Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Fake Alerts in Browser, Windows Security and Macafee [Solved]

Started by [email protected] , May 28 2019 08:35 PM

  • This topic is locked This topic is locked

#1
[email protected]
Posted 28 May 2019 - 08:35 PM

[email protected]

    Member

  • Member
  • PipPip
  • 19 posts

Please help.  I keep getting Macafee subscription message expired alerts.  I also get Windows security messages that I know are fake.  Something must be on my computer.  Would greatly appreciate any assistance.  Thanks in advance for your time.

 

Regards,

 

Greg M.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05.2019
Ran by metzn (administrator) on DESKTOP-N9EK5G0 (HP HP Pavilion Desktop 590-p0xxx) (28-05-2019 22:25:23)
Running from C:\Users\metzn\Downloads
Loaded Profiles: metzn (Available Profiles: metzn)
Platform: Windows 10 Home (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19051.545.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0330616.inf_amd64_42de07d7f2ccb5d8\B330055\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\SysInfoCap.exe
(HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.35.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\metzn\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BtServer] => "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-17] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [665568 2018-12-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [870368 2018-12-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Winlogon: [Userinit] 
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\...\Run: [EPLTarget\P0000000000000000] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03B49FB4-B007-44D7-B288-EF4F5D397309} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.)
Task: {1061D4CD-49DA-46D4-AA1B-8A003223CFD9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149440 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FA80E56-619B-4ACC-9AD5-78102C320EB5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2E2AB22E-6BE4-4C09-A9AE-3395911FCD5C} - System32\Tasks\EPSON WF-3620 Series Update {4E2A8031-5C38-45AB-AB82-3565B005B4AB} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {3E802BC4-382D-4734-A9D9-7CF1D8EAABC0} - System32\Tasks\EPSON WF-3620 Series Invitation {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {54E7BB4C-328E-4FA5-8AD7-0ED104BC9AB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {635F74BD-D4E0-4B7A-A8AE-1B8202B2708B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {65EA091C-F7A1-41D1-BA1D-6FBF78B2E776} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2194552 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {66F35302-CD19-4015-A4CD-204B28C96D97} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149440 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {67F802E5-7805-43AA-A915-235B24933BDD} - System32\Tasks\EPSON WF-3620 Series Invitation {4E2A8031-5C38-45AB-AB82-3565B005B4AB} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {7631095B-81BD-489B-99FB-F90652AD808B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197064 2019-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C4096DD-2AF7-4530-B140-7653135E1FFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {828CD93C-EC34-48EC-848E-A4E9F99E0CAF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197064 2019-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {87707B01-3BBB-4034-8F5F-09A233C4BAE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-05] (Google Inc -> Google LLC)
Task: {8970602D-2C2A-4294-ADB4-9AFCD4A601F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B91EDF0-61F2-4EAE-A573-F5EC27E61F2E} - System32\Tasks\HPCeeScheduleFormetzn => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {9A9E93FE-75BB-4414-862A-EEE6AC4E59BC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AAC149B-BA26-416C-A05B-C2066E7FE10D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1061240 2019-05-10] (HP Inc. -> HP Inc.)
Task: {9FB99F8C-87B3-49F0-A242-82A321B41FFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-05] (Google Inc -> Google LLC)
Task: {A3FCAF70-DC8E-4438-8059-E7EE8FF075C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1061240 2019-05-10] (HP Inc. -> HP Inc.)
Task: {A8F735A7-BB11-40E3-A837-C00F6D3EF084} - System32\Tasks\EPSON WF-3620 Series Update {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B3234870-7EE0-40A2-A1CE-EAF7A898A014} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC2453F3-E7E1-45DA-BE14-69547D73ADF4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C299CC08-540C-4564-AEF3-19878332C0A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2194552 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAFE52CA-F764-42DD-AEE0-2223EDF419FE} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-06-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F969FE9C-9F4A-4684-9296-78879BE73ED6} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [462696 2018-06-01] (HP Inc. -> HP Inc.)
Task: {FC68E137-CB84-4E4C-A4F0-D19985CA2704} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\EPSON WF-3620 Series Invitation {4E2A8031-5C38-45AB-AB82-3565B005B4AB}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\windows\Tasks\EPSON WF-3620 Series Invitation {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\windows\Tasks\EPSON WF-3620 Series Update {4E2A8031-5C38-45AB-AB82-3565B005B4AB}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{4E2A8031-5C38-45AB-AB82-3565B005B4AB} /F:UpdateWORKGROUP\DESKTOP-N9EK5G0$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\EPSON WF-3620 Series Update {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{E8B8A0FE-2C3B-4C22-BC91-A911A13174E5} /F:UpdateWORKGROUP\DESKTOP-N9EK5G0$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\HPCeeScheduleFormetzn.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{895f1893-6b86-4e9f-9ef1-c6858d4cc759}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {961CB3BF-E112-47B9-B3CC-DCD6D9029063} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {961CB3BF-E112-47B9-B3CC-DCD6D9029063} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3924723779-1150026729-1743089468-1001 -> {961CB3BF-E112-47B9-B3CC-DCD6D9029063} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 51ko8r03.default-1558975850818
FF ProfilePath: C:\Users\metzn\AppData\Roaming\Mozilla\Firefox\Profiles\51ko8r03.default-1558975850818 [2019-05-28]
FF Homepage: Mozilla\Firefox\Profiles\51ko8r03.default-1558975850818 -> hxxps://www.usatoday.com/
FF Extension: (ETP Search Volume Study) - C:\Users\metzn\AppData\Roaming\Mozilla\Firefox\Profiles\51ko8r03.default-1558975850818\Extensions\[email protected] [2019-05-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.usatoday.com/
CHR Profile: C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default [2019-05-28]
CHR Extension: (Slides) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-05]
CHR Extension: (Docs) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-05]
CHR Extension: (Google Drive) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-05]
CHR Extension: (YouTube) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-05]
CHR Extension: (Sheets) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-05]
CHR Extension: (Google Docs Offline) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-05]
CHR Extension: (Gmail) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-22]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD External Events Utility; C:\windows\System32\DriverStore\FileRepository\c0330616.inf_amd64_42de07d7f2ccb5d8\B330055\atiesrxx.exe [491280 2018-07-03] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11147336 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
R2 Epson PMAService A; C:\Program Files (x86)\Epson Software\PMA_A\PMAService.exe [113144 2017-03-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [678328 2018-06-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [139504 2019-05-27] (SurfRight B.V. -> SurfRight B.V.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\AppHelperCap.exe [392696 2018-09-18] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [478056 2018-06-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\NetworkCap.exe [392496 2018-09-18] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\SysInfoCap.exe [394032 2018-09-18] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 RtkBtAudioServ; C:\windows\RtkBtAudioServ.exe [233368 2018-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 RtkBtManServ; C:\windows\RtkBtManServ.exe [704448 2018-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1548080 2019-05-23] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdacpbus; C:\windows\System32\drivers\amdacpbus.sys [956904 2018-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 AmdGpio; C:\windows\System32\drivers\AmdGpio.sys [18968 2018-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, INC.)
R3 amdgpio2; C:\windows\System32\drivers\amdgpio2.sys [35176 2018-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\windows\System32\drivers\amdgpio3.sys [33120 2018-09-21] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 AMDHDAudBusService; C:\windows\System32\drivers\amdhdaudbus.sys [77824 2018-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 amdi2c; C:\windows\System32\drivers\amdi2c.sys [52648 2018-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\windows\System32\DriverStore\FileRepository\c0330616.inf_amd64_42de07d7f2ccb5d8\B330055\atikmdag.sys [40703728 2018-07-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\windows\System32\DriverStore\FileRepository\c0330616.inf_amd64_42de07d7f2ccb5d8\B330055\atikmpag.sys [555248 2018-07-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AMDPCIDev; C:\windows\System32\drivers\AMDPCIDev.sys [31600 2018-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\windows\System32\drivers\amdpsp.sys [139016 2018-09-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R1 amdsfhkmdf; C:\windows\System32\drivers\amdsfhkmdf.sys [39760 2018-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 amduart; C:\windows\System32\drivers\amduart.sys [91248 2018-09-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWT6.sys [107496 2018-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [23960 2018-07-06] (HP Inc. -> HP Inc.)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-27] (Malwarebytes Corporation -> Malwarebytes)
S3 rccfg; C:\windows\System32\drivers\rccfg.sys [39288 2018-09-21] (SEAGATE TECHNOLOGY LLC -> AMD, Inc.)
S0 rcraid; C:\windows\System32\drivers\rcraid.sys [559992 2018-09-21] (SEAGATE TECHNOLOGY LLC -> AMD, Inc.)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [1138000 2018-09-25] (Realtek Semiconductor Corp. -> Realtek )
S3 RtkAvrcp; C:\windows\System32\drivers\RtkAvrcp.sys [79784 2018-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\windows\System32\drivers\RtkBtfilter.sys [758216 2018-07-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [424384 2018-08-06] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\windows\System32\drivers\rtwlane.sys [9626032 2018-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 usbfilter; C:\windows\System32\drivers\usbfilter.sys [65072 2018-09-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [46472 2019-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [344544 2019-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [60896 2019-05-06] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-05-28 22:25 - 2019-05-28 22:26 - 000032121 _____ C:\Users\metzn\Downloads\FRST.txt
2019-05-28 22:24 - 2019-05-28 22:25 - 000000000 ____D C:\FRST
2019-05-28 22:23 - 2019-05-28 22:23 - 002435584 _____ (Farbar) C:\Users\metzn\Downloads\FRST64.exe
2019-05-28 16:01 - 2019-05-28 16:02 - 000012122 _____ C:\Users\metzn\Downloads\ADT Makes Money.zip
2019-05-27 13:19 - 2019-05-27 13:19 - 000000000 ___HD C:\OneDriveTemp
2019-05-27 12:43 - 2019-05-27 12:43 - 000001973 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2019-05-27 12:43 - 2019-05-27 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2019-05-27 12:43 - 2019-05-27 12:43 - 000000000 ____D C:\Program Files\HitmanPro
2019-05-27 12:42 - 2019-05-27 12:46 - 000000000 ____D C:\ProgramData\HitmanPro
2019-05-27 12:41 - 2019-05-27 12:42 - 011535320 _____ (SurfRight B.V.) C:\Users\metzn\Downloads\HitmanPro_x64.exe
2019-05-27 12:10 - 2019-05-27 12:10 - 000211888 _____ C:\Users\metzn\Downloads\Welcome Letter b111.pdf
2019-05-25 19:01 - 2019-05-25 19:01 - 000003160 _____ C:\windows\System32\Tasks\StartCN
2019-05-25 19:01 - 2019-05-25 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-05-25 19:01 - 2019-05-25 19:01 - 000000000 ____D C:\Program Files (x86)\AMD
2019-05-25 18:57 - 2019-05-25 18:57 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Control.lnk
2019-05-25 18:57 - 2019-05-25 18:57 - 000000000 ____D C:\Users\metzn\AppData\Local\RadeonInstaller
2019-05-25 18:57 - 2019-05-25 18:57 - 000000000 ____D C:\ProgramData\SoundResearch
2019-05-24 17:27 - 2019-05-25 17:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-21 08:51 - 2019-05-21 08:51 - 000058883 _____ C:\Users\metzn\Downloads\Receipt_235522.pdf
2019-05-19 13:07 - 2019-05-27 13:17 - 000275232 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-05-18 11:32 - 2019-05-18 11:32 - 026807808 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 023438848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 020814848 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 019022336 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 007879680 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 006072320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 004883968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 004660736 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 003905536 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 003743744 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 001309696 _____ (Microsoft Corporation) C:\windows\system32\webplatstorageserver.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 001290752 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 001062400 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000912384 _____ (Microsoft Corporation) C:\windows\system32\EdgeManager.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000840192 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\webplatstorageserver.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000703488 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000684032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EdgeManager.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000525824 _____ (Microsoft Corporation) C:\windows\system32\nltest.exe
2019-05-18 11:32 - 2019-05-18 11:32 - 000495104 _____ (Microsoft Corporation) C:\windows\system32\werui.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\werui.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000376320 _____ (Microsoft Corporation) C:\windows\SysWOW64\mspbde40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000353280 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000240640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msltus40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000217088 _____ (Microsoft Corporation) C:\windows\system32\DWWIN.EXE
2019-05-18 11:32 - 2019-05-18 11:32 - 000181248 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWWIN.EXE
2019-05-18 11:32 - 2019-05-18 11:32 - 000155136 _____ (Microsoft Corporation) C:\windows\system32\Chakradiag.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000128000 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000122368 _____ (Microsoft Corporation) C:\windows\system32\wercplsupport.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 009682744 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 007883776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 007687576 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 007645384 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 006542464 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 006440960 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 006309040 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 005498880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 005040640 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 004588544 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 003637248 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 003557888 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 003384832 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 003363856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 002780000 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 002708480 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 002422272 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 002278240 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 002189312 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.onecore.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001860096 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001760768 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001701888 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001699496 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2019-05-18 11:31 - 2019-05-18 11:31 - 001641616 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001605120 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.desktop.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001470016 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001395264 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001387520 _____ (Microsoft Corporation) C:\windows\system32\bcastdvruserservice.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001342608 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2019-05-18 11:31 - 2019-05-18 11:31 - 001253904 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001225728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 001179680 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001054712 _____ (Microsoft Corporation) C:\windows\system32\ApplyTrustOffline.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001048376 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001026792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000972288 _____ (Microsoft Corporation) C:\windows\system32\StorSvc.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000895792 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000865280 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000807464 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000758896 _____ (Microsoft Corporation) C:\windows\system32\tcblaunch.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000680184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000660992 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000594944 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000586280 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000543744 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000532480 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000508432 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000449376 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000444944 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000387832 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000254952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000223544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000216064 _____ (Microsoft Corporation) C:\windows\system32\wersvc.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000212792 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000203272 _____ (Microsoft Corporation) C:\windows\system32\tcbloader.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000202768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000201016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000198456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000192824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000179728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000179200 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000177976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000163240 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000147736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000124928 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000121656 _____ (Microsoft Corporation) C:\windows\system32\kdnet.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000098816 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000092672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS
2019-05-18 11:31 - 2019-05-18 11:31 - 000090640 _____ (Microsoft Corporation) C:\windows\system32\hvloader.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000088576 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000080184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hvservice.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\dtdump.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000066688 _____ (Microsoft Corporation) C:\windows\system32\cryptdll.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000055792 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdll.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth8.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth7.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth6.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth5.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth4.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth3.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth2.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth1.bin
2019-05-10 11:11 - 2019-05-10 11:11 - 000000000 _____ C:\windows\eeventmanager.INI
2019-05-10 11:08 - 2019-05-10 11:08 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Leadertech
2019-05-10 11:03 - 2019-05-10 11:16 - 000000951 _____ C:\windows\Tasks\EPSON WF-3620 Series Update {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}.job
2019-05-10 11:03 - 2019-05-10 11:16 - 000000765 _____ C:\windows\Tasks\EPSON WF-3620 Series Invitation {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}.job
2019-05-10 11:03 - 2019-05-10 11:03 - 000004150 _____ C:\windows\System32\Tasks\EPSON WF-3620 Series Update {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}
2019-05-10 11:03 - 2019-05-10 11:03 - 000003972 _____ C:\windows\System32\Tasks\EPSON WF-3620 Series Invitation {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}
2019-05-10 10:59 - 2019-05-10 10:59 - 000000165 _____ C:\Users\Public\Desktop\Epson WF-3620 User’s Guide.url
2019-05-10 10:58 - 2019-05-10 11:03 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Epson
2019-05-10 10:58 - 2019-05-10 10:58 - 000000000 ____D C:\Program Files\EPSON
2019-05-10 10:57 - 2019-05-24 17:27 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2019-05-10 10:57 - 2019-05-10 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2019-05-10 10:57 - 2019-05-10 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2019-05-10 10:57 - 2019-05-10 10:59 - 000000000 ____D C:\Program Files (x86)\epson
2019-05-10 10:57 - 2019-05-10 10:57 - 000001014 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2019-05-10 10:57 - 2019-05-10 10:57 - 000000000 ____D C:\Program Files\EpsonNet
2019-05-10 10:57 - 2012-07-24 00:00 - 000466432 _____ (Seiko Epson Corporation) C:\windows\system32\esxw2ud.dll
2019-05-10 10:57 - 2012-05-17 00:00 - 000144560 _____ (Seiko Epson Corporation) C:\windows\system32\escsvc64.exe
2019-05-10 10:57 - 2010-11-22 13:27 - 000147472 _____ (TWAIN Working Group) C:\windows\SysWOW64\twaindsm.dll
2019-05-10 10:56 - 2019-05-10 11:16 - 000000951 _____ C:\windows\Tasks\EPSON WF-3620 Series Update {4E2A8031-5C38-45AB-AB82-3565B005B4AB}.job
2019-05-10 10:56 - 2019-05-10 11:16 - 000000765 _____ C:\windows\Tasks\EPSON WF-3620 Series Invitation {4E2A8031-5C38-45AB-AB82-3565B005B4AB}.job
2019-05-10 10:56 - 2019-05-10 10:56 - 000004150 _____ C:\windows\System32\Tasks\EPSON WF-3620 Series Update {4E2A8031-5C38-45AB-AB82-3565B005B4AB}
2019-05-10 10:56 - 2019-05-10 10:56 - 000003972 _____ C:\windows\System32\Tasks\EPSON WF-3620 Series Invitation {4E2A8031-5C38-45AB-AB82-3565B005B4AB}
2019-05-10 10:56 - 2019-05-10 10:56 - 000000000 ____D C:\Program Files\Common Files\EPSON
2019-05-10 10:56 - 2013-10-21 12:04 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\windows\system32\E_YLMBKEE.DLL
2019-05-10 10:56 - 2007-04-09 09:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\windows\system32\E_GCINST.DLL
2019-05-10 10:55 - 2019-05-10 12:03 - 000000000 ____D C:\ProgramData\EPSON
2019-05-10 10:55 - 2011-03-14 11:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\windows\system32\E_YD4BKEE.DLL
2019-05-10 10:53 - 2019-05-10 10:53 - 019900368 _____ C:\Users\metzn\Downloads\FW_CC09I2.exe
2019-05-10 10:52 - 2019-05-10 10:52 - 013555352 _____ (Epson America, Inc. ) C:\Users\metzn\Downloads\WF3620_Lite_NA.exe
2019-05-10 10:45 - 2019-05-25 18:57 - 000000000 ____D C:\Users\metzn\AppData\Local\ElevatedDiagnostics
2019-05-10 10:36 - 2019-05-17 10:42 - 000000000 ____D C:\Users\metzn\AppData\Roaming\HpUpdate
2019-05-10 10:36 - 2019-05-10 10:36 - 000002284 _____ C:\Users\Public\Desktop\HP Officejet Pro 3620.lnk
2019-05-10 10:36 - 2019-05-10 10:36 - 000000057 _____ C:\ProgramData\Ament.ini
2019-05-10 10:36 - 2019-05-10 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-05-10 10:36 - 2014-03-06 12:51 - 000763912 ____N (Hewlett-Packard Co.) C:\windows\system32\HPDiscoPM6D12.dll
2019-05-10 10:35 - 2019-05-10 10:36 - 000000000 ____D C:\Users\metzn\AppData\Local\HP
2019-05-10 08:13 - 2019-05-10 08:13 - 000001172 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2019-05-10 08:11 - 2019-05-10 08:11 - 000000000 ____D C:\swsetup
2019-05-07 07:59 - 2019-05-27 13:17 - 000000364 _____ C:\windows\Tasks\HPCeeScheduleFormetzn.job
2019-05-07 07:59 - 2019-05-27 07:59 - 000003256 _____ C:\windows\System32\Tasks\HPCeeScheduleFormetzn
2019-05-07 07:59 - 2019-05-07 07:59 - 000000000 ____D C:\Users\metzn\AppData\Local\HP_Inc
2019-05-06 11:34 - 2019-05-06 11:33 - 000592616 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 024616960 _____ (Microsoft Corporation) C:\windows\system32\Hydrogen.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 019284480 _____ (Microsoft Corporation) C:\windows\system32\HologramWorld.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 012140032 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 011724288 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 009941504 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 008898048 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 007919104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 007724992 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 005436904 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 005112792 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 004920832 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 003952952 _____ (Microsoft Corporation) C:\windows\system32\Windows.Mirage.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 003690496 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 003566080 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 003551112 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 003421696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 003406848 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002986352 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Mirage.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002942464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002752360 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002469440 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002393088 _____ (Microsoft Corporation) C:\windows\SysWOW64\AcGenral.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002323688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002298880 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002278240 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002205184 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002127360 _____ (Microsoft Corporation) C:\windows\system32\wsp_fs.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001782272 _____ (Microsoft Corporation) C:\windows\system32\wsp_health.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001706488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001521664 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_fs.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001459080 _____ (Microsoft Corporation) C:\windows\system32\msvproc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001332224 _____ (Microsoft Corporation) C:\windows\system32\lpasvc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001307648 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_health.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001297120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvproc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001294520 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001289192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001282640 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001259320 _____ (Microsoft Corporation) C:\windows\system32\SecConfig.efi
2019-05-06 11:10 - 2019-05-06 11:10 - 001224704 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001200920 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001131520 _____ (Microsoft Corporation) C:\windows\system32\nettrace.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001077912 _____ (Microsoft Corporation) C:\windows\system32\DolbyDecMFT.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001072424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001057976 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001022464 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.MixedRealityCapture.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001019392 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000897536 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000870400 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000866152 _____ (Microsoft Corporation) C:\windows\SysWOW64\DolbyDecMFT.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000854784 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000829440 _____ (Microsoft Corporation) C:\windows\system32\HologramCompositor.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000815616 _____ (Microsoft Corporation) C:\windows\system32\fvewiz.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000762272 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000742912 _____ (Microsoft Corporation) C:\windows\system32\SpaceControl.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000701440 _____ (Microsoft Corporation) C:\windows\system32\FrameServer.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\fveapi.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000662528 ____R (Microsoft Corporation) C:\windows\system32\MixedRealityCapture.Pipeline.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000642048 _____ (Microsoft Corporation) C:\windows\system32\SharedRealitySvc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000577024 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhctrl.ocx
2019-05-06 11:10 - 2019-05-06 11:10 - 000573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfh264enc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000560128 _____ (Microsoft Corporation) C:\windows\system32\mfh264enc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000522312 _____ (Microsoft Corporation) C:\windows\system32\systemreset.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000475648 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxbde40.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000454144 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000429056 _____ (Microsoft Corporation) C:\windows\system32\MixedReality.Broker.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000427520 _____ (Microsoft Corporation) C:\windows\system32\MSFlacDecoder.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000421688 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToManager.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000371712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSFlacDecoder.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000370688 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000349696 _____ (Microsoft Corporation) C:\windows\system32\AcGenral.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000340480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2019-05-06 11:10 - 2019-05-06 11:10 - 000331776 _____ (Microsoft Corporation) C:\windows\system32\fvecpl.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000316416 _____ (Microsoft Corporation) C:\windows\system32\FSClient.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxdiag.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000314368 _____ (Microsoft Corporation) C:\windows\system32\AcLayers.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd2x40.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\fveapibase.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000309760 _____ (Microsoft Corporation) C:\windows\system32\fveui.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000301096 _____ (Microsoft Corporation) C:\windows\system32\wmpeffects.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\MbbCx.sys
2019-05-06 11:10 - 2019-05-06 11:10 - 000263576 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000241680 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpeffects.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000241152 _____ (Microsoft Corporation) C:\windows\system32\ResetEngOnline.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000218624 _____ (Microsoft Corporation) C:\windows\system32\wmpdxm.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000180736 _____ (Microsoft Corporation) C:\windows\SysWOW64\srumsvc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpdxm.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000167424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpdr.sys
