949.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000196642 _____ C:\WINDOWS\system32\C_936.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000191488 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000189986 _____ C:\WINDOWS\system32\C_1361.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000187938 _____ C:\WINDOWS\system32\C_20005.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000186402 _____ C:\WINDOWS\system32\C_20001.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000185378 _____ C:\WINDOWS\system32\C_20003.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000184320 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-04-25 16:21 - 2021-04-25 16:21 - 000180770 _____ C:\WINDOWS\system32\C_20932.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000180258 _____ C:\WINDOWS\system32\C_20004.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000180258 _____ C:\WINDOWS\system32\C_20000.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000177698 _____ C:\WINDOWS\system32\C_20949.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000173602 _____ C:\WINDOWS\system32\C_20936.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000173602 _____ C:\WINDOWS\system32\C_20002.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe 2021-04-25 16:21 - 2021-04-25 16:21 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl 2021-04-25 16:21 - 2021-04-25 16:21 - 000167640 _____ C:\WINDOWS\system32\chs_singlechar_pinyin.dat 2021-04-25 16:21 - 2021-04-25 16:21 - 000162850 _____ C:\WINDOWS\system32\C_932.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmview.ocx 2021-04-25 16:21 - 2021-04-25 16:21 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2021-04-25 16:21 - 2021-04-25 16:21 - 000145622 _____ C:\WINDOWS\system32\devmgmt.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000145059 _____ C:\WINDOWS\system32\taskschd.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000144998 _____ C:\WINDOWS\system32\lusrmgr.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000144909 _____ C:\WINDOWS\system32\fsmgmt.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000144862 _____ C:\WINDOWS\system32\tpm.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000144673 _____ C:\WINDOWS\system32\WmiMgmt.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000143360 _____ C:\WINDOWS\system32\WindowsDefaultHeatProcessor.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000142904 _____ C:\WINDOWS\system32\slmgr.vbs 2021-04-25 16:21 - 2021-04-25 16:21 - 000139810 _____ C:\WINDOWS\system32\C_20261.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000124118 _____ C:\WINDOWS\system32\comexp.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000122880 _____ C:\WINDOWS\system32\UpdatePolicyScenarioReliabilityAggregator.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2021-04-25 16:21 - 2021-04-25 16:21 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb 2021-04-25 16:21 - 2021-04-25 16:21 - 000115109 _____ C:\WINDOWS\system32\WF.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000114688 _____ C:\WINDOWS\system32\UpdateHeartbeatScan.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000106496 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000098304 _____ C:\WINDOWS\system32\sstpcfg.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl 2021-04-25 16:21 - 2021-04-25 16:21 - 000095408 _____ C:\WINDOWS\system32\wow64con.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000090112 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000086016 _____ C:\WINDOWS\system32\printticketvalidation.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000086016 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys 2021-04-25 16:21 - 2021-04-25 16:21 - 000086016 _____ C:\WINDOWS\system32\CredProvCommonCore.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000084948 _____ C:\WINDOWS\system32\DiskSnapshot.conf 2021-04-25 16:21 - 2021-04-25 16:21 - 000081870 _____ C:\WINDOWS\system32\normidna.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000079348 _____ C:\WINDOWS\system32\normnfkc.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe 2021-04-25 16:21 - 2021-04-25 16:21 - 000077824 _____ C:\WINDOWS\system32\APMonUI.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000073114 _____ C:\WINDOWS\system32\normnfkd.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000069632 _____ C:\WINDOWS\system32\UsbPmApi.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp 2021-04-25 16:21 - 2021-04-25 16:21 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_874.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_869.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_866.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_865.