Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-07-2021 Ran by hotoo (administrator) on HELZCOMPUTER (LENOVO 3369A62) (03-07-2021 15:00:19) Running from C:\Users\hotoo\Desktop Loaded Profiles: hotoo Platform: Windows 10 Home Version 21H1 19043.1081 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj\TranslucentTB\TranslucentTB.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D823B85-E584-4C2F-90CB-4B33DEEEE489} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-289658593-2826232128-3048907409-1001_0 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [421376 2021-07-03] (Microsoft Windows -> Microsoft Corporation) Task: {342EE708-622D-4142-8985-BDA02E452AC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-07-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6D7960B6-923C-4895-89C5-68067841979F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-07-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {83495084-EB43-44C6-AF0D-91FDEDFC676E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-23] (Mozilla Corporation -> Mozilla Foundation) Task: {83F8926E-75A8-4EEA-B156-06D852F5CA04} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-07-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {918C16C6-D394-4305-915D-0FF2886E4D65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-07-03] (Microsoft Windows Publisher -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{9d9da3ca-fcce-4754-99e0-bcff502e81e6}: [DhcpNameServer] 10.0.0.138 Edge: ======= Edge Profile: C:\Users\hotoo\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-03] FireFox: ======== FF DefaultProfile: at99ql4x.default FF ProfilePath: C:\Users\hotoo\AppData\Roaming\Mozilla\Firefox\Profiles\at99ql4x.default [2021-07-02] FF ProfilePath: C:\Users\hotoo\AppData\Roaming\Mozilla\Firefox\Profiles\evtn2hlr.default-release [2021-07-03] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-07-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-07-03] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 1121B268; C:\WINDOWS\System32\drivers\1121B268.sys [255928 2021-07-03] (Malwarebytes Corporation -> Malwarebytes) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-07-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-07-03] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-07-03] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-07-03 15:32 - 2021-07-03 14:12 - 072089600 _____ C:\WINDOWS\system32\config\SOFTWARE 2021-07-03 15:09 - 2021-07-03 15:32 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2021-07-03 15:04 - 2021-07-03 15:04 - 002093656 _____ (Malwarebytes) C:\Users\hotoo\Downloads\MBSetup.exe 2021-07-03 14:57 - 2021-07-03 15:02 - 000000000 ____D C:\FRST 2021-07-03 14:55 - 2021-07-03 14:55 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-289658593-2826232128-3048907409-1001_0 2021-07-03 14:22 - 2021-07-03 14:22 - 000000000 ___HD C:\OneDriveTemp 2021-07-03 14:01 - 2021-07-03 14:47 - 000000000 __SHD C:\Users\hotoo\IntelGraphicsProfiles 2021-07-03 14:01 - 2021-07-03 14:40 - 000000000 ____D C:\Users\hotoo\AppData\Local\Packages 2021-07-03 14:01 - 2021-07-03 14:40 - 000000000 ____D C:\ProgramData\Packages 2021-07-03 14:01 - 2021-07-03 14:01 - 000000000 ___RD C:\Users\hotoo\3D Objects 2021-07-03 14:01 - 2021-07-03 14:01 - 000000000 ____D C:\Users\hotoo\AppData\Roaming\Adobe 2021-07-03 14:01 - 2021-07-03 14:01 - 000000000 ____D C:\Users\hotoo\AppData\Local\VirtualStore 2021-07-03 14:01 - 2021-07-03 14:01 - 000000000 ____D C:\Users\hotoo\AppData\Local\Publishers 2021-07-03 14:01 - 2021-07-02 21:04 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-07-03 14:00 - 2021-07-03 14:00 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-07-03 14:00 - 2021-07-02 21:35 - 000000000 ____D C:\Users\hotoo\AppData\Local\ConnectedDevicesPlatform 2021-07-03 13:57 - 2021-07-03 14:26 - 000000000 ____D C:\Users\hotoo 2021-07-03 13:57 - 2021-07-03 13:57 - 000000020 ___SH C:\Users\hotoo\ntuser.ini 2021-07-03 13:27 - 2021-07-03 13:27 - 000000000 ____H C:\Users\hotoo\Documents\Default.rdp 2021-07-03 13:25 - 2021-07-03 13:26 - 005198336 _____ (AVAST Software) C:\Users\hotoo\Desktop\aswMBR.exe 2021-07-03 13:14 - 2021-07-03 13:14 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-07-03 13:13 - 2021-07-03 13:13 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1121B268.sys 2021-07-03 13:12 - 2021-07-03 13:53 - 000000000 ____D C:\Users\hotoo\Desktop\mbar 2021-07-03 13:12 - 2021-07-03 13:53 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2021-07-03 13:12 - 2021-07-03 13:12 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2021-07-03 13:10 - 2021-07-03 13:11 - 014178840 _____ (Malwarebytes Corp.) C:\Users\hotoo\Desktop\mbar-1.10.3.1001.exe 2021-07-03 12:41 - 2021-07-03 12:41 - 000114176 _____ (bartblaze) C:\Users\hotoo\Desktop\Rem-VBSworm.exe 