2019-05-06 11:10 - 2019-05-06 11:10 - 000153088 _____ (Microsoft Corporation) C:\windows\system32\fcon.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\itss.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000137216 _____ (Microsoft Corporation) C:\windows\system32\SpaceAgent.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000125440 _____ (Microsoft Corporation) C:\windows\system32\wmpshell.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\ActiveSyncCsp.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000098816 ____R (Microsoft Corporation) C:\windows\system32\MixedRealityCapture.Broker.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000097280 _____ (Microsoft Corporation) C:\windows\system32\EduPrintProv.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpshell.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000093696 _____ (Microsoft Corporation) C:\windows\system32\nlahc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000092672 _____ (Microsoft Corporation) C:\windows\system32\PktMon.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\offreg.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\EASPolicyManagerBrokerHost.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\RDSPnf.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\offreg.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000039936 _____ (Microsoft Corporation) C:\windows\system32\perfts.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshhttp.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\dataclen.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfts.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 015223296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 012844032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 007251456 _____ (Microsoft Corporation) C:\windows\SysWOW64\BingMaps.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 006925824 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 005915936 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 005765120 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 005588184 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 005210904 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepository.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 004527624 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupapi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003729808 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 003656192 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003652656 _____ (Microsoft Corporation) C:\windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003504128 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003496448 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.AI.MachineLearning.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003426816 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003108864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002925880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 002765312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002701512 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002689024 _____ (Microsoft Corporation) C:\windows\system32\WebRuntimeManager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002627384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 002447360 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapRouter.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002346496 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002073960 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002001408 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapGeocoder.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001994976 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001899160 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001720936 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001711104 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001687552 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001674696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001671352 _____ (Microsoft Corporation) C:\windows\system32\gdi32full.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001615872 ____R (The ICU Project) C:\windows\SysWOW64\icuin.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001590064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpserverbase.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001572176 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001506304 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001467552 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32full.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001458056 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3D12.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001370624 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001360184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 001272552 _____ (Microsoft Corporation) C:\windows\SysWOW64\ttdrecordcpu.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001271608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001254912 _____ (Microsoft Corporation) C:\windows\SysWOW64\TokenBroker.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001249280 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallService.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001221944 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpbase.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001217024 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001180248 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001155072 ____R (The ICU Project) C:\windows\SysWOW64\icuuc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001110528 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001098128 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001072640 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001047552 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001001472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpnapps.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000982528 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.Vpn.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000976896 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000964096 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncCore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000949248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000948224 _____ (Microsoft Corporation) C:\windows\system32\uDWM.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000918032 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000913920 _____ (Microsoft Corporation) C:\windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000909840 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000908800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmsys.cpl
2019-05-06 11:09 - 2019-05-06 11:09 - 000884224 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000882688 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000875008 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000845824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ShareHost.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000828728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000821048 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000815616 _____ (Microsoft Corporation) C:\windows\system32\MdmDiagnostics.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000787456 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000782968 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000780632 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcrt.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000775168 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVolSSO.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000772608 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000772408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Services.TargetedContent.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000769536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000762880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000731648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000730112 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000723968 _____ (Microsoft Corporation) C:\windows\SysWOW64\BingOnlineServices.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000712192 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000711168 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000695296 _____ (Microsoft Corporation) C:\windows\system32\hhctrl.ocx
2019-05-06 11:09 - 2019-05-06 11:09 - 000681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000673280 _____ (Microsoft Corporation) C:\windows\system32\configmanager2.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000671232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000663552 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000655160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000653040 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppXDeploymentClient.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000649064 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000638376 _____ (Microsoft Corporation) C:\windows\system32\msvcrt.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000626176 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000624640 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000621568 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000617784 _____ (Microsoft Corporation) C:\windows\SysWOW64\LicensingWinRT.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000615936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Core.TextInput.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000599040 _____ (Microsoft Corporation) C:\windows\system32\facecredentialprovider.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000598544 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000591832 _____ C:\windows\SysWOW64\InputHost.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000588304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000578560 _____ (Microsoft Corporation) C:\windows\system32\PlayToManager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000570368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000553656 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000553472 _____ (Microsoft Corporation) C:\windows\system32\dmenrollengine.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000549376 _____ (Microsoft Corporation) C:\windows\SysWOW64\JpMapControl.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000548864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.Connectivity.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000540720 _____ (Microsoft Corporation) C:\windows\SysWOW64\StateRepository.Core.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000540448 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000535048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000528384 _____ (Microsoft Corporation) C:\windows\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000514632 _____ (Microsoft Corporation) C:\windows\system32\policymanager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsound.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000496128 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppcext.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000492032 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\ResourceMapper.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000474928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2019-05-06 11:09 - 2019-05-06 11:09 - 000461824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmenrollengine.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000454160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000451080 _____ (Microsoft Corporation) C:\windows\SysWOW64\policymanager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000449024 _____ (Microsoft Corporation) C:\windows\system32\edgeIso.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000434176 _____ (Microsoft Corporation) C:\windows\SysWOW64\TileDataRepository.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000430904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000424960 _____ (Microsoft Corporation) C:\windows\SysWOW64\daxexec.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapConfiguration.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000414720 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2019-05-06 11:09 - 2019-05-06 11:09 - 000408528 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Enumeration.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000385536 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.LowLevel.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000383288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000370176 _____ (Microsoft Corporation) C:\windows\system32\dxdiag.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\LockAppBroker.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\DataUsageHandlers.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000359936 _____ (Microsoft Corporation) C:\windows\system32\DeviceEnroller.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000359424 _____ (Microsoft Corporation) C:\windows\system32\dusmsvc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000349184 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000343552 _____ (Microsoft Corporation) C:\windows\system32\RADCUI.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000332800 _____ (Microsoft Corporation) C:\windows\system32\NetSetupSvc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000331264 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Picker.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgeIso.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000326144 _____ (Microsoft Corporation) C:\windows\system32\DiagnosticLogCSP.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000324096 _____ (Microsoft Corporation) C:\windows\system32\sppcommdlg.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000322048 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptngc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000320512 _____ (Microsoft Corporation) C:\windows\system32\omadmclient.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000312632 _____ (Microsoft Corporation) C:\windows\SysWOW64\thumbcache.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000302080 _____ (Microsoft Corporation) C:\windows\system32\dmenterprisediagnostics.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000297984 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.System.Diagnostics.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000294912 _____ (Microsoft Corporation) C:\windows\SysWOW64\RADCUI.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000293376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000289792 _____ (Microsoft Corporation) C:\windows\system32\discan.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000284160 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasppp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000279376 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000272648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ttdwriter.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000262456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000240128 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000224768 _____ (Microsoft Corporation) C:\windows\system32\BitLockerCsp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000201728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mdmregistration.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000201216 _____ (Microsoft Corporation) C:\windows\system32\wincredui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000188416 _____ (Microsoft Corporation) C:\windows\system32\DMPushRouterCore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000176640 _____ (Microsoft Corporation) C:\windows\system32\spacebridge.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000173568 _____ (Microsoft Corporation) C:\windows\system32\itss.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000159744 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasman.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\container.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000146888 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000144896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000143880 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\BitLockerCsp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\mdmmigrator.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000139776 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintWorkflowService.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000134144 _____ (Microsoft Corporation) C:\windows\system32\DataUsageLiveTileTask.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000133120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Radios.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000132096 _____ (Microsoft Corporation) C:\windows\SysWOW64\smartscreenps.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000129024 _____ (Microsoft Corporation) C:\windows\SysWOW64\spopk.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\srpapi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000122680 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000122368 _____ (Microsoft Corporation) C:\windows\SysWOW64\DisplayManager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000115360 _____ (Microsoft Corporation) C:\windows\system32\phoneactivate.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000115200 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleprn.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000114344 _____ (Microsoft Corporation) C:\windows\SysWOW64\rmclient.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000107832 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupApi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000107008 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000104960 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000104960 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000100352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdfs.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000096256 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataTimeUtil.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000091424 _____ (Microsoft Corporation) C:\windows\SysWOW64\CompPkgSup.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000089600 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvsetup.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000086528 _____ (Microsoft Corporation) C:\windows\system32\nslookup.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mcbuilder.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\nslookup.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000067072 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000066048 _____ (Microsoft Corporation) C:\windows\system32\ntlanman.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdBth.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntlanman.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000049152 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000046592 _____ (Microsoft Corporation) C:\windows\system32\dataclen.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\CredentialMigrationHandler.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\nshhttp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000040960 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscapi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\perfproc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfproc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000035840 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\sxssrv.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\SecureBioSysprep.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\cmintegrator.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\RpcPing.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscdll.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 022114960 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 017513472 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 009670656 _____ (Microsoft Corporation) C:\windows\system32\BingMaps.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 007647256 _____ (Microsoft Corporation) C:\windows\system32\OneCoreUAPCommonProxyStub.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 007556392 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 005566464 _____ (Microsoft Corporation) C:\windows\system32\twinui.pcshell.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 005561856 _____ (Microsoft Corporation) C:\windows\system32\StartTileData.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 005527552 _____ (Microsoft Corporation) C:\windows\system32\InputService.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 005296640 _____ (Microsoft Corporation) C:\windows\system32\cdp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004997096 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepository.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004866560 _____ (Microsoft Corporation) C:\windows\system32\Windows.AI.MachineLearning.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004704272 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004304896 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004245280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 004019200 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003982848 _____ (Microsoft Corporation) C:\windows\system32\EdgeContent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003761664 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003399168 _____ (Microsoft Corporation) C:\windows\system32\MapRouter.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003334496 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003334144 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003270144 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002995712 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002929152 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002871304 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 002842624 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002842112 _____ (Microsoft Corporation) C:\windows\system32\MapGeocoder.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002766648 _____ (Microsoft Corporation) C:\windows\system32\UpdateAgent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002637312 _____ (Microsoft Corporation) C:\windows\system32\smartscreen.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 002630656 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002618880 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002592816 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002466304 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002438368 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002149368 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002085376 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002042368 _____ (Microsoft Corporation) C:\windows\system32\Windows.CloudStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002022304 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002017792 _____ C:\windows\system32\rdpnano.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001969464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 001931264 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001918464 _____ (Microsoft Corporation) C:\windows\system32\AzureSettingSyncProvider.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001892864 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001886208 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001856000 ____R (The ICU Project) C:\windows\system32\icuin.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001844448 _____ (Microsoft Corporation) C:\windows\system32\D3D12.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001830200 _____ (Microsoft Corporation) C:\windows\system32\rdpserverbase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001768960 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001742104 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001715712 _____ (Microsoft Corporation) C:\windows\system32\ISM.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001700880 _____ (Microsoft Corporation) C:\windows\system32\ContentDeliveryManager.Utilities.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001672704 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001671680 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001671680 _____ (Microsoft Corporation) C:\windows\system32\InstallService.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001653760 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001647632 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001616384 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001567232 _____ (Microsoft Corporation) C:\windows\system32\dosvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001563336 _____ (Microsoft Corporation) C:\windows\system32\ttdrecordcpu.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001533440 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001496576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001481488 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001478968 _____ (Microsoft Corporation) C:\windows\system32\rdpbase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001462272 _____ (Microsoft Corporation) C:\windows\system32\TokenBroker.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001446400 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001415680 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001331536 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001315840 _____ (Microsoft Corporation) C:\windows\system32\wpx.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001315328 _____ (Microsoft Corporation) C:\windows\system32\wpnapps.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001314304 _____ (Microsoft Corporation) C:\windows\system32\NotificationController.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001311232 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Vpn.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001296576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001267712 _____ (Microsoft Corporation) C:\windows\system32\APMon.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001259320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 001256448 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001219640 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryPS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001213752 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001208320 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001199104 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001191728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001176064 _____ (Microsoft Corporation) C:\windows\system32\MapsStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001145856 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncCore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001133568 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001087800 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001078072 _____ (Microsoft Corporation) C:\windows\system32\Windows.Services.TargetedContent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001058304 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2019-05-06 11:08 - 2019-05-06 11:08 - 001057792 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 001056272 _____ (Microsoft Corporation) C:\windows\system32\pidgenx.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001053192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ClipSp.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 001052160 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001035776 _____ (Microsoft Corporation) C:\windows\system32\ShareHost.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001032704 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001022616 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001010176 _____ (Microsoft Corporation) C:\windows\system32\refsutil.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 001007616 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001001472 _____ (Microsoft Corporation) C:\windows\system32\mmsys.cpl
2019-05-06 11:08 - 2019-05-06 11:08 - 000999424 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000998712 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000984888 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000982880 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000981816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refsv1.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000974352 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000956416 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000955392 _____ (Microsoft Corporation) C:\windows\system32\wbiosrvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000954368 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000927232 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000926208 _____ (Microsoft Corporation) C:\windows\system32\MbaeApi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000918304 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000902144 _____ (Microsoft Corporation) C:\windows\system32\BingOnlineServices.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000888320 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000888120 _____ (Microsoft Corporation) C:\windows\SysWOW64\pidgenx.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000883712 _____ (Microsoft Corporation) C:\windows\system32\usocore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000882176 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2019-05-06 11:08 - 2019-05-06 11:08 - 000877056 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000874496 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000872448 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000871792 _____ (Microsoft Corporation) C:\windows\system32\ClipSVC.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000865784 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentClient.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000864056 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthService.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000860160 _____ C:\windows\system32\MBR2GPT.EXE
2019-05-06 11:08 - 2019-05-06 11:08 - 000855040 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Playback.MediaPlayer.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000850760 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000836096 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000833064 _____ C:\windows\system32\InputHost.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000823296 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000822272 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000820736 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Core.TextInput.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000809784 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000807424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdiWiFi.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000806600 _____ C:\windows\SysWOW64\locale.nls
2019-05-06 11:08 - 2019-05-06 11:08 - 000806600 _____ C:\windows\system32\locale.nls