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_864.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_863.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_862.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_861.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_860.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_858.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_857.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_855.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_852.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_850.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_775.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_737.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_720.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066594 _____ C:\WINDOWS\system32\C_437.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_708.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28605.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\c_28603.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28599.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28598.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28597.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28596.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28595.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28594.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28593.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28592.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_28591.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_21866.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_20866.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_20127.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_1258.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_1257.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_1256.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_1255.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_1254.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_1253.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_1252.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_1251.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000066082 _____ C:\WINDOWS\system32\C_1250.NLS 2021-04-25 16:21 - 2021-04-25 16:21 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\format.com 2021-04-25 16:21 - 2021-04-25 16:21 - 000061440 _____ C:\WINDOWS\system32\pospaymentsworker.exe 2021-04-25 16:21 - 2021-04-25 16:21 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrnsave.scr 2021-04-25 16:21 - 2021-04-25 16:21 - 000060124 _____ C:\WINDOWS\system32\tcpmon.ini 2021-04-25 16:21 - 2021-04-25 16:21 - 000057136 _____ C:\WINDOWS\system32\normnfc.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000053248 _____ C:\WINDOWS\system32\VhfUm.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000053248 _____ C:\WINDOWS\system32\usocoreps.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000053248 _____ C:\WINDOWS\system32\deploymentcsphelper.exe 2021-04-25 16:21 - 2021-04-25 16:21 - 000053248 _____ (Microsoft) C:\WINDOWS\system32\oflc-nz.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000053248 _____ (Microsoft) C:\WINDOWS\system32\csrr.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000050442 _____ C:\WINDOWS\system32\normnfd.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000049152 _____ (Microsoft) C:\WINDOWS\system32\fpb.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000047682 _____ C:\WINDOWS\system32\diskmgmt.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000045056 _____ (Microsoft) C:\WINDOWS\system32\cero.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000043131 _____ C:\WINDOWS\mib.bin 2021-04-25 16:21 - 2021-04-25 16:21 - 000040960 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000040960 _____ C:\WINDOWS\system32\prxyqry.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\usk.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\esrb.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000040960 _____ (Microsoft) C:\WINDOWS\system32\cob-au.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000037560 _____ C:\WINDOWS\system32\wow64base.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000036864 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000036179 _____ C:\WINDOWS\system32\ctac.json 2021-04-25 16:21 - 2021-04-25 16:21 - 000032768 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000030363 _____ C:\WINDOWS\system32\NarratorControlTemplates.xml 2021-04-25 16:21 - 2021-04-25 16:21 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi-pt.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\pegi.