2021-07-03 12:37 - 2021-07-03 14:51 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-07-03 12:34 - 2021-07-03 12:34 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2021-07-03 12:34 - 2021-07-03 12:34 - 000000000 ____D C:\Program Files\McAfee 2021-07-03 12:32 - 2021-07-03 12:32 - 000000000 _SHDL C:\Users\Default User 2021-07-03 12:32 - 2021-07-03 12:32 - 000000000 _SHDL C:\Users\All Users 2021-07-03 12:32 - 2021-07-03 12:32 - 000000000 _SHDL C:\Documents and Settings 2021-07-03 12:26 - 2021-07-03 12:48 - 000000000 ____D C:\Program Files (x86)\stinger 2021-07-03 12:25 - 2021-07-02 22:21 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-03 12:25 - 2021-07-02 22:21 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-07-03 12:25 - 2021-07-02 22:21 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-07-03 12:24 - 2021-07-03 12:24 - 000000000 ____D C:\Program Files\Intel 2021-07-03 12:24 - 2021-07-03 12:24 - 000000000 ____D C:\Intel 2021-07-03 12:24 - 2015-07-30 22:45 - 000072688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2021-07-03 12:24 - 2015-07-30 22:45 - 000069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2021-07-03 12:21 - 2021-07-03 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-07-03 12:21 - 2021-07-03 11:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-07-03 12:20 - 2021-07-03 14:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-07-03 12:20 - 2021-07-03 12:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2021-07-03 12:20 - 2021-07-03 04:36 - 000258688 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-07-03 12:20 - 2021-07-02 21:43 - 000008192 ___SH C:\DumpStack.log.tmp 2021-07-03 06:17 - 2021-07-03 06:30 - 000020894 _____ C:\Users\hotoo\Desktop\Addition.txt 2021-07-03 06:07 - 2021-07-03 15:03 - 000006256 _____ C:\Users\hotoo\Desktop\FRST.txt 2021-07-03 06:05 - 2021-07-03 06:24 - 000000000 ____D C:\Users\hotoo\Desktop\FRST 2021-07-03 06:03 - 2021-07-03 06:03 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2021-07-03 06:03 - 2021-07-03 06:03 - 000001149 _____ C:\ProgramData\Desktop\Oracle VM VirtualBox.lnk 2021-07-03 06:03 - 2021-07-03 06:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2021-07-03 06:03 - 2021-07-03 06:03 - 000000000 ____D C:\Program Files\Oracle 2021-07-03 06:03 - 2021-04-28 14:27 - 000187648 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys 2021-07-03 06:03 - 2021-04-28 14:26 - 001038080 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys 2021-07-03 06:01 - 2021-07-03 06:02 - 002300416 _____ (Farbar) C:\Users\hotoo\Desktop\FRST64.exe 2021-07-03 05:52 - 2021-07-03 06:00 - 261515264 _____ C:\Users\hotoo\Downloads\kali-linux-2021.2-installer-amd64.iso 2021-07-03 05:50 - 2021-07-03 05:50 - 108114104 _____ (Oracle Corporation) C:\Users\hotoo\Downloads\VirtualBox-6.1.22-144080-Win.exe 2021-07-03 04:38 - 2021-07-03 04:38 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-07-03 04:38 - 2021-07-03 04:38 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-07-03 04:10 - 2021-07-03 04:10 - 000000000 ____D C:\Users\hotoo\AppData\Local\Sysinternals 2021-07-03 04:08 - 2021-07-03 04:08 - 001029520 _____ (Sysinternals - www.sysinternals.com) C:\Users\hotoo\Downloads\Tcpview.exe 2021-07-03 04:07 - 2021-07-03 04:07 - 001801526 _____ C:\Users\hotoo\Downloads\TCPView.zip 2021-07-03 03:27 - 2021-07-03 03:27 - 000000000 ____D C:\Users\hotoo\AppData\Local\ElevatedDiagnostics 2021-07-03 01:27 - 2021-07-03 01:27 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-07-03 01:25 - 2021-07-03 01:25 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-07-03 01:24 - 2021-07-03 01:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-07-03 01:24 - 2021-07-03 01:24 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-07-03 01:24 - 2021-07-03 01:24 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-07-03 01:23 - 2021-07-03 01:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-07-03 01:23 - 2021-07-03 01:23 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-07-03 01:23 - 2021-07-03 01:23 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-07-03 01:23 - 2021-07-03 01:23 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-07-03 01:22 - 2021-07-03 01:22 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-07-03 01:22 - 2021-07-03 01:22 - 000011333 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-07-03 01:20 - 2021-07-03 01:20 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-07-03 01:20 - 2021-07-03 01:20 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-07-03 01:19 - 2021-07-03 01:19 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-07-03 01:19 - 2021-07-03 01:19 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-07-03 01:19 - 2021-07-03 01:19 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-07-03 01:16 - 