2019-05-06 11:08 - 2019-05-06 11:08 - 000800256 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000799568 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000793832 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000790328 _____ (Microsoft Corporation) C:\windows\system32\upshared.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000782848 _____ (Microsoft Corporation) C:\windows\system32\ngcsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000776192 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000773120 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000773120 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000766480 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000764216 _____ (Microsoft Corporation) C:\windows\system32\wimgapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000761280 _____ (Microsoft Corporation) C:\windows\system32\pkeyhelper.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000756736 _____ (Microsoft Corporation) C:\windows\system32\DolbyHrtfEnc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000752136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000745984 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Connectivity.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000741888 _____ (Microsoft Corporation) C:\windows\system32\updatehandlers.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000737080 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000735232 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000730936 _____ (Microsoft Corporation) C:\windows\system32\LicensingWinRT.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000725696 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000714240 _____ (Microsoft Corporation) C:\windows\system32\JpMapControl.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000699392 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Language.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000691712 _____ (Microsoft Corporation) C:\windows\system32\aadcloudap.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000684544 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000679424 _____ (Microsoft Corporation) C:\windows\system32\AppReadiness.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000676256 _____ (Microsoft Corporation) C:\windows\system32\StateRepository.Core.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000675096 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000663552 _____ (Microsoft Corporation) C:\windows\system32\PsmServiceExtHost.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000661816 _____ (Microsoft Corporation) C:\windows\system32\computecore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000660480 _____ (Microsoft Corporation) C:\windows\system32\OneDriveSettingSyncProvider.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000651792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000651576 _____ (Microsoft Corporation) C:\windows\system32\securekernel.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000646656 _____ (Microsoft Corporation) C:\windows\system32\w32time.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000646632 _____ (Microsoft Corporation) C:\windows\system32\msvcp_win.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000622080 _____ (Microsoft Corporation) C:\windows\system32\NgcCtnrSvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000620560 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000612368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000611840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.LowLevel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000610304 _____ (Microsoft Corporation) C:\windows\system32\daxexec.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000605496 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimgapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000604336 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000604008 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000593920 _____ (Microsoft Corporation) C:\windows\system32\dsound.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000582240 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000580024 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000579072 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000578560 _____ (Microsoft Corporation) C:\windows\system32\SppExtComObj.Exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000572416 _____ (Microsoft Corporation) C:\windows\system32\wpnprv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000566272 _____ (Microsoft Corporation) C:\windows\system32\MapConfiguration.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000556544 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000556544 _____ (Microsoft Corporation) C:\windows\system32\BTAGService.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000553984 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000553784 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000552448 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000551936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000547840 _____ (Microsoft Corporation) C:\windows\system32\TileDataRepository.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000540672 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2019-05-06 11:08 - 2019-05-06 11:08 - 000531976 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000531968 _____ (Microsoft Corporation) C:\windows\system32\sppcext.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000527872 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000522752 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000519992 _____ (Microsoft Corporation) C:\windows\system32\wimserv.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000519992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Vid.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000518656 _____ (Microsoft Corporation) C:\windows\system32\modernexecserver.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000516608 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000513040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000508208 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Enumeration.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000506880 _____ (Microsoft Corporation) C:\windows\system32\EnterpriseAppMgmtSvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000506408 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000506168 _____ (Microsoft Corporation) C:\windows\system32\dcntel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000505344 _____ (Microsoft Corporation) C:\windows\system32\NetSetupShim.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000500224 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_PCDisplay.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000496872 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000495616 _____ (Microsoft Corporation) C:\windows\system32\DDDS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000494080 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000494080 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Activities.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000485192 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase_enclave.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000479232 _____ (Microsoft Corporation) C:\windows\system32\cloudAP.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000475648 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000473616 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000469504 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000466432 _____ (Microsoft Corporation) C:\windows\system32\slui.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000463672 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000461824 _____ (Microsoft Corporation) C:\windows\system32\WpAXHolder.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000461112 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000456704 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Picker.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000452096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cldflt.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000450048 _____ (Microsoft Corporation) C:\windows\system32\LockAppBroker.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000448000 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.Workflow.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000447488 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000435712 _____ (Microsoft Corporation) C:\windows\system32\cryptngc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000433152 _____ (Microsoft Corporation) C:\windows\system32\SensorService.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000424960 _____ (Microsoft Corporation) C:\windows\system32\SDDS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000421392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000420864 _____ (Microsoft Corporation) C:\windows\system32\SettingsEnvironment.Desktop.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000419128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000417792 _____ (Microsoft Corporation) C:\windows\system32\eeprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000408800 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000407552 _____ (Microsoft Corporation) C:\windows\system32\rascustom.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000407504 _____ (Microsoft Corporation) C:\windows\system32\wevtapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000407040 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000404792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000402944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000402576 _____ (Microsoft Corporation) C:\windows\system32\SgrmEnclave.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000398416 _____ (Microsoft Corporation) C:\windows\system32\SgrmEnclave_secure.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000394752 _____ (Microsoft Corporation) C:\windows\SysWOW64\AcLayers.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000392704 _____ (Microsoft Corporation) C:\windows\system32\domgmt.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000388096 _____ (Microsoft Corporation) C:\windows\system32\MusNotificationUx.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000386872 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000386360 _____ (Microsoft Corporation) C:\windows\system32\thumbcache.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000385024 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000384312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aepic.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000375544 _____ (Microsoft Corporation) C:\windows\system32\MusNotifyIcon.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000371200 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.Diagnostics.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000370688 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupShim.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000368640 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000366592 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000365056 _____ (Microsoft Corporation) C:\windows\system32\NotificationControllerPS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000355360 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000349184 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000348160 _____ (Microsoft Corporation) C:\windows\system32\BioCredProv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000346624 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000343984 _____ (Microsoft Corporation) C:\windows\system32\AudioSrvPolicyManager.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000330464 _____ (Microsoft Corporation) C:\windows\system32\ttdwriter.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000326144 _____ (Microsoft Corporation) C:\windows\system32\Windows.Cortana.OneCore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000324408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000322568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000321024 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000306488 _____ (Microsoft Corporation) C:\windows\system32\computestorage.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000305664 _____ (Microsoft Corporation) C:\windows\system32\rasppp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000301568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000300344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000300032 _____ (Microsoft Corporation) C:\windows\system32\wc_storage.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000298296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000283032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wevtapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000281600 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000280592 _____ (Microsoft Corporation) C:\windows\system32\browserbroker.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000276488 _____ (Microsoft Corporation) C:\windows\system32\MTF.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\BioCredProv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000271360 _____ (Microsoft Corporation) C:\windows\system32\MapControlCore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000264704 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000263680 _____ (Microsoft Corporation) C:\windows\system32\WiFiCloudStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000257696 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000255128 _____ (Microsoft Corporation) C:\windows\system32\SgrmBroker.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000254464 _____ (Microsoft Corporation) C:\windows\notepad.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000251904 _____ (Microsoft Corporation) C:\windows\system32\HttpsDataSource.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000248832 _____ (Microsoft Corporation) C:\windows\system32\w32tm.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000246784 _____ (Microsoft Corporation) C:\windows\system32\tetheringservice.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000246784 _____ (Microsoft Corporation) C:\windows\system32\mdmregistration.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000246584 _____ (Microsoft Corporation) C:\windows\system32\moshostcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000244224 _____ (Microsoft Corporation) C:\windows\system32\JpnServiceDS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000241664 _____ (Microsoft Corporation) C:\windows\system32\SharedPCCSP.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000234808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netvsc.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000225792 _____ (Microsoft Corporation) C:\windows\system32\smbwmiv2.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000224256 _____ (Microsoft Corporation) C:\windows\system32\ptpprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000217600 _____ (Microsoft Corporation) C:\windows\system32\container.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000214528 _____ (Microsoft Corporation) C:\windows\system32\srumsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000211968 _____ (Microsoft Corporation) C:\windows\SysWOW64\w32tm.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000202752 _____ (Microsoft Corporation) C:\windows\system32\SecureTimeAggregator.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000202552 _____ (Microsoft Corporation) C:\windows\SysWOW64\MTF.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000198144 _____ (Microsoft Corporation) C:\windows\system32\netiohlp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000197120 _____ (Microsoft Corporation) C:\windows\system32\updatepolicy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000197120 _____ (Microsoft Corporation) C:\windows\system32\bthserv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000196608 _____ (Microsoft Corporation) C:\windows\system32\smartscreenps.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000195896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spacedump.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000195072 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryUpgrade.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000193032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\ngcpopkeysrv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000184320 _____ (Microsoft Corporation) C:\windows\system32\rasman.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000183296 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Radios.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000182784 _____ (Microsoft Corporation) C:\windows\system32\Windows.SharedPC.CredentialProvider.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000179712 _____ (Microsoft Corporation) C:\windows\system32\wuuhosdeployment.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000178688 _____ (Microsoft Corporation) C:\windows\system32\winbio.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000178176 _____ (Microsoft Corporation) C:\windows\system32\appsruprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000177664 _____ (Microsoft Corporation) C:\windows\system32\ngctasks.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000177152 _____ (Microsoft Corporation) C:\windows\system32\LanguageComponentsInstaller.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000175104 _____ (Microsoft Corporation) C:\windows\system32\energyprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000171520 _____ (Microsoft Corporation) C:\windows\system32\SpatialAudioLicenseSrv.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000171520 _____ (Microsoft Corporation) C:\windows\system32\DisplayManager.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000169784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wcifs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000168448 _____ (Microsoft Corporation) C:\windows\system32\drvinst.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\spacebridge.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000165376 _____ (Microsoft Corporation) C:\windows\system32\CompPkgSrv.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000164288 _____ (Microsoft Corporation) C:\windows\system32\vertdll.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000161280 _____ (Microsoft Corporation) C:\windows\SysWOW64\updatepolicy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000160256 _____ (Microsoft Corporation) C:\windows\system32\spopk.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000159272 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000159112 _____ (Microsoft Corporation) C:\windows\system32\winquic.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000157496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000157200 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryClient.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000156984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winquic.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000156160 _____ (Microsoft Corporation) C:\windows\system32\RMapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\netiohlp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000155648 _____ (Microsoft Corporation) C:\windows\system32\dssvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000151872 _____ (Microsoft Corporation) C:\windows\system32\rmclient.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000149504 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SerialCommunication.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000148480 _____ C:\windows\system32\DataStoreCacheDumpTool.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000147968 _____ (Microsoft Corporation) C:\windows\system32\srpapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000147496 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000143872 _____ (Microsoft Corporation) C:\windows\system32\oleprn.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000143872 _____ (Microsoft Corporation) C:\windows\system32\musdialoghandlers.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000140808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000138960 _____ (Microsoft Corporation) C:\windows\system32\wldp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000138752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\luafv.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000134456 _____ (Microsoft Corporation) C:\windows\system32\ImplatSetup.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000131384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\winbio.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000121344 _____ (Microsoft Corporation) C:\windows\system32\UserDataTimeUtil.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000120320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthhfenum.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\RjvMDMConfig.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\DolbyMATEnc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000115200 _____ (Microsoft Corporation) C:\windows\system32\negoexts.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000115152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wldp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000114856 _____ (Microsoft Corporation) C:\windows\system32\CompPkgSup.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000111104 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000111104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000108032 _____ (Microsoft Corporation) C:\windows\system32\drvsetup.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000104248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bindflt.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\negoexts.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000098664 _____ (Microsoft Corporation) C:\windows\system32\mpr.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000097808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000095544 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000095544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storqosflt.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000094224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fileinfo.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\mcbuilder.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000089336 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpr.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wcnfs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000086960 _____ (Microsoft Corporation) C:\windows\system32\taskhostw.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000084480 _____ (Microsoft Corporation) C:\windows\system32\KdsCli.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000083472 _____ (Microsoft Corporation) C:\windows\system32\vid.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000080400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vpci.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000079360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000074424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WindowsTrustedRT.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000071208 _____ (Microsoft Corporation) C:\windows\system32\win32appinventorycsp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000071168 _____ (Microsoft Corporation) C:\windows\system32\fdBth.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\umpo-overrides.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000055608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\iorate.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\CredentialMigrationHandler.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000051712 _____ (Microsoft Corporation) C:\windows\system32\MdmDiagnosticsTool.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000051712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mmcss.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000049664 _____ (Microsoft Corporation) C:\windows\system32\cscapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000048128 _____ (Microsoft Corporation) C:\windows\system32\wcimage.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000047136 _____ (Microsoft Corporation) C:\windows\system32\browser_broker.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000046080 _____ (Microsoft Corporation) C:\windows\system32\hidparse.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000046080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\cmintegrator.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000041984 _____ (Microsoft Corporation) C:\windows\system32\lpkinstall.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000039936 _____ (Microsoft Corporation) C:\windows\system32\npmproxy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000039736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WppRecorder.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000039304 _____ (Microsoft Corporation) C:\windows\system32\NtlmShared.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\wpnsruprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000035640 _____ (Microsoft Corporation) C:\windows\system32\DeviceCensus.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msfs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000033056 _____ (Microsoft Corporation) C:\windows\SysWOW64\NtlmShared.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\RpcPing.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\cscdll.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\npmproxy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000002560 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000000072 _____ C:\windows\system32\edgehtmlpluginpolicy.bin
2019-05-05 17:39 - 2019-05-05 17:39 - 000000000 _SHDL C:\Documents and Settings
2019-05-05 16:43 - 2019-05-05 16:43 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\Users\metzn\AppData\Local\mbamtray
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\Users\metzn\AppData\Local\mbam
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-05 16:43 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamElam.sys
2019-05-05 16:43 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2019-05-05 16:42 - 2019-05-05 16:42 - 063175880 _____ (Malwarebytes ) C:\Users\metzn\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10472.exe
2019-05-05 16:25 - 2019-05-05 16:25 - 000003936 _____ C:\windows\System32\Tasks\CCleaner Update
2019-05-05 16:25 - 2019-05-05 16:25 - 000002888 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2019-05-05 16:25 - 2019-05-05 16:25 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-05 16:25 - 2019-05-05 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-05 16:25 - 2019-05-05 16:25 - 000000000 ____D C:\Program Files\CCleaner
2019-05-05 16:24 - 2019-05-05 16:24 - 021254208 _____ (Piriform Software Ltd) C:\Users\metzn\Downloads\ccsetup556.exe
2019-05-05 16:24 - 2019-05-05 16:24 - 000000000 ____D C:\Users\metzn\AppData\Local\CEF
2019-05-05 16:22 - 2019-05-05 16:22 - 000000000 ____D C:\Users\metzn\AppData\LocalLow\Adobe
2019-05-05 16:20 - 2019-05-14 22:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-05 16:20 - 2019-05-05 16:20 - 000004562 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-05 16:20 - 2019-05-05 16:20 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-05-05 16:19 - 2019-05-05 17:12 - 000000000 ____D C:\ProgramData\Adobe
2019-05-05 16:19 - 2019-05-05 16:19 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-05-05 16:18 - 2019-05-05 16:22 - 000000000 ____D C:\Users\metzn\AppData\Local\Adobe
2019-05-05 15:58 - 2019-05-05 16:41 - 000000212 _____ C:\Users\metzn\Desktop\Email.url
2019-05-05 13:18 - 2019-05-05 13:19 - 000000000 ____D C:\Users\metzn\Documents\Greg and Lori
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ___SD C:\Users\metzn\Documents\My Articulate Projects
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ___RD C:\Users\metzn\Documents\My Stationery
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Outlook Files
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\OneNote Notebooks
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\NPS
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\My Flip Video Library
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Missy's Work
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Missy's Senior Pictures
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Greg PB- New Job
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\eLearning Guild
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Avery Templates
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\ATD Board
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\AAA Work Files
2019-05-05 13:18 - 2017-07-21 17:01 - 000000000 ____D C:\Users\metzn\Documents\Custom Office Templates
2019-05-05 13:18 - 2010-01-02 11:29 - 000098304 _____ C:\Users\metzn\Documents\backup_010210.pst
2019-05-05 13:01 - 2019-05-15 11:31 - 000000000 ____D C:\windows\system32\MRT
2019-05-05 13:01 - 2019-05-15 11:27 - 132445408 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-05-05 12:16 - 2019-05-05 12:16 - 000001562 _____ C:\Users\metzn\Desktop\iTunes.lnk
2019-05-05 11:52 - 2019-05-05 11:52 - 000000000 ____D C:\ProgramData\Apple Computer
2019-05-05 11:52 - 2019-05-05 11:52 - 000000000 ____D C:\ProgramData\Apple
2019-05-05 11:42 - 2019-05-26 11:34 - 000000000 ____D C:\Users\metzn\AppData\LocalLow\AMD
2019-05-05 11:42 - 2019-05-21 16:53 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-05 11:42 - 2019-05-21 16:53 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-05 11:41 - 2019-05-15 01:47 - 000003418 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-05 11:41 - 2019-05-15 01:47 - 000003294 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-05 11:41 - 2019-05-05 11:52 - 000000000 ____D C:\Users\metzn\AppData\Local\Google
2019-05-05 11:41 - 2019-05-05 11:42 - 000000000 ____D C:\Program Files (x86)\Google
2019-05-05 11:36 - 2019-05-28 22:09 - 000000000 ____D C:\Users\metzn\AppData\LocalLow\Mozilla
2019-05-05 11:36 - 2019-05-25 17:04 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-05 11:36 - 2019-05-25 17:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-05 11:36 - 2019-05-05 11:36 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-05-05 11:36 - 2019-05-05 11:36 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Mozilla
2019-05-05 11:36 - 2019-05-05 11:36 - 000000000 ____D C:\Users\metzn\AppData\Local\Mozilla
2019-05-05 11:36 - 2019-05-05 11:36 - 000000000 ____D C:\ProgramData\Mozilla
2019-05-05 11:11 - 2019-05-05 11:11 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-05 11:11 - 2019-05-05 11:11 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-05 11:11 - 2019-05-05 11:11 - 000002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-05 11:11 - 2019-05-05 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-05-05 11:10 - 2019-05-05 11:17 - 000000000 ____D C:\Users\metzn\AppData\Local\Publishers
2019-05-05 11:10 - 2019-05-05 11:10 - 000000000 ____D C:\Users\metzn\AppData\Local\Comms
2019-05-05 11:10 - 2019-05-05 11:10 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-05-05 11:07 - 2019-05-27 06:53 - 000000000 ____D C:\Program Files\Microsoft Office
2019-05-05 11:07 - 2019-05-05 11:07 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-05-05 10:58 - 2019-05-05 16:02 - 000000000 ____D C:\Users\metzn\AppData\Local\PlaceholderTileLogoFolder
2019-05-05 10:57 - 2019-05-05 10:57 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Macromedia
2019-05-05 10:57 - 2019-05-05 10:57 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Hewlett-Packard
2019-05-05 10:56 - 2019-05-27 13:19 - 000000000 ___RD C:\Users\metzn\OneDrive
2019-05-05 10:56 - 2019-05-17 10:56 - 000003380 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3924723779-1150026729-1743089468-1001
2019-05-05 10:55 - 2019-05-05 10:55 - 000000000 ____D C:\Users\metzn\AppData\Local\DBG
2019-05-05 10:54 - 2019-05-10 08:12 - 000000000 ____D C:\Users\metzn\AppData\Roaming\hpqLog
2019-05-05 10:54 - 2019-05-10 08:12 - 000000000 ____D C:\Users\metzn\AppData\Local\Hewlett-Packard
2019-05-05 10:54 - 2019-05-05 12:23 - 000000000 ____D C:\Users\metzn\AppData\Local\HP JumpStart Apps
2019-05-05 10:54 - 2019-05-05 10:55 - 000000000 ____D C:\Users\metzn\AppData\Roaming\HP
2019-05-05 10:54 - 2019-05-05 10:54 - 000001446 _____ C:\Users\metzn\Desktop\Microsoft Edge.lnk
2019-05-05 10:54 - 2019-05-05 10:54 - 000000000 ____D C:\Users\metzn\AppData\Local\Crashpad
2019-05-05 10:53 - 2019-05-05 10:53 - 000000000 ___HD C:\Users\metzn\MicrosoftEdgeBackups
2019-05-05 10:53 - 2019-05-05 10:53 - 000000000 ____D C:\Users\metzn\AppData\Local\MicrosoftEdge
2019-05-05 10:52 - 2019-05-28 16:02 - 000000000 ____D C:\Users\metzn\AppData\Local\Packages
2019-05-05 10:52 - 2019-05-27 23:19 - 000000000 ____D C:\Users\metzn\AppData\Local\D3DSCache
2019-05-05 10:52 - 2019-05-24 17:02 - 000000000 ____D C:\Users\metzn\AppData\Roaming\WildTangent
2019-05-05 10:52 - 2019-05-06 11:21 - 000000000 ___RD C:\Users\metzn\3D Objects
2019-05-05 10:52 - 2019-05-05 16:22 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Adobe
2019-05-05 10:52 - 2019-05-05 15:24 - 000000000 ____D C:\Users\metzn\AppData\Local\ConnectedDevicesPlatform
2019-05-05 10:52 - 2019-05-05 10:55 - 000000000 ____D C:\Users\metzn\AppData\Local\AMD
2019-05-05 10:52 - 2019-05-05 10:52 - 000000000 ____D C:\Users\metzn\AppData\Local\VirtualStore
2019-05-05 10:48 - 2019-05-17 10:56 - 000002374 _____ C:\Users\metzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-05 10:48 - 2019-05-10 11:03 - 000000000 ____D C:\Users\metzn
2019-05-05 10:48 - 2019-05-05 10:48 - 000000020 ___SH C:\Users\metzn\ntuser.ini
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-05-28 22:26 - 2018-09-15 03:31 - 000000000 ____D C:\windows\INF
2019-05-28 22:08 - 2018-10-11 01:56 - 000000000 ____D C:\windows\system32\SleepStudy
2019-05-28 12:55 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-27 13:22 - 2018-10-11 02:02 - 000846278 _____ C:\windows\system32\PerfStringBackup.INI
2019-05-27 13:19 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-27 13:19 - 2018-09-15 03:33 - 000000000 ____D C:\windows\AppReadiness
2019-05-27 13:18 - 2018-10-11 01:56 - 000295152 _____ C:\windows\system32\FNTCACHE.DAT
2019-05-27 13:17 - 2018-10-11 01:56 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-05-27 13:13 - 2018-10-11 02:54 - 000000000 ____D C:\windows\Panther
2019-05-27 13:02 - 2018-09-15 03:23 - 000000000 ____D C:\windows\CbsTemp
2019-05-25 19:00 - 2019-03-14 19:20 - 000000000 ____D C:\Program Files\AMD
2019-05-25 18:57 - 2019-03-14 19:20 - 000497792 _____ C:\windows\system32\Drivers\rtkhdasetting.zip
2019-05-25 18:57 - 2019-03-14 19:20 - 000003194 _____ C:\windows\System32\Tasks\RTKCPL
2019-05-25 18:57 - 2019-03-14 19:20 - 000000000 ____D C:\windows\SysWOW64\RTCOM
2019-05-24 17:05 - 2018-10-11 01:58 - 000000000 ____D C:\ProgramData\Packages
2019-05-19 12:34 - 2018-09-15 02:09 - 000524288 _____ C:\windows\system32\config\BBI
2019-05-19 12:32 - 2018-09-15 03:33 - 000000000 ___SD C:\windows\system32\DiagSvcs
2019-05-19 12:32 - 2018-09-15 03:33 - 000000000 ____D C:\windows\bcastdvr
2019-05-18 09:43 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-05-13 17:23 - 2018-09-15 03:36 - 000835688 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2019-05-13 17:23 - 2018-09-15 03:36 - 000179816 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-10 11:19 - 2019-03-14 18:23 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-05-10 11:09 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\FxsTmp
2019-05-10 10:58 - 2019-03-14 18:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-05-10 10:36 - 2019-03-14 18:24 - 000000000 ____D C:\Program Files\HP
2019-05-10 10:36 - 2019-03-14 18:23 - 000000000 ____D C:\ProgramData\HP
2019-05-10 10:36 - 2019-03-14 18:23 - 000000000 ____D C:\Program Files (x86)\HP
2019-05-10 08:12 - 2019-03-14 18:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-05-10 08:12 - 2019-03-14 18:23 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-05-10 08:12 - 2018-09-10 10:54 - 000000000 ___HD C:\SYSTEM.SAV
2019-05-06 13:39 - 2018-10-11 01:56 - 000000000 ____D C:\windows\system32\Drivers\wd
2019-05-06 13:39 - 2018-09-15 03:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-05-06 11:21 - 2018-10-11 01:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\TextInput
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\SysWOW64\oobe
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\SysWOW64\Dism
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\oobe
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\migwiz
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\appraiser
2019-05-06 11:15 - 2018-09-15 02:09 - 000000000 ____D C:\windows\system32\Dism
2019-05-06 11:14 - 2019-03-14 20:04 - 000000000 ____D C:\windows\holoshell
2019-05-06 11:14 - 2018-09-15 05:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-05-06 11:14 - 2018-09-15 05:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-05-06 11:14 - 2018-09-15 03:33 - 000000000 ____D C:\windows\ShellExperiences
2019-05-06 11:14 - 2018-09-15 03:33 - 000000000 ____D C:\windows\ShellComponents
2019-05-06 11:12 - 2018-09-15 02:09 - 000000000 ____D C:\windows\servicing
2019-05-06 11:08 - 2018-10-11 02:00 - 002865152 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2019-05-06 03:17 - 2018-09-15 03:33 - 000000000 ____D C:\windows\appcompat
2019-05-06 00:24 - 2019-03-14 19:37 - 000000000 ____D C:\windows\System32\Tasks\McAfee
2019-05-06 00:23 - 2018-09-15 03:33 - 000000000 ___HD C:\windows\ELAMBKUP
2019-05-06 00:23 - 2018-09-15 02:09 - 000032768 _____ C:\windows\system32\config\ELAM
2019-05-05 17:39 - 2019-03-14 18:25 - 000002766 _____ C:\windows\System32\Tasks\HPAudioSwitch
2019-05-05 17:39 - 2018-09-15 03:33 - 000000000 ____D C:\windows\LiveKernelReports
2019-05-05 10:57 - 2019-03-14 18:23 - 000000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2019-05-05 10:43 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\WinBioDatabase
2019-05-05 10:41 - 2019-03-14 19:33 - 000000000 ____D C:\ProgramData\WildTangent
2019-05-05 10:40 - 2019-03-14 20:05 - 000002856 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3924723779-1150026729-1743089468-500
2019-05-05 10:40 - 2019-03-14 19:33 - 000002856 _____ C:\windows\System32\Tasks\HPJumpStartLaunch
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05.2019
Ran by metzn (28-05-2019 22:27:12)
Running from C:\Users\metzn\Downloads
Windows 10 Home (X64) (2019-05-05 14:41:39)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3924723779-1150026729-1743089468-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3924723779-1150026729-1743089468-503 - Limited - Disabled)
Guest (S-1-5-21-3924723779-1150026729-1743089468-501 - Limited - Disabled)
metzn (S-1-5-21-3924723779-1150026729-1743089468-1001 - Administrator - Enabled) => C:\Users\metzn
WDAGUtilityAccount (S-1-5-21-3924723779-1150026729-1743089468-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.0616.1322.22237 - Advanced Micro Devices, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 2.56.00 - Seiko Epson Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - Seiko Epson Corporation)
Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.2.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}) (Version: 4.4.11 - Seiko Epson Corporation)
EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version:  - SEIKO EPSON Corporation)
Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.14.304 - SurfRight B.V.)
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{016FBF6D-AEDE-4D33-87B4-DF6815EF674A}) (Version: 1.4.0.485 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{35556CCA-F14E-48F3-93F4-E29C4B3DBE30}) (Version: 1.4.485.0 - HP Inc.)
HP Officejet Pro 3620 Basic Device Software (HKLM\...\{D81BD182-CB53-4B35-8A7B-A6BA2D619E07}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Home and Student 2019 - en-us (HKLM\...\HomeStudent2019Retail - en-us) (Version: 16.0.11601.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0 (x64 en-US)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.93 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8536 - Realtek Semiconductor Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.47 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.305 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 6.0.0.43 - WildTangent) Hidden
 