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000028672 _____ (Microsoft) C:\WINDOWS\system32\grb.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfime.ime 2021-04-25 16:21 - 2021-04-25 16:21 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll 2021-04-25 16:21 - 2021-04-25 16:21 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\pcbp.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000024576 _____ (Microsoft) C:\WINDOWS\system32\djctq.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000013091 _____ C:\WINDOWS\system32\DevModeRunAsUserConfig.msc 2021-04-25 16:21 - 2021-04-25 16:21 - 000012288 _____ (Microsoft) C:\WINDOWS\system32\WEB.rs 2021-04-25 16:21 - 2021-04-25 16:21 - 000010576 _____ C:\WINDOWS\system32\TransformPPSToWlan.xslt 2021-04-25 16:21 - 2021-04-25 16:21 - 000009926 _____ C:\WINDOWS\SysWOW64\l_intl.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000009926 _____ C:\WINDOWS\system32\l_intl.nls 2021-04-25 16:21 - 2021-04-25 16:21 - 000008192 _____ C:\WINDOWS\system32\settings.dat 2021-04-25 16:21 - 2021-04-25 16:21 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole32.tlb 2021-04-25 16:21 - 2021-04-25 16:21 - 000004675 _____ C:\WINDOWS\SysWOW64\wsmanconfig_schema.xml 2021-04-25 16:21 - 2021-04-25 16:21 - 000004675 _____ C:\WINDOWS\system32\wsmanconfig_schema.xml 2021-04-25 16:21 - 2021-04-25 16:21 - 000004148 _____ C:\WINDOWS\system32\psmodulediscoveryprovider.mof 2021-04-25 16:21 - 2021-04-25 16:21 - 000003944 _____ C:\WINDOWS\system32\DetailedReading-Default.xml 2021-04-25 16:21 - 2021-04-25 16:21 - 000003666 _____ C:\WINDOWS\system32\sysprtj.sep 2021-04-25 16:21 - 2021-04-25 16:21 - 000003317 _____ C:\WINDOWS\system32\sysprint.sep 2021-04-25 16:21 - 2021-04-25 16:21 - 000003224 _____ C:\WINDOWS\system32\AppxProvisioning.xml 2021-04-25 16:21 - 2021-04-25 16:21 - 000002426 _____ C:\WINDOWS\SysWOW64\WsmTxt.xsl 2021-04-25 16:21 - 2021-04-25 16:21 - 000002426 _____ C:\WINDOWS\system32\WsmTxt.xsl 2021-04-25 16:21 - 2021-04-25 16:21 - 000002404 _____ C:\WINDOWS\system32\WimBootCompress.ini 2021-04-25 16:21 - 2021-04-25 16:21 - 000001820 _____ C:\WINDOWS\system32\rasctrnm.h 2021-04-25 16:21 - 2021-04-25 16:21 - 000001688 _____ C:\WINDOWS\system32\TransformPPSToWlanCredentials.xslt 2021-04-25 16:21 - 2021-04-25 16:21 - 000001673 _____ C:\WINDOWS\system32\tcpbidi.xml 2021-04-25 16:21 - 2021-04-25 16:21 - 000001559 _____ C:\WINDOWS\SysWOW64\WsmPty.xsl 2021-04-25 16:21 - 2021-04-25 16:21 - 000001559 _____ C:\WINDOWS\system32\WsmPty.xsl 2021-04-25 16:21 - 2021-04-25 16:21 - 000001369 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2021-04-25 16:21 - 2021-04-25 16:21 - 000001281 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk 2021-04-25 16:21 - 2021-04-25 16:21 - 000000724 _____ C:\WINDOWS\system32\wpr.config.xml 2021-04-25 16:21 - 2021-04-25 16:21 - 000000714 _____ C:\WINDOWS\system32\RestartManager.mof 2021-04-25 16:21 - 2021-04-25 16:21 - 000000670 ___RH C:\WINDOWS\WindowsShell.Manifest 2021-04-25 16:21 - 2021-04-25 16:21 - 000000614 _____ C:\WINDOWS\system32\WdsUnattendTemplate.xml 2021-04-25 16:21 - 2021-04-25 16:21 - 000000407 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk 2021-04-25 16:21 - 2021-04-25 16:21 - 000000176 _____ C:\WINDOWS\system32\RestartManagerUninstall.mof 2021-04-25 16:21 - 2021-04-25 16:21 - 000000150 _____ C:\WINDOWS\system32\pcl.sep 2021-04-25 16:21 - 2021-04-25 16:21 - 000000051 _____ C:\WINDOWS\system32\pscript.sep 2021-04-25 16:21 - 2021-04-25 16:21 - 000000033 _____ C:\WINDOWS\SysWOW64\winrm.cmd 2021-04-25 16:21 - 2021-04-25 16:21 - 000000033 _____ C:\WINDOWS\system32\winrm.cmd 2021-04-25 16:20 - 2021-04-25 16:20 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin 2021-04-25 16:20 - 2021-04-25 16:20 - 003440660 _____ C:\WINDOWS\system32\Drivers\gm.dls 2021-04-25 16:20 - 2021-04-25 16:20 - 003436320 _____ (Marvell Semiconductor Inc.) C:\WINDOWS\system32\Drivers\evbda.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 003418912 _____ (QLogic Corporation) C:\WINDOWS\system32\Drivers\evbd0a.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 001849632 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4vx64.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 001131296 _____ (PMC-Sierra) C:\WINDOWS\system32\Drivers\adp80xx.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 001127200 _____ (Mellanox) C:\WINDOWS\system32\Drivers\mlx4_bus.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000880416 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAVC.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000745552 _____ C:\WINDOWS\system32\DynamicLong.bin 2021-04-25 16:20 - 2021-04-25 16:20 - 000571680 _____ (LSI Corporation, Inc.) C:\WINDOWS\system32\Drivers\megasr.