2021-07-03 01:16 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-07-03 01:16 - 2021-07-03 01:16 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-07-03 01:16 - 2021-07-03 01:16 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-07-03 01:15 - 2021-07-03 01:15 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-07-03 01:14 - 2021-07-03 01:14 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-07-03 01:14 - 2021-07-03 01:14 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-07-03 01:14 - 2021-07-03 01:14 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-07-03 01:13 - 2021-07-03 01:13 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-07-03 01:13 - 2021-07-03 01:13 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-07-03 01:12 - 2021-07-03 01:12 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-07-03 01:12 - 2021-07-03 01:12 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-07-03 01:12 - 2021-07-03 01:12 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-07-03 00:17 - 2021-07-03 00:17 - 000000000 ____D C:\Users\hotoo\Documents\Security 2021-07-02 23:46 - 2021-07-02 23:46 - 000000164 _____ C:\Users\hotoo\Documents\share.txt 2021-07-02 23:36 - 2021-07-02 23:36 - 000000000 ____D C:\Users\hotoo\Documents\VlcpVideoV1.0.1 2021-07-02 23:32 - 2021-07-02 23:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-07-02 23:22 - 2021-07-02 23:22 - 000000000 ____D C:\Users\hotoo\AppData\Local\Comms 2021-07-02 22:50 - 2021-07-03 14:49 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2021-07-02 22:50 - 2021-07-02 22:50 - 000000000 ___RD C:\Users\Default\OneDrive 2021-07-02 22:30 - 2021-07-02 22:30 - 000000000 ____D C:\Users\hotoo\AppData\Local\OneDrive 2021-07-02 22:00 - 2021-07-02 22:03 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-07-02 21:55 - 2021-07-03 14:57 - 000000000 ____D C:\Users\hotoo\AppData\LocalLow\Mozilla 2021-07-02 21:55 - 2021-07-02 21:55 - 000000000 ____D C:\Users\hotoo\AppData\Roaming\Mozilla 2021-07-02 21:55 - 2021-07-02 21:55 - 000000000 ____D C:\Users\hotoo\AppData\Local\Mozilla 2021-07-02 21:52 - 2021-07-03 14:50 - 000000000 ___RD C:\Users\hotoo\OneDrive 2021-07-02 21:51 - 2021-07-03 14:39 - 000000000 ____D C:\Users\hotoo\AppData\Local\PlaceholderTileLogoFolder 2021-07-02 21:51 - 2021-07-02 21:51 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-07-02 21:51 - 2021-07-02 21:51 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk 2021-07-02 21:51 - 2021-07-02 21:51 - 000000993 _____ C:\ProgramData\Desktop\Firefox.lnk 2021-07-02 21:51 - 2021-07-02 21:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-07-02 21:50 - 2021-07-03 14:59 - 000000000 ____D C:\ProgramData\Mozilla 2021-07-02 21:50 - 2021-07-02 21:51 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-07-02 21:50 - 2021-07-02 21:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-07-02 21:49 - 2021-07-02 21:50 - 055526992 _____ (Mozilla) C:\Users\hotoo\Downloads\mozilla-firefox-89-0-2.exe 2021-07-02 21:39 - 2021-07-02 21:39 - 000000000 ___HD C:\$WinREAgent 2021-07-02 21:07 - 2021-07-02 21:07 - 000000000 ____D C:\Users\hotoo\Documents\FeedbackHub 2021-07-02 21:06 - 2021-07-02 21:06 - 000000000 ____D C:\Users\Public\Documents\MDMDiagnostics 2021-07-02 21:06 - 2021-07-02 21:06 - 000000000 ____D C:\ProgramData\Documents\MDMDiagnostics 2021-07-02 21:04 - 2021-07-02 21:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2021-06-22 00:38 - 2021-07-03 12:34 - 000000000 ____D C:\WINDOWS\Panther 2021-06-22 00:36 - 2021-06-22 00:36 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2021-06-22 00:35 - 2021-07-03 12:35 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2021-06-22 00:35 - 2021-07-03 04:20 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-06-22 00:35 - 2021-06-22 00:35 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2021-06-22 00:35 - 2021-06-22 00:35 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2021-06-22 00:35 - 2021-06-22 00:35 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2021-06-22 00:35 - 2021-06-22 00:35 - 000000000 ____D C:\WINDOWS\Setup 2021-06-22 00:35 - 2021-06-22 00:35 - 000000000 ____D C:\WINDOWS\OCR 2021-06-22 00:35 - 2021-06-22 00:35 - 000000000 ____D C:\WINDOWS\addins 2021-06-22 00:35 - 2021-06-22 00:35 - 000000000 ____D C:\ProgramData\ssh 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\SysWOW64\0409 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\system32\winrm 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\system32\WCN 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\system32\slmgr 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\system32\0409 2021-06-22 00:34 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\DigitalLocker 2021-06-22 00:28 - 2021-07-03 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-06-22 00:28 - 2021-07-03 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-06-22 00:28 - 2021-07-03 14:39 - 000000000 ___HD C:\Program Files\WindowsApps 2021-06-22 00:28 - 2021-07-03 13:53 - 000000000 ____D C:\ProgramData\USOPrivate 2021-06-22 00:28 - 2021-07-03 13:05 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile 2021-06-22 00:28 - 2021-07-03 12:35 - 000000000 ____D C:\WINDOWS\system32\spool 2021-06-22 00:28 - 2021-07-03 12:26 - 000000000 ___RD C:\Program Files (x86) 2021-06-22 00:28 - 2021-07-03 12:23 - 000000000 ____D C:\WINDOWS\appcompat 2021-06-22 00:28 - 2021-07-03 11:59 - 000000000 ____D C:\Program Files\Windows Defender 2021-06-22 00:28 - 2021-07-03 05:27 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-06-22 00:28 - 2021-07-03 05:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2021-06-22 00:28 - 2021-07-03 04:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-06-22 00:28 - 2021-07-03 04:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-06-22 00:28 - 2021-07-03 04:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-06-22 00:28 - 2021-07-03 04:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-06-22 00:28 - 2021-07-03 04:22 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-06-22 00:28 - 2021-07-03 04:21 - 000000000 ____D C:\WINDOWS\SystemResources 2021-06-22 00:28 - 2021-07-03 04:21 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-06-22 00:28 - 2021-07-03 04:21 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-06-22 00:28 - 2021-07-03 04:20 - 000000000 ____D C:\WINDOWS\system32\setup 2021-06-22 00:28 - 2021-07-03 04:20 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-06-22 00:28 - 2021-07-03 04:20 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-06-22 00:28 - 2021-07-03 04:20 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-06-22 00:28 - 2021-07-03 04:17 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-06-22 00:28 - 2021-07-03 04:17 - 000000000 ____D C:\WINDOWS\Provisioning 2021-06-22 00:28 - 2021-07-03 04:17 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-06-22 00:28 - 2021-07-03 04:17 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-06-22 00:28 - 2021-07-03 04:17 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-06-22 00:28 - 2021-07-02 22:20 - 000000000 ____D C:\WINDOWS\ServiceState 2021-06-22 00:28 - 2021-06-22 00:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2021-06-22 00:28 - 2021-06-22 00:35 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ___SD C:\WINDOWS\system32\dsc 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\system32\MUI 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\system32\Com 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\IME 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\WINDOWS\Help 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\Program Files\Windows NT 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\Program Files\Common Files\System 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\Program Files (x86)\Windows NT 2021-06-22 00:28 - 2021-06-22 00:34 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-06-22 00:28 - 2021-06-22 00:29 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2021-06-22 00:28 - 2021-06-22 00:29 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-06-22 00:28 - 2021-06-22 00:29 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2021-06-22 00:28 - 2021-06-22 00:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-06-22 00:28 - 2021-06-22 00:29 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2021-06-22 00:28 - 2021-06-22 00:29 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2021-06-22 00:28 - 2021-06-22 00:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2021-06-22 00:28 - 2021-06-22 00:29 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 __SHD C:\Program Files\Windows Sidebar 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 __RSD C:\WINDOWS\Media 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 __RHD C:\Users\Public\Libraries 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ___SD C:\WINDOWS\system32\Nui 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\Web 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\WaaS 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\Vss 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\tracing 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\TAPI 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SystemApps 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\winevt 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\ti-et 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\ta-lk 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\ta-in 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\si-lk 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\ras 