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2019-05-05] (Amazon.com)
Booking.com USA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comUSABigsavingson_1.0.4.0_x64__mgae2k3ys4ra0 [2019-05-05] (Priceline Partner Network)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.13.5.0_x86__kgqvnymyfvs32 [2019-05-16] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1510.1.0_x86__kgqvnymyfvs32 [2019-05-20] (king.com)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-03-14] (HP Inc.)
Floor Adjustment -> C:\windows\SystemApps\RoomAdjustment_cw5n1h2txyewy [2019-03-14] (Microsoft Corporation)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2019-03-14] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.5.8.0_x64__v10z8vjag6ke6 [2019-05-05] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-05-05] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.4.105.0_x64__v10z8vjag6ke6 [2019-05-10] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.35.0_x64__v10z8vjag6ke6 [2019-05-22] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa [2019-05-05] (Apple Inc.)
Learn Mixed Reality -> C:\windows\SystemApps\MixedRealityLearning_cw5n1h2txyewy [2019-03-14] (Microsoft Corporation)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-05-05] (LinkedIn)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-05-05] (Netflix, Inc.)
New for You -> C:\windows\SystemApps\WhatsNew_cw5n1h2txyewy [2019-03-14] (Microsoft Corporation)
Passthrough -> C:\windows\SystemApps\passthrough_cw5n1h2txyewy [2019-03-14] (Microsoft Corporation)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-05-05] (CYBERLINKCOM CORP)
Sign In -> C:\windows\SystemApps\WebAuthBridgeInternet_cw5n1h2txyewy [2019-03-14] (ms-resource:PublisherDisplayName)
Sign In -> C:\windows\SystemApps\WebAuthBridgeInternetSso_cw5n1h2txyewy [2019-03-14] (ms-resource:PublisherDisplayName)
Sign In -> C:\windows\SystemApps\WebAuthBridgeIntranetSso_cw5n1h2txyewy [2019-03-14] (ms-resource:PublisherDisplayName)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.14.58.0_x64__kx24dqmazqk8j [2019-05-05] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0 [2019-05-22] (Spotify AB)
WildTangent Games UWP -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.50.0_x64__qt5r5pa5dyg8m [2019-05-05] (WildTangent Games)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-06-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-05-17 19:42 - 2019-05-17 19:42 - 000141312 _____ ( ) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\de0b20812b0797582510baf9f34372f0\Interop.IWshRuntimeLibrary.ni.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 22:11 - 2018-04-24 22:11 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-05-20 13:07 - 2019-05-20 13:07 - 000156672 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\042bd18c4380cb57a535aba160f50193\BRIDGECommon.ni.dll
2019-05-17 19:41 - 2019-05-17 19:41 - 000121344 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\BridgeExtension\ff15376e66c0b8f783b5eb782fa39987\BridgeExtension.ni.dll
2019-05-17 19:41 - 2019-05-17 19:41 - 000375296 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\CleanStartController\a083a651c5bf71bb0f3c9e19bbf01eb1\CleanStartController.ni.dll
2019-05-17 19:41 - 2019-05-17 19:41 - 000139776 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\e786d6b4051f72e4db3f0a1cddeb4eed\RegistrationUtilities.ni.dll
2018-06-16 13:20 - 2018-06-16 13:20 - 001368064 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2019-05-17 19:42 - 2019-05-17 19:42 - 000129536 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\8e58d1914799c1217b18520fd86c547c\Hardcodet.Wpf.TaskbarNotification.ni.dll
2019-05-22 03:12 - 2019-05-22 03:12 - 001252864 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.35.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
2019-05-22 03:12 - 2019-05-22 03:12 - 000015360 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.35.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2019-05-17 19:41 - 2019-05-17 19:41 - 000131584 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\CommonPortable\3fd2eedae51329b6ae4b05d0c49280e9\CommonPortable.ni.dll
2019-05-17 19:42 - 2019-05-17 19:42 - 001567232 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\HPAudioSwitch\9be1926f94ca5032708cf6a1b87e3fa6\HPAudioSwitch.ni.exe
2019-05-17 19:41 - 2019-05-17 19:41 - 000172544 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\HPJumpStartBridge\47e956beada4528003b1cef1450abba1\HPJumpStartBridge.ni.exe
2019-05-17 19:42 - 2019-05-17 19:42 - 001555456 _____ (Mark Heath) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\NAudio\b88b41f705b91b76561b09b578e094f2\NAudio.ni.dll
2019-05-17 19:40 - 2019-05-17 19:40 - 002227200 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\a58019292ba2cc9d0fb918d2c8c2acff\Newtonsoft.Json.ni.dll
2019-05-17 19:42 - 2019-05-17 19:42 - 002988032 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\b56677bbec3f082bc34f5501a38a7071\Newtonsoft.Json.ni.dll
2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000096768 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\EbpD4Fax.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUADRFIL.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000282624 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCFG.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000446464 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCSR.DLL
2019-05-10 10:58 - 2018-12-26 01:00 - 000389120 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXLDB.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000536576 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXTIF.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUIMGCDC.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FULEPP.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSTMMSG.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSVCCLT.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUUSBHLP.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000258048 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUVERDLG.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000069632 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDEVCOM.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDRVUTL.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUPRBDEV.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUSNMPUT.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000086016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000241664 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\windows\System32\enppmon.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000786432 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENCM.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000278528 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENNW.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000299008 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENUTIL.dll
2019-05-17 19:42 - 2019-05-17 19:42 - 000765440 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\3064b36d50fa3181a26462181f8ae401\log4net.ni.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 001136128 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2018-06-16 13:20 - 2018-06-16 13:20 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000139264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 03:31 - 2018-09-15 03:31 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\metzn\Pictures\2016-07-23- Italy\1536.JPG
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7CB1A8C9-8B4E-4BD1-A0CB-3D1D15A4B48B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A971F7C5-D0DC-4D69-B3CA-C5B540EF8728}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{2E3C6965-2FDF-48FC-B17C-10E7B40054E4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{19AECF7D-9A04-4C4B-8D18-9A6A738EE4B9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46BFE370-B126-4E93-A157-D4FF199D7AD5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D080B562-08F1-4E61-BF00-C1005D072B75}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{460EA02C-F51F-42F6-A8D1-3F21CEEDF385}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E57161B-EB1B-47D2-9743-DED4F4942E7D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{92053AEA-2995-4358-987E-9C20A778A2E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EB9D486F-6AD9-48BE-A20D-FF9BD338C78D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9EA1F0D-8A34-40DC-B9FA-0B31E38E6890}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{41B22F76-EEDA-4EAB-81B6-99DF6CFC93BB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17872E59-3A88-43C4-ACF0-8DD37D01D049}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.104.41048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E116A78-B206-4967-B8A3-F6D26FA6EA15}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{11A08468-D7EF-495B-99B2-FC787F54B32A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{70F68DFF-A824-4653-9B8E-10DC89AB3CD3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{015244A3-0FDF-4B79-86C5-7CC04E4AD8FE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4C3D0594-2EB7-4914-9E07-F06381BEAF88}] => (Allow) LPort=5357
FirewallRules: [{1696D62C-6B20-44AC-9D00-04845CB9F399}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DF0BDE20-0F0D-4047-AEA5-849555E721AB}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{74306D7B-FD99-46E6-99F7-C38DC1335CBD}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6B95A8D0-3F9C-4AFD-B979-3A53F1DCF7A9}] => (Allow) C:\Users\metzn\AppData\Local\Temp\WF-3620\Common\EpsonNet Setup\ENEasyApp.exe No File
FirewallRules: [{8B077D80-EF3A-4A1A-B3F1-E14ED68E287E}] => (Allow) C:\Users\metzn\AppData\Local\Temp\WF-3620\Common\EpsonNet Setup\ENEasyApp.exe No File
FirewallRules: [{EA2848F8-EF4A-457A-A588-F4C498EDA015}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{7E936A0B-C1D7-4513-9394-BB9BC496E6E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC3889B1-FA87-4B25-AB08-C55799EF2231}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D4DC8F79-85BC-4F8F-8BD3-32CA0B22535C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EEBA3EAB-1AEA-44AD-A3B2-A58D353C9364}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D18BF451-8A42-4C52-A194-7B96275CAB14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF3F1644-B13A-432D-93C7-8058896BCDAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{213E308E-5518-4ADB-85CF-A0300C0A009E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{58504A5E-CCBE-430E-9143-0770938D832D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
24-05-2019 18:14:20 Scheduled Checkpoint
26-05-2019 16:22:17 Windows Modules Installer
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/27/2019 05:39:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 67.0.0.7075, time stamp: 0x5cdded92
Faulting module name: ntdll.dll, version: 10.0.17763.475, time stamp: 0x3230aa04
Exception code: 0xc0000374
Fault offset: 0x00000000000fb049
Faulting process id: 0x20b4
Faulting application start time: 0x01d514b050dc2e77
Faulting application path: C:\Program Files\Mozilla Firefox\firefox.exe
Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report Id: f8703107-117a-4d3f-92ca-7cef9c96d4af
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (05/26/2019 12:08:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SolutionFinder.exe, version: 1.0.3.0, time stamp: 0x5c75fc20
Faulting module name: KERNELBASE.dll, version: 10.0.17763.475, time stamp: 0x9877ee8b
Exception code: 0xe0434352
Fault offset: 0x0011c762
Faulting process id: 0x3090
Faulting application start time: 0x01d51378a1be5519
Faulting application path: C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.4.105.0_x64__v10z8vjag6ke6\www\HPSF\Modules\SolutionFinder.exe
Faulting module path: C:\windows\System32\KERNELBASE.dll
Report Id: 88427cb5-10f3-4d44-a34e-9f4a9a685f80
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (05/26/2019 12:08:12 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SolutionFinder.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentNullException
   at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InsertRange(Int32, System.Collections.Generic.IEnumerable`1<System.__Canon>)
   at SolutionFinder.Program.GetMessages(System.String, System.String, System.String, System.String)
   at SolutionFinder.Program.Main(System.String[])
 