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000554784 _____ (Mellanox) C:\WINDOWS\system32\Drivers\ibbus.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000529696 _____ (QLogic Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000515152 _____ C:\WINDOWS\system32\DynamicMedium.bin 2021-04-25 16:20 - 2021-04-25 16:20 - 000483328 _____ C:\WINDOWS\system32\ssdm.dll 2021-04-25 16:20 - 2021-04-25 16:20 - 000407840 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorV.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-04-25 16:20 - 2021-04-25 16:20 - 000323152 _____ C:\WINDOWS\system32\DynamicShort.bin 2021-04-25 16:20 - 2021-04-25 16:20 - 000315680 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4sx64.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000301344 _____ (VIA Corporation) C:\WINDOWS\system32\Drivers\VSTXRAID.SYS 2021-04-25 16:20 - 2021-04-25 16:20 - 000286720 _____ C:\WINDOWS\system32\Microsoft.Bluetooth.Audio.dll 2021-04-25 16:20 - 2021-04-25 16:20 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv 2021-04-25 16:20 - 2021-04-25 16:20 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll 2021-04-25 16:20 - 2021-04-25 16:20 - 000255264 _____ (AMD Technologies Inc.) C:\WINDOWS\system32\Drivers\amdsbs.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000212992 _____ C:\WINDOWS\system32\IHDS.dll 2021-04-25 16:20 - 2021-04-25 16:20 - 000205600 _____ (Microsemi Corportation) C:\WINDOWS\system32\Drivers\SmartSAMD.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000177664 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_GLK.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000177152 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_CNL.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000175104 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_BXT_P.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000172832 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\ItSas35i.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000171520 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000162592 _____ (VIA Technologies Inc.,Ltd) C:\WINDOWS\system32\Drivers\vsmraid.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000162080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstor.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000149056 _____ C:\WINDOWS\system32\LargeRoom.bin 2021-04-25 16:20 - 2021-04-25 16:20 - 000146208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvraid.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000143360 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2021-04-25 16:20 - 2021-04-25 16:20 - 000142112 _____ (Mellanox) C:\WINDOWS\system32\Drivers\ndfltr.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000140064 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4dx64.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000138092 _____ C:\WINDOWS\system32\AverageRoom.bin 2021-04-25 16:20 - 2021-04-25 16:20 - 000133408 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\lsi_sas3i.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000127776 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arcsas.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000120096 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas2i.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000113152 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000112128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_CNL.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000110036 _____ C:\WINDOWS\system32\MediumRoom.bin 2021-04-25 16:20 - 2021-04-25 16:20 - 000108320 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleSSD.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000106496 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2021-04-25 16:20 - 2021-04-25 16:20 - 000104736 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000103200 _____ (LSI) C:\WINDOWS\system32\Drivers\3ware.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000096256 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_GLK.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000096032 _____ (Broadcom Inc) C:\WINDOWS\system32\Drivers\megasas35i.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000093184 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_BXT_P.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000091136 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\iai2c.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000090112 _____ C:\WINDOWS\system32\WwanPrfl.dll 2021-04-25 16:20 - 2021-04-25 16:20 - 000083232 _____ (Broadcom Limited) C:\WINDOWS\system32\Drivers\mpi3drvi.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000081920 ____R (Realtek) C:\WINDOWS\system32\Drivers\rteth.