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\ProximityToast 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\PointOfService 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\my-mm 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\Ipmi 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\IME 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\icsxml 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\ias 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\DriverState 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\downlevel 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\config\TxR 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\config\RegBack 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\config\Journal 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\am-et 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\System 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SKB 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\security 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\schemas 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\SchCache 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\Resources 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\rescache 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\Registration 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\PLA 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\Performance 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\ModemLogs 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\L2Schemas 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\InputMethod 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\IdentityCRL 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\Globalization 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\ELAMBKUP 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\Cursors 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\Containers 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\Branding 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\ProgramData\USOShared 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\Program Files\Windows Security 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\Program Files\Windows Portable Devices 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\Program Files\ModifiableWindowsApps 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\Program Files\Common Files\Services 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2021-06-22 00:28 - 2021-06-22 00:28 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2021-06-22 00:28 - 2021-06-22 00:24 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2021-06-22 00:28 - 2021-06-22 00:24 - 000215943 _____ C:\WINDOWS\system32\dssec.dat 2021-06-22 00:28 - 2021-06-22 00:24 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2021-06-22 00:28 - 2021-06-22 00:24 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services 2021-06-22 00:28 - 2021-06-22 00:24 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2021-06-22 00:28 - 2021-06-22 00:24 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config 2021-06-22 00:28 - 2021-06-22 00:24 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config 2021-06-22 00:28 - 2021-06-22 00:24 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2021-06-22 00:28 - 2021-06-22 00:24 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2021-06-22 00:28 - 2021-06-22 00:24 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2021-06-22 00:28 - 2021-06-22 00:24 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT 2021-06-22 00:28 - 2021-06-22 00:24 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2021-06-22 00:28 - 2021-06-22 00:24 - 000000219 _____ C:\WINDOWS\system.ini 2021-06-22 00:28 - 2021-06-22 00:24 - 000000092 _____ C:\WINDOWS\win.ini 2021-06-22 00:26 - 2021-07-03 14:51 - 000000000 ____D C:\WINDOWS\INF 2021-06-22 00:18 - 2021-07-03 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-06-22 00:15 - 2021-07-03 14:12 - 012058624 _____ C:\WINDOWS\system32\config\SYSTEM 2021-06-22 00:15 - 2021-07-03 14:12 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT 2021-06-22 00:15 - 2021-07-03 14:12 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-06-22 00:15 - 2021-07-03 14:12 - 000131072 _____ C:\WINDOWS\system32\config\SAM 2021-06-22 00:15 - 2021-07-03 14:12 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY 2021-06-22 00:15 - 2021-07-03 12:22 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-06-22 00:15 - 2021-07-03 01:48 - 000000000 ____D C:\WINDOWS\servicing 2021-06-22 00:15 - 2021-06-22 00:28 - 000000000 ____D C:\WINDOWS\system32\SMI 2021-06-22 00:13 - 2021-06-22 00:39 - 000000000 ___HD C:\$SysReset ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================