Error: (05/24/2019 05:04:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ShellExperienceHost.exe version 10.0.17763.439 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1adc
 
Start Time: 01d51273d93af971
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
 
Report Id: d4902284-3009-4a86-8574-f9d9febb9832
 
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: App
 
Hang type: Quiesce
 
Error: (05/19/2019 12:07:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SolutionFinder.exe, version: 1.0.3.0, time stamp: 0x5c75fc20
Faulting module name: KERNELBASE.dll, version: 10.0.17763.475, time stamp: 0x9877ee8b
Exception code: 0xe0434352
Fault offset: 0x0011c762
Faulting process id: 0x1654
Faulting application start time: 0x01d50df86ce09a0b
Faulting application path: C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.4.105.0_x64__v10z8vjag6ke6\www\HPSF\Modules\SolutionFinder.exe
Faulting module path: C:\windows\System32\KERNELBASE.dll
Report Id: 04cd5022-1aa3-442a-8c54-c227478ca010
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (05/19/2019 12:07:51 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SolutionFinder.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentNullException
   at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InsertRange(Int32, System.Collections.Generic.IEnumerable`1<System.__Canon>)
   at SolutionFinder.Program.GetMessages(System.String, System.String, System.String, System.String)
   at SolutionFinder.Program.Main(System.String[])
 
 
System errors:
=============
Error: (05/28/2019 10:13:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/28/2019 04:36:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/28/2019 04:36:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/28/2019 04:02:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-4073035186-845728998-3163384695-1976476425-2991714013-2201240401-996050049). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/28/2019 04:00:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/28/2019 03:50:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/28/2019 03:50:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/28/2019 03:42:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2019-05-06 11:23:38.850
Description: 
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070002
Error description: The system cannot find the file specified. 
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0
 
==================== Memory info =========================== 
 
BIOS: AMI F.22 01/25/2019
Motherboard: HP 8433
Processor: AMD Ryzen 5 2400G with Radeon Vega Graphics 
Percentage of memory in use: 42%
Total physical RAM: 10149.47 MB
Available physical RAM: 5786.66 MB
Total Virtual: 12709.47 MB
Available Virtual: 7447.8 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:930.28 GB) (Free:741.83 GB) NTFS
Drive d: (My Book) (Fixed) (Total:465.65 GB) (Free:155.83 GB) FAT32
 
\\?\Volume{2988719e-db8c-413a-ba6f-4e508a142ff7}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.57 GB) NTFS
\\?\Volume{5602cc68-a6f7-44dc-b4ff-2ac1aa997934}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E1EF715B)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)
 
==================== End of Addition.txt ============================
 

  • 0

Advertisements

#2
iMacg3
Posted 28 May 2019 - 09:20 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hello and welcome to the Geeks to Go malware removal forum. :welcome:

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:
  • Do not run any fixes or tools on your system unless I request that you do so.
    • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
  • Please read all instructions carefully, and complete them in the order listed.
    • Items that are especially important will be highlighted in bold or red.
  • If your computer seems to start working normally, please don't abandon the topic.
    • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
    • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
  • If you don't respond to your topic in 4 days, it will be closed.
    • If your topic is closed and you still need assistance, send me or any staff member a Private Message with a link to your topic.
  • If you have questions at any time during the cleanup, feel free to ask.
--------------------

Please take a screenshot of the Windows Security message, and attach it here.

---------------------------------------------------
McAfee Consumer Product Removal Tool

Note: This tool will uninstall all McAfee products from your PC. If you are using a paid version of McAfee, please be sure you have safely stored your product key.

Please download MCPR (McAfee Consumer Product Removal Tool) and save it to your desktop
  • Right-click MCPR.exe and click Run as Administrator.
  • At the "McAfee Software Removal" window, click Next.
  • Accept the license agreement.
  • Complete the "Security Validation" question and click Next.
  • You will receive a message that the removal of McAfee products is complete.
  • Restart the computer.
---------------------------------------------------
FRST Scan
  • Double click Frst.exe/Frst64.exe to launch it.
  • FRST will start to run.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

  • 0

#3
[email protected]
Posted 30 May 2019 - 09:04 PM

[email protected]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Ok, I will do this in the morning.  I did not get an email notification of your reply.  Maybe I need to check my settings?


  • 0

#4
iMacg3
Posted 31 May 2019 - 08:12 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

To receive notifications, click the Follow This Topic button in the upper right corner of the web page, and select Instantly > Follow This Topic.
  • 0

#5
[email protected]
Posted 31 May 2019 - 09:03 AM

[email protected]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

1.  First thanks in general for your help!

2.  Thanks for the tip on following.  Doing that now.

3.  I ran the MCPR and restarted.

4.  I made a mistake in not taking a screenshot of that windows message (I think fake).  I have not seen it for the last 3 days.  Same with the fake (I think) McAfee messages.  I think that this is a good sign, but not 100% sure.  If I see it again, I'll certainly copy and post.  Would you like me to run another FRST scan or any other tool?  

 

Thanks again!

GM


  • 0

#6
iMacg3
Posted 31 May 2019 - 10:54 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,
 

Would you like me to run another FRST scan or any other tool?


Yes, please run a new FRST scan:

--------------------------------------------------- 
FRST Scan
  • Double click Frst.exe/Frst64.exe to launch it.
  • FRST will start to run.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