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000079360 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000079136 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdsata.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000077600 _____ (Silicon Integrated Systems) C:\WINDOWS\system32\Drivers\sisraid4.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000076576 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000069788 _____ C:\WINDOWS\system32\SmallRoom.bin 2021-04-25 16:20 - 2021-04-25 16:20 - 000068896 _____ (Mellanox) C:\WINDOWS\system32\Drivers\winverbs.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000064288 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\percsas3i.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000062328 _____ (Microsoft Corporation) C:\WINDOWS\system32\msgsm32.acm 2021-04-25 16:20 - 2021-04-25 16:20 - 000060192 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\Drivers\HpSAMD.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000059680 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvumis.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000058192 _____ (Microsoft Corporation) C:\WINDOWS\system32\imaadp32.acm 2021-04-25 16:20 - 2021-04-25 16:20 - 000054560 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\percsas2i.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000054064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msadp32.acm 2021-04-25 16:20 - 2021-04-25 16:20 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv 2021-04-25 16:20 - 2021-04-25 16:20 - 000045800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg711.acm 2021-04-25 16:20 - 2021-04-25 16:20 - 000045568 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdi2c.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000040784 _____ C:\WINDOWS\system32\OutdoorAudioEnvironment.bin 2021-04-25 16:20 - 2021-04-25 16:20 - 000040736 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\Drivers\sisraid2.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000038128 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000036352 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\iagpio.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-04-25 16:20 - 2021-04-25 16:20 - 000032032 _____ (Mellanox) C:\WINDOWS\system32\Drivers\winmad.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb 2021-04-25 16:20 - 2021-04-25 16:20 - 000028672 _____ (Chelsio Communications) C:\WINDOWS\system32\Drivers\cht4vfx.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000026912 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\stexstor.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000022816 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdxata.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000018432 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio2.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000009728 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\bcmfn2.sys 2021-04-25 16:20 - 2021-04-25 16:20 - 000000646 _____ C:\WINDOWS\system32\Drivers\gmreadme.txt 2021-04-25 16:15 - 2021-05-08 22:59 - 107479040 _____ C:\WINDOWS\system32\config\SOFTWARE 2021-04-25 16:15 - 2021-05-08 22:59 - 023592960 _____ C:\WINDOWS\system32\config\SYSTEM 2021-04-25 16:15 - 2021-05-08 22:59 - 002883584 _____ C:\WINDOWS\system32\config\DEFAULT 2021-04-25 16:15 - 2021-05-08 22:59 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-04-25 16:15 - 2021-05-08 22:59 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY 2021-04-25 16:15 - 2021-05-08 22:59 - 000065536 _____ C:\WINDOWS\system32\config\SAM 2021-04-25 16:15 - 2021-05-08 10:46 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-04-25 16:15 - 2021-05-07 22:20 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-25 16:15 - 2021-05-04 04:18 - 000000000 ____D C:\WINDOWS\servicing 2021-04-25 16:15 - 2021-04-25 16:44 - 000000000 ____D C:\WINDOWS\system32\SMI 2021-04-25 04:48 - 2021-04-25 04:48 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000023-000000.txt 2021-04-23 03:59 - 2021-04-23 03:59 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000022-000000.txt 2021-04-21 16:59 - 2021-04-21 16:59 - 000342849 _____ C:\Users\91709\Downloads\WhatsApp Image 2021-03-30 at 9.19.28 AM (4).jpeg 2021-04-21 16:59 - 2021-04-21 16:59 - 000307231 _____ C:\Users\91709\Downloads\WhatsApp Image 2021-03-30 at 9.19.27 AM (1).jpeg 2021-04-21 16:59 - 2021-04-21 16:59 - 000235218 _____ C:\Users\91709\Downloads\WhatsApp Image 2021-03-30 at 9.19.28 AM (3) (1).jpeg 2021-04-21 16:59 - 2021-04-21 16:59 - 000104973 _____ C:\Users\91709\Downloads\WhatsApp Image 2021-03-30 at 9.19.28 AM (1) (1).jpeg 2021-04-19 01:01 - 2021-04-12 13:11 - 001851632 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-04-19 01:01 - 2021-04-12 13:11 - 001851632 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-04-19 01:01 - 2021-04-12 13:11 - 001432336 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-04-19 01:01 - 2021-04-12 13:11 - 001432336 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-04-19 01:01 - 2021-04-12 13:11 - 001094336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 001094336 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 000948416 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 000948416 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 000606208 _____ C:\WINDOWS\system32\ze_tracing_layer.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 000421880 _____ C:\WINDOWS\system32\ze_loader.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 000299024 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 000246888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 000163600 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 000139104 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll 2021-04-19 01:01 - 2021-04-12 13:11 - 000137752 _____ C:\WINDOWS\system32\ze_validation_layer.dll 2021-04-19 01:01 - 2021-04-12 13:10 - 026663928 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll 2021-04-19 01:01 - 2021-04-12 13:10 - 013491192 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll 2021-04-19 01:01 - 2021-04-12 13:09 - 000335880 _____ C:\WINDOWS\system32\ControlLib.dll 2021-04-17 14:45 - 2021-05-01 14:11 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2021-04-17 14:39 - 2021-04-17 14:39 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\HanjaDS.dll 2021-04-17 02:40 - 2021-05-08 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2021-04-17 02:40 - 2021-04-17 02:40 - 000000000 ____D C:\Users\91709\AppData\Roaming\Sun 2021-04-17 02:40 - 2021-04-17 02:40 - 000000000 ____D C:\Users\91709\AppData\LocalLow\Sun 2021-04-17 02:39 - 2021-05-08 10:20 - 000000000 ____D C:\Program Files (x86)\Java 2021-04-17 02:38 - 2021-04-17 02:38 - 002079880 _____ (Oracle Corporation) C:\Users\91709\Downloads\JavaSetup8u281.exe 2021-04-17 02:35 - 2021-04-17 02:36 - 010129920 _____ C:\Users\91709\Downloads\multidoge-0.1.7-windows-setup.exe 2021-04-13 21:58 - 2021-05-01 00:47 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-13 21:58 - 2021-05-01 00:47 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-04-13 21:58 - 2021-05-01 00:47 - 000002210 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-04-13 21:58 - 2021-04-13 21:58 - 000000000 ____D C:\Program Files\Google 2021-04-13 21:57 - 2021-04-13 21:57 - 001304160 _____ (Google LLC) C:\Users\91709\Downloads\ChromeSetup.exe 2021-04-12 13:14 - 2021-04-12 13:14 - 003927759 _____ C:\Users\91709\Desktop\dinesh.ai 2021-04-10 23:57 - 2021-04-10 23:57 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000021-000000.txt 2021-04-10 21:57 - 2021-04-10 21:57 - 004568901 _____ C:\Users\91709\Desktop\telavarithe.ai 2021-04-10 09:52 - 2021-04-10 09:52 - 000001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-05-09 02:29 - 2021-04-06 14:09 - 000000000 ____D C:\FRST 2021-05-09 02:28 - 2019-08-10 02:55 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services 2021-05-09 02:28 - 2019-08-10 02:50 - 000000000 ____D C:\ProgramData\NVIDIA 2021-05-09 02:26 - 2019-09-18 13:29 - 000000000 __SHD C:\Users\91709\IntelGraphicsProfiles 2021-05-09 02:26 - 2019-08-10 02:49 - 000000000 ____D C:\Intel 2021-05-09 01:16 - 2019-09-18 21:57 - 000000000 ____D C:\Users\91709\Documents\Adobe 2021-05-09 01:16 - 2019-09-18 13:29 - 000000000 ____D C:\Users\91709\AppData\Roaming\Adobe 2021-05-09 01:01 - 2019-09-19 19:59 - 000000000 ____D C:\Users\91709\AppData\Local\CrashDumps 2021-05-09 00:59 - 2019-09-27 23:57 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2021-05-09 00:59 - 2019-09-27 23:57 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData 2021-05-09 00:53 - 2019-09-18 21:12 - 000000000 ____D C:\Program Files\Adobe 2021-05-08 20:44 - 2021-02-09 21:50 - 000000000 ____D C:\Users\91709\AppData\LocalLow\Temp 2021-05-08 20:39 - 2019-09-18 13:29 - 000000000 ____D C:\Users\91709\AppData\Local\Packages 2021-05-08 19:19 - 2021-04-06 14:15 - 000092583 _____ C:\Users\91709\Downloads\Addition.txt 2021-05-08 19:19 - 2021-04-06 14:10 - 000137333 _____ C:\Users\91709\Downloads\FRST.txt 2021-05-08 10:03 - 2019-09-29 19:00 - 000000000 ____D C:\Program Files (x86)\Red Giant Link 2021-05-08 07:04 - 2019-09-18 21:08 - 000000000 ____D C:\ProgramData\Adobe 2021-05-08 05:04 - 2019-09-18 13:29 - 000000000 ____D C:\Users\91709\AppData\Local\VirtualStore 2021-05-08 04:57 - 2019-08-10 02:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-05-08 02:46 - 2021-02-13 10:26 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-08 02:46 - 2021-02-13 10:26 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-05-08 02:46 - 2021-02-13 10:26 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-05-06 17:33 - 2019-08-10 03:16 - 000000000 ____D C:\ProgramData\Packages 2021-05-04 19:14 - 2019-08-10 03:07 - 000000000 ____D C:\Program Files\Microsoft Office 2021-05-04 00:58 - 2019-09-18 21:14 - 000000000 ____D C:\Program Files\Common Files\Adobe 2021-05-04 00:53 - 2021-03-27 06:50 - 000000000 ____D C:\Users\91709\AppData\Local\D3DSCache 2021-05-03 19:43 - 2021-02-24 11:08 - 000000000 ___HD C:\OneDriveTemp 2021-05-03 19:43 - 2019-09-18 13:31 - 000000000 ___RD C:\Users\91709\OneDrive 2021-05-02 18:47 - 2019-10-12 20:51 - 000000510 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2021-05-01 14:11 - 2021-02-13 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line 2021-05-01 14:11 - 2021-01-10 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magnet_Tree_Model_Pack_V1.0 2021-05-01 14:11 - 2020-10-12 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software 2021-05-01 14:11 - 2020-09-12 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2021-05-01 14:11 - 2020-05-30 09:56 - 000000000 ____D C:\Program Files\UNP 2021-05-01 14:11 - 2020-01-05 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant 2021-05-01 14:11 - 2020-01-05 17:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2021-05-01 14:11 - 2019-10-29 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2021-05-01 14:11 - 2019-09-19 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-05-01 14:11 - 2019-08-10 03:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-05-01 14:11 - 2019-08-10 02:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2021-05-01 14:11 - 2019-08-10 02:54 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles 2021-05-01 14:11 - 2019-08-10 02:45 - 000000000 ____D C:\Program Files\Intel 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\ta-lk 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\ta-in 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\si-lk 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\my-mm 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN 2021-05-01 14:11 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\am-et 2021-05-01 14:09 - 2021-03-16 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7Launcher 2021-05-01 14:09 - 2020-08-15 01:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro 2021-05-01 14:09 - 2019-09-19 19:27 - 000000000 ____D C:\WINDOWS\Firmware 2021-05-01 14:09 - 2019-08-10 02:50 - 000000000 ____D C:\WINDOWS\system32\Intel 2021-05-01 00:49 - 2019-08-10 02:55 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-05-01 00:46 - 2020-10-16 13:27 - 000026972 _____ C:\WINDOWS\system32\emptyregdb.dat 2021-05-01 00:44 - 2020-06-03 15:34 - 000000000 ____D C:\Users\91709\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2021-05-01 00:44 - 2019-09-19 19:39 - 000000000 ____D C:\Users\91709\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2021-05-01 00:43 - 2021-02-13 15:04 - 000000000 ____D C:\Users\91709\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2021-05-01 00:43 - 2021-01-03 18:07 - 000000000 ____D C:\Users\91709\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2021-05-01 00:42 - 2019-08-10 02:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2021-04-25 04:49 - 2020-11-26 02:54 - 000012288 ___SH C:\DumpStack.log.tmp 2021-04-13 21:57 - 2019-09-18 19:31 - 000000000 ____D C:\Program Files (x86)\Google 2021-04-11 16:10 - 2019-09-18 13:37 - 000000000 ____D C:\Users\91709\AppData\Local\PlaceholderTileLogoFolder 2021-04-10 09:52 - 2019-08-10 02:49 - 000000000 ____D C:\ProgramData\Package Cache 2021-04-10 09:52 - 2019-08-10 02:49 - 000000000 ____D C:\Program Files (x86)\Intel 2021-04-09 09:25 - 2019-08-10 02:50 - 000000000 ____D C:\ProgramData\Goodix ==================== Files in the root of some directories ======== 2019-12-09 22:14 - 2020-02-21 22:14 - 000000028 _____ () C:\Users\91709\AppData\Roaming\kulerdata.json 2021-02-05 23:20 - 2021-03-16 14:11 - 000000015 _____ () C:\Users\91709\AppData\Roaming\obs-virtualcam.txt 2019-09-30 00:31 - 2020-10-30 01:26 - 000001456 _____ () C:\Users\91709\AppData\Local\Adobe Save for Web 13.0 Prefs 2019-09-18 21:08 - 2019-09-18 21:08 - 000000410 _____ () C:\Users\91709\AppData\Local\oobelibMkey.log 2019-10-29 22:29 - 2020-03-11 03:21 - 000000128 _____ () C:\Users\91709\AppData\Local\PUTTY.RND 2021-01-11 19:30 - 2021-01-11 19:30 - 000000000 _____ () C:\Users\91709\AppData\Local\{B00A94DF-388B-457E-9E0B-806793A44751} ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================