  • 0

#7
[email protected]
Posted 31 May 2019 - 01:17 PM

[email protected]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-05.2019
Ran by metzn (administrator) on DESKTOP-N9EK5G0 (HP HP Pavilion Desktop 590-p0xxx) (31-05-2019 13:10:16)
Running from C:\Users\metzn\Downloads
Loaded Profiles: metzn (Available Profiles: metzn)
Platform: Windows 10 Home Version 1809 17763.503 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19051.545.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0330616.inf_amd64_42de07d7f2ccb5d8\B330055\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0330616.inf_amd64_42de07d7f2ccb5d8\B330055\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\SysInfoCap.exe
(HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.35.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\metzn\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.1000_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11904.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMA.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BtServer] => "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-17] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [665568 2018-12-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [870368 2018-12-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\...\Run: [EPLTarget\P0000000000000000] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03B49FB4-B007-44D7-B288-EF4F5D397309} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.)
Task: {1061D4CD-49DA-46D4-AA1B-8A003223CFD9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149440 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FA80E56-619B-4ACC-9AD5-78102C320EB5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2E2AB22E-6BE4-4C09-A9AE-3395911FCD5C} - System32\Tasks\EPSON WF-3620 Series Update {4E2A8031-5C38-45AB-AB82-3565B005B4AB} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {3E802BC4-382D-4734-A9D9-7CF1D8EAABC0} - System32\Tasks\EPSON WF-3620 Series Invitation {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {54E7BB4C-328E-4FA5-8AD7-0ED104BC9AB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {635F74BD-D4E0-4B7A-A8AE-1B8202B2708B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {65EA091C-F7A1-41D1-BA1D-6FBF78B2E776} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2194552 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {66F35302-CD19-4015-A4CD-204B28C96D97} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149440 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {67F802E5-7805-43AA-A915-235B24933BDD} - System32\Tasks\EPSON WF-3620 Series Invitation {4E2A8031-5C38-45AB-AB82-3565B005B4AB} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {7631095B-81BD-489B-99FB-F90652AD808B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197064 2019-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C4096DD-2AF7-4530-B140-7653135E1FFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {828CD93C-EC34-48EC-848E-A4E9F99E0CAF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197064 2019-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {87707B01-3BBB-4034-8F5F-09A233C4BAE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-05] (Google Inc -> Google LLC)
Task: {8970602D-2C2A-4294-ADB4-9AFCD4A601F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B91EDF0-61F2-4EAE-A573-F5EC27E61F2E} - System32\Tasks\HPCeeScheduleFormetzn => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {9A9E93FE-75BB-4414-862A-EEE6AC4E59BC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AAC149B-BA26-416C-A05B-C2066E7FE10D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1061240 2019-05-10] (HP Inc. -> HP Inc.)
Task: {9FB99F8C-87B3-49F0-A242-82A321B41FFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-05] (Google Inc -> Google LLC)
Task: {A3FCAF70-DC8E-4438-8059-E7EE8FF075C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1061240 2019-05-10] (HP Inc. -> HP Inc.)
Task: {A8F735A7-BB11-40E3-A837-C00F6D3EF084} - System32\Tasks\EPSON WF-3620 Series Update {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [679488 2013-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B3234870-7EE0-40A2-A1CE-EAF7A898A014} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC2453F3-E7E1-45DA-BE14-69547D73ADF4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C299CC08-540C-4564-AEF3-19878332C0A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2194552 2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAFE52CA-F764-42DD-AEE0-2223EDF419FE} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-06-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F969FE9C-9F4A-4684-9296-78879BE73ED6} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [462696 2018-06-01] (HP Inc. -> HP Inc.)
Task: {FC68E137-CB84-4E4C-A4F0-D19985CA2704} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\EPSON WF-3620 Series Invitation {4E2A8031-5C38-45AB-AB82-3565B005B4AB}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\windows\Tasks\EPSON WF-3620 Series Invitation {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\windows\Tasks\EPSON WF-3620 Series Update {4E2A8031-5C38-45AB-AB82-3565B005B4AB}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{4E2A8031-5C38-45AB-AB82-3565B005B4AB} /F:UpdateWORKGROUP\DESKTOP-N9EK5G0$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\EPSON WF-3620 Series Update {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{E8B8A0FE-2C3B-4C22-BC91-A911A13174E5} /F:UpdateWORKGROUP\DESKTOP-N9EK5G0$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\windows\Tasks\HPCeeScheduleFormetzn.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{895f1893-6b86-4e9f-9ef1-c6858d4cc759}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {961CB3BF-E112-47B9-B3CC-DCD6D9029063} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {961CB3BF-E112-47B9-B3CC-DCD6D9029063} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3924723779-1150026729-1743089468-1001 -> {961CB3BF-E112-47B9-B3CC-DCD6D9029063} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-27] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 51ko8r03.default-1558975850818
FF ProfilePath: C:\Users\metzn\AppData\Roaming\Mozilla\Firefox\Profiles\51ko8r03.default-1558975850818 [2019-05-31]
FF Homepage: Mozilla\Firefox\Profiles\51ko8r03.default-1558975850818 -> hxxps://www.usatoday.com/
FF Extension: (ETP Search Volume Study) - C:\Users\metzn\AppData\Roaming\Mozilla\Firefox\Profiles\51ko8r03.default-1558975850818\Extensions\[email protected] [2019-05-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-05-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.usatoday.com/
CHR Profile: C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default [2019-05-31]
CHR Extension: (Slides) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-05]
CHR Extension: (Docs) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-05]
CHR Extension: (Google Drive) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-05]
CHR Extension: (YouTube) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-05]
CHR Extension: (Sheets) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-05]
CHR Extension: (Google Docs Offline) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-05]
CHR Extension: (Gmail) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\metzn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-22]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD External Events Utility; C:\windows\System32\DriverStore\FileRepository\c0330616.inf_amd64_42de07d7f2ccb5d8\B330055\atiesrxx.exe [491280 2018-07-03] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11147336 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
R2 Epson PMAService A; C:\Program Files (x86)\Epson Software\PMA_A\PMAService.exe [113144 2017-03-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [678328 2018-06-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [139504 2019-05-27] (SurfRight B.V. -> SurfRight B.V.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\AppHelperCap.exe [392696 2018-09-18] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [478056 2018-06-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\NetworkCap.exe [392496 2018-09-18] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6f4bcdb10506c8d\x64\SysInfoCap.exe [394032 2018-09-18] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 RtkBtAudioServ; C:\windows\RtkBtAudioServ.exe [233368 2018-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 RtkBtManServ; C:\windows\RtkBtManServ.exe [704448 2018-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1548080 2019-05-23] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-05-06] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdacpbus; C:\windows\System32\drivers\amdacpbus.sys [956904 2018-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 AmdGpio; C:\windows\System32\drivers\AmdGpio.sys [18968 2018-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, INC.)
R3 amdgpio2; C:\windows\System32\drivers\amdgpio2.sys [35176 2018-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\windows\System32\drivers\amdgpio3.sys [33120 2018-09-21] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 AMDHDAudBusService; C:\windows\System32\drivers\amdhdaudbus.sys [77824 2018-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 amdi2c; C:\windows\System32\drivers\amdi2c.sys [52648 2018-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\windows\System32\DriverStore\FileRepository\c0330616.inf_amd64_42de07d7f2ccb5d8\B330055\atikmdag.sys [40703728 2018-07-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\windows\System32\DriverStore\FileRepository\c0330616.inf_amd64_42de07d7f2ccb5d8\B330055\atikmpag.sys [555248 2018-07-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AMDPCIDev; C:\windows\System32\drivers\AMDPCIDev.sys [31600 2018-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\windows\System32\drivers\amdpsp.sys [139016 2018-09-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R1 amdsfhkmdf; C:\windows\System32\drivers\amdsfhkmdf.sys [39760 2018-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 amduart; C:\windows\System32\drivers\amduart.sys [91248 2018-09-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWT6.sys [107496 2018-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [23960 2018-07-06] (HP Inc. -> HP Inc.)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-31] (Malwarebytes Corporation -> Malwarebytes)
S3 rccfg; C:\windows\System32\drivers\rccfg.sys [39288 2018-09-21] (SEAGATE TECHNOLOGY LLC -> AMD, Inc.)
S0 rcraid; C:\windows\System32\drivers\rcraid.sys [559992 2018-09-21] (SEAGATE TECHNOLOGY LLC -> AMD, Inc.)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [1138000 2018-09-25] (Realtek Semiconductor Corp. -> Realtek )
S3 RtkAvrcp; C:\windows\System32\drivers\RtkAvrcp.sys [79784 2018-05-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\windows\System32\drivers\RtkBtfilter.sys [758216 2018-07-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [424384 2018-08-06] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\windows\System32\drivers\rtwlane.sys [9626032 2018-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 usbfilter; C:\windows\System32\drivers\usbfilter.sys [65072 2018-09-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [46472 2019-05-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [344544 2019-05-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [60896 2019-05-06] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-05-31 13:10 - 2019-05-31 13:11 - 000031741 _____ C:\Users\metzn\Downloads\FRST.txt
2019-05-31 13:10 - 2019-05-31 13:10 - 000000000 ____D C:\Users\metzn\Downloads\FRST-OlderVersion
2019-05-31 10:42 - 2019-05-31 10:42 - 000000000 ___HD C:\OneDriveTemp
2019-05-31 10:40 - 2019-05-31 10:40 - 000275232 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-05-31 10:27 - 2019-05-31 10:27 - 010607128 _____ (McAfee, Inc.) C:\Users\metzn\Downloads\MCPR.exe
2019-05-28 22:24 - 2019-05-31 13:10 - 000000000 ____D C:\FRST
2019-05-28 22:23 - 2019-05-31 13:10 - 002435584 _____ (Farbar) C:\Users\metzn\Downloads\FRST64.exe
2019-05-28 16:01 - 2019-05-28 16:02 - 000012122 _____ C:\Users\metzn\Downloads\ADT Makes Money.zip
2019-05-27 12:43 - 2019-05-27 12:43 - 000001973 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2019-05-27 12:43 - 2019-05-27 12:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2019-05-27 12:43 - 2019-05-27 12:43 - 000000000 ____D C:\Program Files\HitmanPro
2019-05-27 12:42 - 2019-05-27 12:46 - 000000000 ____D C:\ProgramData\HitmanPro
2019-05-27 12:41 - 2019-05-27 12:42 - 011535320 _____ (SurfRight B.V.) C:\Users\metzn\Downloads\HitmanPro_x64.exe
2019-05-27 12:10 - 2019-05-27 12:10 - 000211888 _____ C:\Users\metzn\Downloads\Welcome Letter b111.pdf
2019-05-25 19:01 - 2019-05-25 19:01 - 000003160 _____ C:\windows\System32\Tasks\StartCN
2019-05-25 19:01 - 2019-05-25 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-05-25 19:01 - 2019-05-25 19:01 - 000000000 ____D C:\Program Files (x86)\AMD
2019-05-25 18:57 - 2019-05-25 18:57 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Control.lnk
2019-05-25 18:57 - 2019-05-25 18:57 - 000000000 ____D C:\Users\metzn\AppData\Local\RadeonInstaller
2019-05-25 18:57 - 2019-05-25 18:57 - 000000000 ____D C:\ProgramData\SoundResearch
2019-05-24 17:27 - 2019-05-25 17:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-21 08:51 - 2019-05-21 08:51 - 000058883 _____ C:\Users\metzn\Downloads\Receipt_235522.pdf
2019-05-18 11:32 - 2019-05-18 11:32 - 026807808 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 023438848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 020814848 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 019022336 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 007879680 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 006072320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 004883968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 004660736 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 003905536 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 003743744 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 001309696 _____ (Microsoft Corporation) C:\windows\system32\webplatstorageserver.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 001290752 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 001062400 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000912384 _____ (Microsoft Corporation) C:\windows\system32\EdgeManager.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000840192 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\webplatstorageserver.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000703488 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000684032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EdgeManager.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000525824 _____ (Microsoft Corporation) C:\windows\system32\nltest.exe
2019-05-18 11:32 - 2019-05-18 11:32 - 000495104 _____ (Microsoft Corporation) C:\windows\system32\werui.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\werui.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000376320 _____ (Microsoft Corporation) C:\windows\SysWOW64\mspbde40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000353280 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000240640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msltus40.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000217088 _____ (Microsoft Corporation) C:\windows\system32\DWWIN.EXE
2019-05-18 11:32 - 2019-05-18 11:32 - 000181248 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWWIN.EXE
2019-05-18 11:32 - 2019-05-18 11:32 - 000155136 _____ (Microsoft Corporation) C:\windows\system32\Chakradiag.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000128000 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-18 11:32 - 2019-05-18 11:32 - 000122368 _____ (Microsoft Corporation) C:\windows\system32\wercplsupport.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 009682744 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 007883776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 007687576 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 007645384 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 006542464 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 006440960 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 006309040 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 005498880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 005040640 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 004588544 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 003637248 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 003557888 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 003384832 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 003363856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 002780000 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 002708480 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 002422272 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 002278240 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 002189312 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.onecore.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001860096 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001760768 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001701888 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001699496 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2019-05-18 11:31 - 2019-05-18 11:31 - 001641616 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001605120 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.desktop.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001484800 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001470016 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001395264 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001387520 _____ (Microsoft Corporation) C:\windows\system32\bcastdvruserservice.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 001342608 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2019-05-18 11:31 - 2019-05-18 11:31 - 001253904 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001225728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 001179680 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001054712 _____ (Microsoft Corporation) C:\windows\system32\ApplyTrustOffline.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001048376 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 001026792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000972288 _____ (Microsoft Corporation) C:\windows\system32\StorSvc.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000895792 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000865280 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000807464 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000758896 _____ (Microsoft Corporation) C:\windows\system32\tcblaunch.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000680184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000660992 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000594944 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000586280 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000543744 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000532480 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000508432 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000449376 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000444944 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000387832 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000254952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000223544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000216064 _____ (Microsoft Corporation) C:\windows\system32\wersvc.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000212792 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000203272 _____ (Microsoft Corporation) C:\windows\system32\tcbloader.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000202768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000201016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000198456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000192824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000179728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000179200 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000177976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000163240 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000147736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000138752 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000124928 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000121656 _____ (Microsoft Corporation) C:\windows\system32\kdnet.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000098816 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000092672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS
2019-05-18 11:31 - 2019-05-18 11:31 - 000090640 _____ (Microsoft Corporation) C:\windows\system32\hvloader.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000088576 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000080184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hvservice.sys
2019-05-18 11:31 - 2019-05-18 11:31 - 000079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\dtdump.exe
2019-05-18 11:31 - 2019-05-18 11:31 - 000066688 _____ (Microsoft Corporation) C:\windows\system32\cryptdll.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000055792 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdll.dll
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth8.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth7.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth6.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth5.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth4.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth3.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth2.bin
2019-05-18 11:31 - 2019-05-18 11:31 - 000000315 _____ C:\windows\system32\DrtmAuth1.bin
2019-05-10 11:11 - 2019-05-10 11:11 - 000000000 _____ C:\windows\eeventmanager.INI
2019-05-10 11:08 - 2019-05-10 11:08 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Leadertech
2019-05-10 11:03 - 2019-05-10 11:16 - 000000951 _____ C:\windows\Tasks\EPSON WF-3620 Series Update {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}.job
2019-05-10 11:03 - 2019-05-10 11:16 - 000000765 _____ C:\windows\Tasks\EPSON WF-3620 Series Invitation {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}.job
2019-05-10 11:03 - 2019-05-10 11:03 - 000004150 _____ C:\windows\System32\Tasks\EPSON WF-3620 Series Update {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}
2019-05-10 11:03 - 2019-05-10 11:03 - 000003972 _____ C:\windows\System32\Tasks\EPSON WF-3620 Series Invitation {E8B8A0FE-2C3B-4C22-BC91-A911A13174E5}
2019-05-10 10:59 - 2019-05-10 10:59 - 000000165 _____ C:\Users\Public\Desktop\Epson WF-3620 User’s Guide.url
2019-05-10 10:58 - 2019-05-30 11:28 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Epson
2019-05-10 10:58 - 2019-05-10 10:58 - 000000000 ____D C:\Program Files\EPSON
2019-05-10 10:57 - 2019-05-24 17:27 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2019-05-10 10:57 - 2019-05-10 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2019-05-10 10:57 - 2019-05-10 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2019-05-10 10:57 - 2019-05-10 10:59 - 000000000 ____D C:\Program Files (x86)\epson
2019-05-10 10:57 - 2019-05-10 10:57 - 000001014 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2019-05-10 10:57 - 2019-05-10 10:57 - 000000000 ____D C:\Program Files\EpsonNet
2019-05-10 10:57 - 2012-07-24 00:00 - 000466432 _____ (Seiko Epson Corporation) C:\windows\system32\esxw2ud.dll
2019-05-10 10:57 - 2012-05-17 00:00 - 000144560 _____ (Seiko Epson Corporation) C:\windows\system32\escsvc64.exe
2019-05-10 10:57 - 2010-11-22 13:27 - 000147472 _____ (TWAIN Working Group) C:\windows\SysWOW64\twaindsm.dll
2019-05-10 10:56 - 2019-05-10 11:16 - 000000951 _____ C:\windows\Tasks\EPSON WF-3620 Series Update {4E2A8031-5C38-45AB-AB82-3565B005B4AB}.job
2019-05-10 10:56 - 2019-05-10 11:16 - 000000765 _____ C:\windows\Tasks\EPSON WF-3620 Series Invitation {4E2A8031-5C38-45AB-AB82-3565B005B4AB}.job
2019-05-10 10:56 - 2019-05-10 10:56 - 000004150 _____ C:\windows\System32\Tasks\EPSON WF-3620 Series Update {4E2A8031-5C38-45AB-AB82-3565B005B4AB}
2019-05-10 10:56 - 2019-05-10 10:56 - 000003972 _____ C:\windows\System32\Tasks\EPSON WF-3620 Series Invitation {4E2A8031-5C38-45AB-AB82-3565B005B4AB}
2019-05-10 10:56 - 2019-05-10 10:56 - 000000000 ____D C:\Program Files\Common Files\EPSON
2019-05-10 10:56 - 2013-10-21 12:04 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\windows\system32\E_YLMBKEE.DLL
2019-05-10 10:56 - 2007-04-09 09:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\windows\system32\E_GCINST.DLL
2019-05-10 10:55 - 2019-05-10 12:03 - 000000000 ____D C:\ProgramData\EPSON
2019-05-10 10:55 - 2011-03-14 11:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\windows\system32\E_YD4BKEE.DLL
2019-05-10 10:53 - 2019-05-10 10:53 - 019900368 _____ C:\Users\metzn\Downloads\FW_CC09I2.exe
2019-05-10 10:52 - 2019-05-10 10:52 - 013555352 _____ (Epson America, Inc. ) C:\Users\metzn\Downloads\WF3620_Lite_NA.exe
2019-05-10 10:45 - 2019-05-25 18:57 - 000000000 ____D C:\Users\metzn\AppData\Local\ElevatedDiagnostics
2019-05-10 10:36 - 2019-05-17 10:42 - 000000000 ____D C:\Users\metzn\AppData\Roaming\HpUpdate
2019-05-10 10:36 - 2019-05-10 10:36 - 000002284 _____ C:\Users\Public\Desktop\HP Officejet Pro 3620.lnk
2019-05-10 10:36 - 2019-05-10 10:36 - 000000057 _____ C:\ProgramData\Ament.ini
2019-05-10 10:36 - 2019-05-10 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-05-10 10:36 - 2014-03-06 12:51 - 000763912 ____N (Hewlett-Packard Co.) C:\windows\system32\HPDiscoPM6D12.dll
2019-05-10 10:35 - 2019-05-10 10:36 - 000000000 ____D C:\Users\metzn\AppData\Local\HP
2019-05-10 08:13 - 2019-05-10 08:13 - 000001172 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2019-05-10 08:11 - 2019-05-10 08:11 - 000000000 ____D C:\swsetup
2019-05-07 07:59 - 2019-05-31 10:40 - 000000364 _____ C:\windows\Tasks\HPCeeScheduleFormetzn.job
2019-05-07 07:59 - 2019-05-31 07:59 - 000003256 _____ C:\windows\System32\Tasks\HPCeeScheduleFormetzn
2019-05-07 07:59 - 2019-05-07 07:59 - 000000000 ____D C:\Users\metzn\AppData\Local\HP_Inc
2019-05-06 11:34 - 2019-05-06 11:33 - 000592616 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 024616960 _____ (Microsoft Corporation) C:\windows\system32\Hydrogen.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 019284480 _____ (Microsoft Corporation) C:\windows\system32\HologramWorld.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 012140032 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 011724288 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 009941504 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 008898048 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 007919104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 007724992 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 005436904 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 005112792 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 004920832 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 003952952 _____ (Microsoft Corporation) C:\windows\system32\Windows.Mirage.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 003690496 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 003566080 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 003551112 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 003421696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 003406848 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002986352 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Mirage.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002942464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002752360 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002469440 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002393088 _____ (Microsoft Corporation) C:\windows\SysWOW64\AcGenral.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002323688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002298880 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002278240 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002205184 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 002127360 _____ (Microsoft Corporation) C:\windows\system32\wsp_fs.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001782272 _____ (Microsoft Corporation) C:\windows\system32\wsp_health.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001706488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001521664 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_fs.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001459080 _____ (Microsoft Corporation) C:\windows\system32\msvproc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001332224 _____ (Microsoft Corporation) C:\windows\system32\lpasvc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001307648 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_health.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001297120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvproc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001294520 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001289192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001282640 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001259320 _____ (Microsoft Corporation) C:\windows\system32\SecConfig.efi
2019-05-06 11:10 - 2019-05-06 11:10 - 001224704 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001200920 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001131520 _____ (Microsoft Corporation) C:\windows\system32\nettrace.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001077912 _____ (Microsoft Corporation) C:\windows\system32\DolbyDecMFT.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001072424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001057976 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001022464 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.MixedRealityCapture.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 001019392 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000897536 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000870400 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000866152 _____ (Microsoft Corporation) C:\windows\SysWOW64\DolbyDecMFT.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000854784 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000829440 _____ (Microsoft Corporation) C:\windows\system32\HologramCompositor.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000815616 _____ (Microsoft Corporation) C:\windows\system32\fvewiz.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000762272 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000742912 _____ (Microsoft Corporation) C:\windows\system32\SpaceControl.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000701440 _____ (Microsoft Corporation) C:\windows\system32\FrameServer.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\fveapi.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000662528 ____R (Microsoft Corporation) C:\windows\system32\MixedRealityCapture.Pipeline.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000642048 _____ (Microsoft Corporation) C:\windows\system32\SharedRealitySvc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000577024 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhctrl.ocx
2019-05-06 11:10 - 2019-05-06 11:10 - 000573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfh264enc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000560128 _____ (Microsoft Corporation) C:\windows\system32\mfh264enc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000522312 _____ (Microsoft Corporation) C:\windows\system32\systemreset.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000475648 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxbde40.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000454144 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000429056 _____ (Microsoft Corporation) C:\windows\system32\MixedReality.Broker.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000427520 _____ (Microsoft Corporation) C:\windows\system32\MSFlacDecoder.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000421688 _____ (Microsoft Corporation) C:\windows\system32\MSAudDecMFT.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToManager.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000371712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSFlacDecoder.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000370688 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000349696 _____ (Microsoft Corporation) C:\windows\system32\AcGenral.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000340480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2019-05-06 11:10 - 2019-05-06 11:10 - 000331776 _____ (Microsoft Corporation) C:\windows\system32\fvecpl.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000316416 _____ (Microsoft Corporation) C:\windows\system32\FSClient.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxdiag.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000314368 _____ (Microsoft Corporation) C:\windows\system32\AcLayers.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd2x40.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\fveapibase.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000309760 _____ (Microsoft Corporation) C:\windows\system32\fveui.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000301096 _____ (Microsoft Corporation) C:\windows\system32\wmpeffects.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\MbbCx.sys
2019-05-06 11:10 - 2019-05-06 11:10 - 000263576 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000241680 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpeffects.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000241152 _____ (Microsoft Corporation) C:\windows\system32\ResetEngOnline.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000218624 _____ (Microsoft Corporation) C:\windows\system32\wmpdxm.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000180736 _____ (Microsoft Corporation) C:\windows\SysWOW64\srumsvc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpdxm.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000167424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpdr.sys
2019-05-06 11:10 - 2019-05-06 11:10 - 000153088 _____ (Microsoft Corporation) C:\windows\system32\fcon.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\itss.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000137216 _____ (Microsoft Corporation) C:\windows\system32\SpaceAgent.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000125440 _____ (Microsoft Corporation) C:\windows\system32\wmpshell.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\ActiveSyncCsp.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000098816 ____R (Microsoft Corporation) C:\windows\system32\MixedRealityCapture.Broker.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000097280 _____ (Microsoft Corporation) C:\windows\system32\EduPrintProv.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpshell.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000093696 _____ (Microsoft Corporation) C:\windows\system32\nlahc.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000092672 _____ (Microsoft Corporation) C:\windows\system32\PktMon.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\offreg.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\EASPolicyManagerBrokerHost.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\RDSPnf.exe
2019-05-06 11:10 - 2019-05-06 11:10 - 000058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\offreg.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000039936 _____ (Microsoft Corporation) C:\windows\system32\perfts.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshhttp.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\dataclen.dll
2019-05-06 11:10 - 2019-05-06 11:10 - 000032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfts.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 015223296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 012844032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 007251456 _____ (Microsoft Corporation) C:\windows\SysWOW64\BingMaps.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 006925824 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 005915936 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 005765120 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 005588184 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 005210904 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepository.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 004527624 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupapi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003729808 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 003656192 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003652656 _____ (Microsoft Corporation) C:\windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003504128 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003496448 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.AI.MachineLearning.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003426816 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 003108864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002925880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 002765312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002701512 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002689024 _____ (Microsoft Corporation) C:\windows\system32\WebRuntimeManager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002627384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 002447360 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapRouter.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002346496 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002073960 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 002001408 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapGeocoder.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001994976 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001899160 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001720936 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001711104 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001687552 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001674696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001671352 _____ (Microsoft Corporation) C:\windows\system32\gdi32full.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001615872 ____R (The ICU Project) C:\windows\SysWOW64\icuin.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001590064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpserverbase.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001572176 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001506304 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001467552 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32full.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001458056 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3D12.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001370624 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001360184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 001272552 _____ (Microsoft Corporation) C:\windows\SysWOW64\ttdrecordcpu.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001271608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001254912 _____ (Microsoft Corporation) C:\windows\SysWOW64\TokenBroker.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001249280 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallService.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001221944 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpbase.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001217024 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001180248 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001155072 ____R (The ICU Project) C:\windows\SysWOW64\icuuc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001110528 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001098128 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001072640 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001047552 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 001001472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpnapps.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000982528 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.Vpn.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000976896 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000964096 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncCore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000949248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000948224 _____ (Microsoft Corporation) C:\windows\system32\uDWM.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000918032 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000913920 _____ (Microsoft Corporation) C:\windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000909840 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000908800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmsys.cpl
2019-05-06 11:09 - 2019-05-06 11:09 - 000884224 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000882688 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000875008 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000845824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ShareHost.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000828728 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000821048 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000815616 _____ (Microsoft Corporation) C:\windows\system32\MdmDiagnostics.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000787456 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000782968 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000780632 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcrt.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000775168 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVolSSO.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000772608 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000772408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Services.TargetedContent.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000769536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000762880 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000731648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000730112 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000723968 _____ (Microsoft Corporation) C:\windows\SysWOW64\BingOnlineServices.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000712192 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000711168 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000695296 _____ (Microsoft Corporation) C:\windows\system32\hhctrl.ocx
2019-05-06 11:09 - 2019-05-06 11:09 - 000681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000673280 _____ (Microsoft Corporation) C:\windows\system32\configmanager2.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000671232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000663552 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000655160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000653040 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppXDeploymentClient.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000649064 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000638376 _____ (Microsoft Corporation) C:\windows\system32\msvcrt.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000626176 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000624640 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000621568 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000617784 _____ (Microsoft Corporation) C:\windows\SysWOW64\LicensingWinRT.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000615936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Core.TextInput.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000599040 _____ (Microsoft Corporation) C:\windows\system32\facecredentialprovider.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000598544 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000591832 _____ C:\windows\SysWOW64\InputHost.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000588304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000578560 _____ (Microsoft Corporation) C:\windows\system32\PlayToManager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000570368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000553656 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000553472 _____ (Microsoft Corporation) C:\windows\system32\dmenrollengine.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000549376 _____ (Microsoft Corporation) C:\windows\SysWOW64\JpMapControl.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000548864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.Connectivity.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000540720 _____ (Microsoft Corporation) C:\windows\SysWOW64\StateRepository.Core.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000540448 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000535048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000528384 _____ (Microsoft Corporation) C:\windows\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000514632 _____ (Microsoft Corporation) C:\windows\system32\policymanager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsound.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000496128 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppcext.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000492032 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\ResourceMapper.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000474928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2019-05-06 11:09 - 2019-05-06 11:09 - 000461824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmenrollengine.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000454160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000451080 _____ (Microsoft Corporation) C:\windows\SysWOW64\policymanager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000449024 _____ (Microsoft Corporation) C:\windows\system32\edgeIso.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000434176 _____ (Microsoft Corporation) C:\windows\SysWOW64\TileDataRepository.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000430904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000424960 _____ (Microsoft Corporation) C:\windows\SysWOW64\daxexec.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapConfiguration.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000414720 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2019-05-06 11:09 - 2019-05-06 11:09 - 000408528 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Enumeration.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000385536 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.LowLevel.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000383288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000370176 _____ (Microsoft Corporation) C:\windows\system32\dxdiag.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\LockAppBroker.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\DataUsageHandlers.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000359936 _____ (Microsoft Corporation) C:\windows\system32\DeviceEnroller.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000359424 _____ (Microsoft Corporation) C:\windows\system32\dusmsvc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000349184 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000343552 _____ (Microsoft Corporation) C:\windows\system32\RADCUI.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000332800 _____ (Microsoft Corporation) C:\windows\system32\NetSetupSvc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000331264 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Picker.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgeIso.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000326144 _____ (Microsoft Corporation) C:\windows\system32\DiagnosticLogCSP.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000324096 _____ (Microsoft Corporation) C:\windows\system32\sppcommdlg.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000322048 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptngc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000320512 _____ (Microsoft Corporation) C:\windows\system32\omadmclient.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000312632 _____ (Microsoft Corporation) C:\windows\SysWOW64\thumbcache.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000302080 _____ (Microsoft Corporation) C:\windows\system32\dmenterprisediagnostics.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000297984 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.System.Diagnostics.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000294912 _____ (Microsoft Corporation) C:\windows\SysWOW64\RADCUI.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000293376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000289792 _____ (Microsoft Corporation) C:\windows\system32\discan.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000284160 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasppp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000279376 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000272648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ttdwriter.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000262456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000240128 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000224768 _____ (Microsoft Corporation) C:\windows\system32\BitLockerCsp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000201728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mdmregistration.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000201216 _____ (Microsoft Corporation) C:\windows\system32\wincredui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000188416 _____ (Microsoft Corporation) C:\windows\system32\DMPushRouterCore.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000176640 _____ (Microsoft Corporation) C:\windows\system32\spacebridge.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000173568 _____ (Microsoft Corporation) C:\windows\system32\itss.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000159744 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasman.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\container.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000146888 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000144896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000143880 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\BitLockerCsp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\mdmmigrator.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000139776 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintWorkflowService.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000134144 _____ (Microsoft Corporation) C:\windows\system32\DataUsageLiveTileTask.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000133120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Radios.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000132096 _____ (Microsoft Corporation) C:\windows\SysWOW64\smartscreenps.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000129024 _____ (Microsoft Corporation) C:\windows\SysWOW64\spopk.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\srpapi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000122680 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000122368 _____ (Microsoft Corporation) C:\windows\SysWOW64\DisplayManager.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000115360 _____ (Microsoft Corporation) C:\windows\system32\phoneactivate.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000115200 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleprn.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000114344 _____ (Microsoft Corporation) C:\windows\SysWOW64\rmclient.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000107832 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupApi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000107008 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000104960 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000104960 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000100352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdfs.sys
2019-05-06 11:09 - 2019-05-06 11:09 - 000099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000096256 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataTimeUtil.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000091424 _____ (Microsoft Corporation) C:\windows\SysWOW64\CompPkgSup.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000089600 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvsetup.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000086528 _____ (Microsoft Corporation) C:\windows\system32\nslookup.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mcbuilder.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\nslookup.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000067072 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000066048 _____ (Microsoft Corporation) C:\windows\system32\ntlanman.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdBth.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntlanman.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000049152 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000046592 _____ (Microsoft Corporation) C:\windows\system32\dataclen.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\CredentialMigrationHandler.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\nshhttp.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000040960 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscapi.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\perfproc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfproc.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000035840 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\sxssrv.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\SecureBioSysprep.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\cmintegrator.dll
2019-05-06 11:09 - 2019-05-06 11:09 - 000026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\RpcPing.exe
2019-05-06 11:09 - 2019-05-06 11:09 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscdll.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 022114960 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 017513472 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 009670656 _____ (Microsoft Corporation) C:\windows\system32\BingMaps.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 007647256 _____ (Microsoft Corporation) C:\windows\system32\OneCoreUAPCommonProxyStub.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 007556392 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 005566464 _____ (Microsoft Corporation) C:\windows\system32\twinui.pcshell.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 005561856 _____ (Microsoft Corporation) C:\windows\system32\StartTileData.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 005527552 _____ (Microsoft Corporation) C:\windows\system32\InputService.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 005296640 _____ (Microsoft Corporation) C:\windows\system32\cdp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004997096 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepository.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004866560 _____ (Microsoft Corporation) C:\windows\system32\Windows.AI.MachineLearning.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004704272 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004304896 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 004245280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 004019200 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003982848 _____ (Microsoft Corporation) C:\windows\system32\EdgeContent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003761664 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003399168 _____ (Microsoft Corporation) C:\windows\system32\MapRouter.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003334496 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003334144 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 003270144 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002995712 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002929152 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002871304 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 002842624 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002842112 _____ (Microsoft Corporation) C:\windows\system32\MapGeocoder.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002766648 _____ (Microsoft Corporation) C:\windows\system32\UpdateAgent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002637312 _____ (Microsoft Corporation) C:\windows\system32\smartscreen.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 002630656 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002618880 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002592816 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002466304 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002438368 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002149368 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002085376 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002042368 _____ (Microsoft Corporation) C:\windows\system32\Windows.CloudStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002022304 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 002017792 _____ C:\windows\system32\rdpnano.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001969464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 001931264 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001918464 _____ (Microsoft Corporation) C:\windows\system32\AzureSettingSyncProvider.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001892864 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001886208 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001856000 ____R (The ICU Project) C:\windows\system32\icuin.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001844448 _____ (Microsoft Corporation) C:\windows\system32\D3D12.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001830200 _____ (Microsoft Corporation) C:\windows\system32\rdpserverbase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001768960 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001742104 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001715712 _____ (Microsoft Corporation) C:\windows\system32\ISM.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001700880 _____ (Microsoft Corporation) C:\windows\system32\ContentDeliveryManager.Utilities.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001672704 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001671680 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001671680 _____ (Microsoft Corporation) C:\windows\system32\InstallService.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001653760 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001647632 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001616384 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001567232 _____ (Microsoft Corporation) C:\windows\system32\dosvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001563336 _____ (Microsoft Corporation) C:\windows\system32\ttdrecordcpu.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001533440 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001496576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001481488 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001478968 _____ (Microsoft Corporation) C:\windows\system32\rdpbase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001462272 _____ (Microsoft Corporation) C:\windows\system32\TokenBroker.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001446400 _____ (Microsoft Corporation) C:\windows\system32\mfc42u.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001415680 _____ (Microsoft Corporation) C:\windows\system32\mfc42.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001331536 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001315840 _____ (Microsoft Corporation) C:\windows\system32\wpx.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001315328 _____ (Microsoft Corporation) C:\windows\system32\wpnapps.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001314304 _____ (Microsoft Corporation) C:\windows\system32\NotificationController.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001311232 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Vpn.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001296576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001267712 _____ (Microsoft Corporation) C:\windows\system32\APMon.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001259320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 001256448 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001219640 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryPS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001213752 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001208320 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001199104 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001191728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001176064 _____ (Microsoft Corporation) C:\windows\system32\MapsStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001145856 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncCore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001133568 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001087800 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001078072 _____ (Microsoft Corporation) C:\windows\system32\Windows.Services.TargetedContent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001058304 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2019-05-06 11:08 - 2019-05-06 11:08 - 001057792 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 001056272 _____ (Microsoft Corporation) C:\windows\system32\pidgenx.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001053192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ClipSp.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 001052160 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001035776 _____ (Microsoft Corporation) C:\windows\system32\ShareHost.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001032704 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001022616 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001010176 _____ (Microsoft Corporation) C:\windows\system32\refsutil.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 001007616 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 001001472 _____ (Microsoft Corporation) C:\windows\system32\mmsys.cpl
2019-05-06 11:08 - 2019-05-06 11:08 - 000999424 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000998712 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000984888 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000982880 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000981816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refsv1.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000974352 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000956416 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000955392 _____ (Microsoft Corporation) C:\windows\system32\wbiosrvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000954368 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000927232 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000926208 _____ (Microsoft Corporation) C:\windows\system32\MbaeApi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000918304 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000902144 _____ (Microsoft Corporation) C:\windows\system32\BingOnlineServices.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000888320 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000888120 _____ (Microsoft Corporation) C:\windows\SysWOW64\pidgenx.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000883712 _____ (Microsoft Corporation) C:\windows\system32\usocore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000882176 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2019-05-06 11:08 - 2019-05-06 11:08 - 000877056 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000874496 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000872448 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000871792 _____ (Microsoft Corporation) C:\windows\system32\ClipSVC.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000865784 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentClient.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000864056 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthService.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000860160 _____ C:\windows\system32\MBR2GPT.EXE
2019-05-06 11:08 - 2019-05-06 11:08 - 000855040 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Playback.MediaPlayer.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000850760 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000836096 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000833064 _____ C:\windows\system32\InputHost.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000823296 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000822272 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000820736 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Core.TextInput.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000809784 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000807424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdiWiFi.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000806600 _____ C:\windows\SysWOW64\locale.nls
2019-05-06 11:08 - 2019-05-06 11:08 - 000806600 _____ C:\windows\system32\locale.nls
2019-05-06 11:08 - 2019-05-06 11:08 - 000800256 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000799568 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000793832 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000790328 _____ (Microsoft Corporation) C:\windows\system32\upshared.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000782848 _____ (Microsoft Corporation) C:\windows\system32\ngcsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000776192 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000773120 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000773120 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000766480 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000764216 _____ (Microsoft Corporation) C:\windows\system32\wimgapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000761280 _____ (Microsoft Corporation) C:\windows\system32\pkeyhelper.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000756736 _____ (Microsoft Corporation) C:\windows\system32\DolbyHrtfEnc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000752136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000745984 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.Connectivity.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000741888 _____ (Microsoft Corporation) C:\windows\system32\updatehandlers.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000737080 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000735232 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000730936 _____ (Microsoft Corporation) C:\windows\system32\LicensingWinRT.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000725696 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000714240 _____ (Microsoft Corporation) C:\windows\system32\JpMapControl.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000699392 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Language.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000691712 _____ (Microsoft Corporation) C:\windows\system32\aadcloudap.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000684544 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000679424 _____ (Microsoft Corporation) C:\windows\system32\AppReadiness.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000676256 _____ (Microsoft Corporation) C:\windows\system32\StateRepository.Core.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000675096 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000663552 _____ (Microsoft Corporation) C:\windows\system32\PsmServiceExtHost.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000661816 _____ (Microsoft Corporation) C:\windows\system32\computecore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000660480 _____ (Microsoft Corporation) C:\windows\system32\OneDriveSettingSyncProvider.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000651792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000651576 _____ (Microsoft Corporation) C:\windows\system32\securekernel.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000646656 _____ (Microsoft Corporation) C:\windows\system32\w32time.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000646632 _____ (Microsoft Corporation) C:\windows\system32\msvcp_win.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000622080 _____ (Microsoft Corporation) C:\windows\system32\NgcCtnrSvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000620560 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000612368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000611840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.LowLevel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000610304 _____ (Microsoft Corporation) C:\windows\system32\daxexec.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000605496 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimgapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000604336 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000604008 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000593920 _____ (Microsoft Corporation) C:\windows\system32\dsound.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000582240 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000580024 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000579072 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000578560 _____ (Microsoft Corporation) C:\windows\system32\SppExtComObj.Exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000572416 _____ (Microsoft Corporation) C:\windows\system32\wpnprv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000566272 _____ (Microsoft Corporation) C:\windows\system32\MapConfiguration.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000556544 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000556544 _____ (Microsoft Corporation) C:\windows\system32\BTAGService.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000553984 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000553784 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000552448 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000551936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000547840 _____ (Microsoft Corporation) C:\windows\system32\TileDataRepository.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000540672 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2019-05-06 11:08 - 2019-05-06 11:08 - 000531976 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000531968 _____ (Microsoft Corporation) C:\windows\system32\sppcext.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000527872 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000522752 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000519992 _____ (Microsoft Corporation) C:\windows\system32\wimserv.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000519992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Vid.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000518656 _____ (Microsoft Corporation) C:\windows\system32\modernexecserver.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000516608 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000513040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000508208 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Enumeration.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000506880 _____ (Microsoft Corporation) C:\windows\system32\EnterpriseAppMgmtSvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000506408 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000506168 _____ (Microsoft Corporation) C:\windows\system32\dcntel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000505344 _____ (Microsoft Corporation) C:\windows\system32\NetSetupShim.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000500224 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_PCDisplay.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000496872 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000495616 _____ (Microsoft Corporation) C:\windows\system32\DDDS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000494080 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000494080 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Activities.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000485192 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase_enclave.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000479232 _____ (Microsoft Corporation) C:\windows\system32\cloudAP.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000475648 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000473616 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000469504 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000466432 _____ (Microsoft Corporation) C:\windows\system32\slui.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000463672 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000461824 _____ (Microsoft Corporation) C:\windows\system32\WpAXHolder.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000461112 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000456704 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Picker.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000452096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cldflt.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000450048 _____ (Microsoft Corporation) C:\windows\system32\LockAppBroker.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000448000 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.Workflow.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000447488 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000435712 _____ (Microsoft Corporation) C:\windows\system32\cryptngc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000433152 _____ (Microsoft Corporation) C:\windows\system32\SensorService.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000424960 _____ (Microsoft Corporation) C:\windows\system32\SDDS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000421392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000420864 _____ (Microsoft Corporation) C:\windows\system32\SettingsEnvironment.Desktop.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000419128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000417792 _____ (Microsoft Corporation) C:\windows\system32\eeprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000408800 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000407552 _____ (Microsoft Corporation) C:\windows\system32\rascustom.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000407504 _____ (Microsoft Corporation) C:\windows\system32\wevtapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000407040 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000404792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000402944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000402576 _____ (Microsoft Corporation) C:\windows\system32\SgrmEnclave.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000398416 _____ (Microsoft Corporation) C:\windows\system32\SgrmEnclave_secure.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000394752 _____ (Microsoft Corporation) C:\windows\SysWOW64\AcLayers.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000392704 _____ (Microsoft Corporation) C:\windows\system32\domgmt.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000388096 _____ (Microsoft Corporation) C:\windows\system32\MusNotificationUx.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000386872 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000386360 _____ (Microsoft Corporation) C:\windows\system32\thumbcache.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000385024 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000384312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aepic.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000375544 _____ (Microsoft Corporation) C:\windows\system32\MusNotifyIcon.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000371200 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.Diagnostics.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000370688 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupShim.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000368640 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000366592 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000365056 _____ (Microsoft Corporation) C:\windows\system32\NotificationControllerPS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000355360 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000349184 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000348160 _____ (Microsoft Corporation) C:\windows\system32\BioCredProv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000346624 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000343984 _____ (Microsoft Corporation) C:\windows\system32\AudioSrvPolicyManager.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000330464 _____ (Microsoft Corporation) C:\windows\system32\ttdwriter.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000326144 _____ (Microsoft Corporation) C:\windows\system32\Windows.Cortana.OneCore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000324408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000322568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000321024 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000306488 _____ (Microsoft Corporation) C:\windows\system32\computestorage.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000305664 _____ (Microsoft Corporation) C:\windows\system32\rasppp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000301568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000300344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000300032 _____ (Microsoft Corporation) C:\windows\system32\wc_storage.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000298296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000283032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wevtapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000281600 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000280592 _____ (Microsoft Corporation) C:\windows\system32\browserbroker.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000276488 _____ (Microsoft Corporation) C:\windows\system32\MTF.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\BioCredProv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000271360 _____ (Microsoft Corporation) C:\windows\system32\MapControlCore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000264704 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000263680 _____ (Microsoft Corporation) C:\windows\system32\WiFiCloudStore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000257696 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000255128 _____ (Microsoft Corporation) C:\windows\system32\SgrmBroker.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000254464 _____ (Microsoft Corporation) C:\windows\notepad.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000251904 _____ (Microsoft Corporation) C:\windows\system32\HttpsDataSource.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000248832 _____ (Microsoft Corporation) C:\windows\system32\w32tm.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000246784 _____ (Microsoft Corporation) C:\windows\system32\tetheringservice.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000246784 _____ (Microsoft Corporation) C:\windows\system32\mdmregistration.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000246584 _____ (Microsoft Corporation) C:\windows\system32\moshostcore.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000244224 _____ (Microsoft Corporation) C:\windows\system32\JpnServiceDS.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000241664 _____ (Microsoft Corporation) C:\windows\system32\SharedPCCSP.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000234808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netvsc.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000225792 _____ (Microsoft Corporation) C:\windows\system32\smbwmiv2.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000224256 _____ (Microsoft Corporation) C:\windows\system32\ptpprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000217600 _____ (Microsoft Corporation) C:\windows\system32\container.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000214528 _____ (Microsoft Corporation) C:\windows\system32\srumsvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000211968 _____ (Microsoft Corporation) C:\windows\SysWOW64\w32tm.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000202752 _____ (Microsoft Corporation) C:\windows\system32\SecureTimeAggregator.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000202552 _____ (Microsoft Corporation) C:\windows\SysWOW64\MTF.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000198144 _____ (Microsoft Corporation) C:\windows\system32\netiohlp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000197120 _____ (Microsoft Corporation) C:\windows\system32\updatepolicy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000197120 _____ (Microsoft Corporation) C:\windows\system32\bthserv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000196608 _____ (Microsoft Corporation) C:\windows\system32\smartscreenps.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000195896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spacedump.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000195072 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryUpgrade.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000193032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\ngcpopkeysrv.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000184320 _____ (Microsoft Corporation) C:\windows\system32\rasman.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000183296 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Radios.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000182784 _____ (Microsoft Corporation) C:\windows\system32\Windows.SharedPC.CredentialProvider.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000179712 _____ (Microsoft Corporation) C:\windows\system32\wuuhosdeployment.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000178688 _____ (Microsoft Corporation) C:\windows\system32\winbio.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000178176 _____ (Microsoft Corporation) C:\windows\system32\appsruprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000177664 _____ (Microsoft Corporation) C:\windows\system32\ngctasks.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000177152 _____ (Microsoft Corporation) C:\windows\system32\LanguageComponentsInstaller.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000175104 _____ (Microsoft Corporation) C:\windows\system32\energyprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000171520 _____ (Microsoft Corporation) C:\windows\system32\SpatialAudioLicenseSrv.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000171520 _____ (Microsoft Corporation) C:\windows\system32\DisplayManager.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000169784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wcifs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000168448 _____ (Microsoft Corporation) C:\windows\system32\drvinst.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\spacebridge.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000165376 _____ (Microsoft Corporation) C:\windows\system32\CompPkgSrv.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000164288 _____ (Microsoft Corporation) C:\windows\system32\vertdll.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000161280 _____ (Microsoft Corporation) C:\windows\SysWOW64\updatepolicy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000160256 _____ (Microsoft Corporation) C:\windows\system32\spopk.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000159272 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000159112 _____ (Microsoft Corporation) C:\windows\system32\winquic.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000157496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000157200 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryClient.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000156984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winquic.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000156160 _____ (Microsoft Corporation) C:\windows\system32\RMapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\netiohlp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000155648 _____ (Microsoft Corporation) C:\windows\system32\dssvc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000151872 _____ (Microsoft Corporation) C:\windows\system32\rmclient.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000149504 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SerialCommunication.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000148480 _____ C:\windows\system32\DataStoreCacheDumpTool.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000147968 _____ (Microsoft Corporation) C:\windows\system32\srpapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000147496 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000143872 _____ (Microsoft Corporation) C:\windows\system32\oleprn.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000143872 _____ (Microsoft Corporation) C:\windows\system32\musdialoghandlers.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000140808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000138960 _____ (Microsoft Corporation) C:\windows\system32\wldp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000138752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\luafv.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000134456 _____ (Microsoft Corporation) C:\windows\system32\ImplatSetup.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000131384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\winbio.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000121344 _____ (Microsoft Corporation) C:\windows\system32\UserDataTimeUtil.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000120320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthhfenum.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\RjvMDMConfig.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\DolbyMATEnc.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000115200 _____ (Microsoft Corporation) C:\windows\system32\negoexts.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000115152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wldp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000114856 _____ (Microsoft Corporation) C:\windows\system32\CompPkgSup.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000111104 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000111104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000108032 _____ (Microsoft Corporation) C:\windows\system32\drvsetup.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000104248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bindflt.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\negoexts.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000098664 _____ (Microsoft Corporation) C:\windows\system32\mpr.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000097808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000095544 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000095544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storqosflt.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000094224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fileinfo.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\mcbuilder.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000089336 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpr.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wcnfs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000086960 _____ (Microsoft Corporation) C:\windows\system32\taskhostw.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000084480 _____ (Microsoft Corporation) C:\windows\system32\KdsCli.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000083472 _____ (Microsoft Corporation) C:\windows\system32\vid.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000080400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vpci.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000079360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000074424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WindowsTrustedRT.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000071208 _____ (Microsoft Corporation) C:\windows\system32\win32appinventorycsp.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000071168 _____ (Microsoft Corporation) C:\windows\system32\fdBth.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\umpo-overrides.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000055608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\iorate.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\CredentialMigrationHandler.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000051712 _____ (Microsoft Corporation) C:\windows\system32\MdmDiagnosticsTool.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000051712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mmcss.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000049664 _____ (Microsoft Corporation) C:\windows\system32\cscapi.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000048128 _____ (Microsoft Corporation) C:\windows\system32\wcimage.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000047136 _____ (Microsoft Corporation) C:\windows\system32\browser_broker.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000046080 _____ (Microsoft Corporation) C:\windows\system32\hidparse.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000046080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\cmintegrator.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000041984 _____ (Microsoft Corporation) C:\windows\system32\lpkinstall.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000039936 _____ (Microsoft Corporation) C:\windows\system32\npmproxy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000039736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WppRecorder.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000039304 _____ (Microsoft Corporation) C:\windows\system32\NtlmShared.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\wpnsruprov.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000035640 _____ (Microsoft Corporation) C:\windows\system32\DeviceCensus.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msfs.sys
2019-05-06 11:08 - 2019-05-06 11:08 - 000033056 _____ (Microsoft Corporation) C:\windows\SysWOW64\NtlmShared.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\RpcPing.exe
2019-05-06 11:08 - 2019-05-06 11:08 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\cscdll.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\npmproxy.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000002560 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2019-05-06 11:08 - 2019-05-06 11:08 - 000000072 _____ C:\windows\system32\edgehtmlpluginpolicy.bin
2019-05-05 17:39 - 2019-05-05 17:39 - 000000000 _SHDL C:\Documents and Settings
2019-05-05 16:43 - 2019-05-05 16:43 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\Users\metzn\AppData\Local\mbamtray
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\Users\metzn\AppData\Local\mbam
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-05 16:43 - 2019-05-05 16:43 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-05 16:43 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamElam.sys
2019-05-05 16:43 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2019-05-05 16:42 - 2019-05-05 16:42 - 063175880 _____ (Malwarebytes ) C:\Users\metzn\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10472.exe
2019-05-05 16:25 - 2019-05-05 16:25 - 000003936 _____ C:\windows\System32\Tasks\CCleaner Update
2019-05-05 16:25 - 2019-05-05 16:25 - 000002888 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2019-05-05 16:25 - 2019-05-05 16:25 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-05 16:25 - 2019-05-05 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-05 16:25 - 2019-05-05 16:25 - 000000000 ____D C:\Program Files\CCleaner
2019-05-05 16:24 - 2019-05-05 16:24 - 021254208 _____ (Piriform Software Ltd) C:\Users\metzn\Downloads\ccsetup556.exe
2019-05-05 16:24 - 2019-05-05 16:24 - 000000000 ____D C:\Users\metzn\AppData\Local\CEF
2019-05-05 16:22 - 2019-05-05 16:22 - 000000000 ____D C:\Users\metzn\AppData\LocalLow\Adobe
2019-05-05 16:20 - 2019-05-14 22:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-05 16:20 - 2019-05-05 16:20 - 000004562 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-05 16:20 - 2019-05-05 16:20 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-05-05 16:19 - 2019-05-05 17:12 - 000000000 ____D C:\ProgramData\Adobe
2019-05-05 16:19 - 2019-05-05 16:19 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-05-05 16:18 - 2019-05-05 16:22 - 000000000 ____D C:\Users\metzn\AppData\Local\Adobe
2019-05-05 15:58 - 2019-05-05 16:41 - 000000212 _____ C:\Users\metzn\Desktop\Email.url
2019-05-05 13:18 - 2019-05-05 13:19 - 000000000 ____D C:\Users\metzn\Documents\Greg and Lori
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ___SD C:\Users\metzn\Documents\My Articulate Projects
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ___RD C:\Users\metzn\Documents\My Stationery
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Outlook Files
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\OneNote Notebooks
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\NPS
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\My Flip Video Library
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Missy's Work
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Missy's Senior Pictures
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Greg PB- New Job
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\eLearning Guild
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\Avery Templates
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\ATD Board
2019-05-05 13:18 - 2019-05-05 13:18 - 000000000 ____D C:\Users\metzn\Documents\AAA Work Files
2019-05-05 13:18 - 2017-07-21 17:01 - 000000000 ____D C:\Users\metzn\Documents\Custom Office Templates
2019-05-05 13:18 - 2010-01-02 11:29 - 000098304 _____ C:\Users\metzn\Documents\backup_010210.pst
2019-05-05 13:01 - 2019-05-15 11:31 - 000000000 ____D C:\windows\system32\MRT
2019-05-05 13:01 - 2019-05-15 11:27 - 132445408 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-05-05 12:16 - 2019-05-05 12:16 - 000001562 _____ C:\Users\metzn\Desktop\iTunes.lnk
2019-05-05 11:52 - 2019-05-05 11:52 - 000000000 ____D C:\ProgramData\Apple Computer
2019-05-05 11:52 - 2019-05-05 11:52 - 000000000 ____D C:\ProgramData\Apple
2019-05-05 11:42 - 2019-05-26 11:34 - 000000000 ____D C:\Users\metzn\AppData\LocalLow\AMD
2019-05-05 11:42 - 2019-05-21 16:53 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-05 11:42 - 2019-05-21 16:53 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-05 11:41 - 2019-05-15 01:47 - 000003418 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-05 11:41 - 2019-05-15 01:47 - 000003294 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-05 11:41 - 2019-05-05 11:52 - 000000000 ____D C:\Users\metzn\AppData\Local\Google
2019-05-05 11:41 - 2019-05-05 11:42 - 000000000 ____D C:\Program Files (x86)\Google
2019-05-05 11:36 - 2019-05-31 12:22 - 000000000 ____D C:\Users\metzn\AppData\LocalLow\Mozilla
2019-05-05 11:36 - 2019-05-25 17:04 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-05 11:36 - 2019-05-25 17:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-05 11:36 - 2019-05-05 11:36 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-05-05 11:36 - 2019-05-05 11:36 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Mozilla
2019-05-05 11:36 - 2019-05-05 11:36 - 000000000 ____D C:\Users\metzn\AppData\Local\Mozilla
2019-05-05 11:36 - 2019-05-05 11:36 - 000000000 ____D C:\ProgramData\Mozilla
2019-05-05 11:11 - 2019-05-05 11:11 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-05 11:11 - 2019-05-05 11:11 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-05 11:11 - 2019-05-05 11:11 - 000002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-05 11:11 - 2019-05-05 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-05-05 11:10 - 2019-05-05 11:17 - 000000000 ____D C:\Users\metzn\AppData\Local\Publishers
2019-05-05 11:10 - 2019-05-05 11:10 - 000000000 ____D C:\Users\metzn\AppData\Local\Comms
2019-05-05 11:10 - 2019-05-05 11:10 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-05-05 11:07 - 2019-05-27 06:53 - 000000000 ____D C:\Program Files\Microsoft Office
2019-05-05 11:07 - 2019-05-05 11:07 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-05-05 10:58 - 2019-05-05 16:02 - 000000000 ____D C:\Users\metzn\AppData\Local\PlaceholderTileLogoFolder
2019-05-05 10:57 - 2019-05-05 10:57 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Macromedia
2019-05-05 10:57 - 2019-05-05 10:57 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Hewlett-Packard
2019-05-05 10:56 - 2019-05-31 10:42 - 000000000 ___RD C:\Users\metzn\OneDrive
2019-05-05 10:56 - 2019-05-29 17:03 - 000003380 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3924723779-1150026729-1743089468-1001
2019-05-05 10:55 - 2019-05-05 10:55 - 000000000 ____D C:\Users\metzn\AppData\Local\DBG
2019-05-05 10:54 - 2019-05-10 08:12 - 000000000 ____D C:\Users\metzn\AppData\Roaming\hpqLog
2019-05-05 10:54 - 2019-05-10 08:12 - 000000000 ____D C:\Users\metzn\AppData\Local\Hewlett-Packard
2019-05-05 10:54 - 2019-05-05 12:23 - 000000000 ____D C:\Users\metzn\AppData\Local\HP JumpStart Apps
2019-05-05 10:54 - 2019-05-05 10:55 - 000000000 ____D C:\Users\metzn\AppData\Roaming\HP
2019-05-05 10:54 - 2019-05-05 10:54 - 000001446 _____ C:\Users\metzn\Desktop\Microsoft Edge.lnk
2019-05-05 10:54 - 2019-05-05 10:54 - 000000000 ____D C:\Users\metzn\AppData\Local\Crashpad
2019-05-05 10:53 - 2019-05-05 10:53 - 000000000 ___HD C:\Users\metzn\MicrosoftEdgeBackups
2019-05-05 10:53 - 2019-05-05 10:53 - 000000000 ____D C:\Users\metzn\AppData\Local\MicrosoftEdge
2019-05-05 10:52 - 2019-05-31 11:13 - 000000000 ____D C:\Users\metzn\AppData\Local\Packages
2019-05-05 10:52 - 2019-05-27 23:19 - 000000000 ____D C:\Users\metzn\AppData\Local\D3DSCache
2019-05-05 10:52 - 2019-05-24 17:02 - 000000000 ____D C:\Users\metzn\AppData\Roaming\WildTangent
2019-05-05 10:52 - 2019-05-06 11:21 - 000000000 ___RD C:\Users\metzn\3D Objects
2019-05-05 10:52 - 2019-05-05 16:22 - 000000000 ____D C:\Users\metzn\AppData\Roaming\Adobe
2019-05-05 10:52 - 2019-05-05 15:24 - 000000000 ____D C:\Users\metzn\AppData\Local\ConnectedDevicesPlatform
2019-05-05 10:52 - 2019-05-05 10:55 - 000000000 ____D C:\Users\metzn\AppData\Local\AMD
2019-05-05 10:52 - 2019-05-05 10:52 - 000000000 ____D C:\Users\metzn\AppData\Local\VirtualStore
2019-05-05 10:48 - 2019-05-29 17:03 - 000002374 _____ C:\Users\metzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-05 10:48 - 2019-05-10 11:03 - 000000000 ____D C:\Users\metzn
2019-05-05 10:48 - 2019-05-05 10:48 - 000000020 ___SH C:\Users\metzn\ntuser.ini
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-05-31 12:52 - 2018-10-11 01:56 - 000000000 ____D C:\windows\system32\SleepStudy
2019-05-31 10:45 - 2018-10-11 02:02 - 000846278 _____ C:\windows\system32\PerfStringBackup.INI
2019-05-31 10:45 - 2018-09-15 03:31 - 000000000 ____D C:\windows\INF
2019-05-31 10:42 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-31 10:42 - 2018-09-15 03:33 - 000000000 ____D C:\windows\AppReadiness
2019-05-31 10:42 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-31 10:40 - 2018-10-11 01:56 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-05-31 10:39 - 2018-09-15 02:09 - 000524288 _____ C:\windows\system32\config\BBI
2019-05-29 23:18 - 2018-10-11 01:58 - 000000000 ____D C:\ProgramData\Packages
2019-05-27 13:18 - 2018-10-11 01:56 - 000295152 _____ C:\windows\system32\FNTCACHE.DAT
2019-05-27 13:13 - 2018-10-11 02:54 - 000000000 ____D C:\windows\Panther
2019-05-27 13:02 - 2018-09-15 03:23 - 000000000 ____D C:\windows\CbsTemp
2019-05-25 19:00 - 2019-03-14 19:20 - 000000000 ____D C:\Program Files\AMD
2019-05-25 18:57 - 2019-03-14 19:20 - 000497792 _____ C:\windows\system32\Drivers\rtkhdasetting.zip
2019-05-25 18:57 - 2019-03-14 19:20 - 000003194 _____ C:\windows\System32\Tasks\RTKCPL
2019-05-25 18:57 - 2019-03-14 19:20 - 000000000 ____D C:\windows\SysWOW64\RTCOM
2019-05-19 12:32 - 2018-09-15 03:33 - 000000000 ___SD C:\windows\system32\DiagSvcs
2019-05-19 12:32 - 2018-09-15 03:33 - 000000000 ____D C:\windows\bcastdvr
2019-05-18 09:43 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-05-13 17:23 - 2018-09-15 03:36 - 000835688 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2019-05-13 17:23 - 2018-09-15 03:36 - 000179816 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-10 11:19 - 2019-03-14 18:23 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-05-10 11:09 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\FxsTmp
2019-05-10 10:58 - 2019-03-14 18:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-05-10 10:36 - 2019-03-14 18:24 - 000000000 ____D C:\Program Files\HP
2019-05-10 10:36 - 2019-03-14 18:23 - 000000000 ____D C:\ProgramData\HP
2019-05-10 10:36 - 2019-03-14 18:23 - 000000000 ____D C:\Program Files (x86)\HP
2019-05-10 08:12 - 2019-03-14 18:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-05-10 08:12 - 2019-03-14 18:23 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-05-10 08:12 - 2018-09-10 10:54 - 000000000 ___HD C:\SYSTEM.SAV
2019-05-06 13:39 - 2018-10-11 01:56 - 000000000 ____D C:\windows\system32\Drivers\wd
2019-05-06 13:39 - 2018-09-15 03:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-05-06 11:21 - 2018-10-11 01:58 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\TextInput
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\SysWOW64\oobe
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\SysWOW64\Dism
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\oobe
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\migwiz
2019-05-06 11:15 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\appraiser
2019-05-06 11:15 - 2018-09-15 02:09 - 000000000 ____D C:\windows\system32\Dism
2019-05-06 11:14 - 2019-03-14 20:04 - 000000000 ____D C:\windows\holoshell
2019-05-06 11:14 - 2018-09-15 05:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-05-06 11:14 - 2018-09-15 05:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-05-06 11:14 - 2018-09-15 03:33 - 000000000 ____D C:\windows\ShellExperiences
2019-05-06 11:14 - 2018-09-15 03:33 - 000000000 ____D C:\windows\ShellComponents
2019-05-06 11:12 - 2018-09-15 02:09 - 000000000 ____D C:\windows\servicing
2019-05-06 11:08 - 2018-10-11 02:00 - 002865152 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2019-05-06 03:17 - 2018-09-15 03:33 - 000000000 ____D C:\windows\appcompat
2019-05-06 00:24 - 2019-03-14 19:37 - 000000000 ____D C:\windows\System32\Tasks\McAfee
2019-05-06 00:23 - 2018-09-15 03:33 - 000000000 ___HD C:\windows\ELAMBKUP
2019-05-06 00:23 - 2018-09-15 02:09 - 000032768 _____ C:\windows\system32\config\ELAM
2019-05-05 17:39 - 2019-03-14 18:25 - 000002766 _____ C:\windows\System32\Tasks\HPAudioSwitch
2019-05-05 17:39 - 2018-09-15 03:33 - 000000000 ____D C:\windows\LiveKernelReports
2019-05-05 10:57 - 2019-03-14 18:23 - 000000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2019-05-05 10:43 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\WinBioDatabase
2019-05-05 10:41 - 2019-03-14 19:33 - 000000000 ____D C:\ProgramData\WildTangent
2019-05-05 10:40 - 2019-03-14 20:05 - 000002856 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3924723779-1150026729-1743089468-500
2019-05-05 10:40 - 2019-03-14 19:33 - 000002856 _____ C:\windows\System32\Tasks\HPJumpStartLaunch
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05.2019
Ran by metzn (31-05-2019 13:11:30)
Running from C:\Users\metzn\Downloads
Windows 10 Home Version 1809 17763.503 (X64) (2019-05-05 14:41:39)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3924723779-1150026729-1743089468-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3924723779-1150026729-1743089468-503 - Limited - Disabled)
Guest (S-1-5-21-3924723779-1150026729-1743089468-501 - Limited - Disabled)
metzn (S-1-5-21-3924723779-1150026729-1743089468-1001 - Administrator - Enabled) => C:\Users\metzn
WDAGUtilityAccount (S-1-5-21-3924723779-1150026729-1743089468-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.0616.1322.22237 - Advanced Micro Devices, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 2.56.00 - Seiko Epson Corporation)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - Seiko Epson Corporation)
Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.2.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}) (Version: 4.4.11 - Seiko Epson Corporation)
EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version:  - SEIKO EPSON Corporation)
Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.14.304 - SurfRight B.V.)
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{016FBF6D-AEDE-4D33-87B4-DF6815EF674A}) (Version: 1.4.0.485 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{35556CCA-F14E-48F3-93F4-E29C4B3DBE30}) (Version: 1.4.485.0 - HP Inc.)
HP Officejet Pro 3620 Basic Device Software (HKLM\...\{D81BD182-CB53-4B35-8A7B-A6BA2D619E07}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Home and Student 2019 - en-us (HKLM\...\HomeStudent2019Retail - en-us) (Version: 16.0.11601.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0 (x64 en-US)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.93 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8536 - Realtek Semiconductor Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.47 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.305 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 6.0.0.43 - WildTangent) Hidden
 
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2019-05-05] (Amazon.com)
Booking.com USA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comUSABigsavingson_1.0.4.0_x64__mgae2k3ys4ra0 [2019-05-05] (Priceline Partner Network)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.13.5.0_x86__kgqvnymyfvs32 [2019-05-16] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1510.1.0_x86__kgqvnymyfvs32 [2019-05-20] (king.com)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-03-14] (HP Inc.)
Floor Adjustment -> C:\windows\SystemApps\RoomAdjustment_cw5n1h2txyewy [2019-03-14] (Microsoft Corporation)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2019-03-14] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.5.8.0_x64__v10z8vjag6ke6 [2019-05-05] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-05-05] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.4.105.0_x64__v10z8vjag6ke6 [2019-05-10] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.35.0_x64__v10z8vjag6ke6 [2019-05-22] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa [2019-05-30] (Apple Inc.)
Learn Mixed Reality -> C:\windows\SystemApps\MixedRealityLearning_cw5n1h2txyewy [2019-03-14] (Microsoft Corporation)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-05-05] (LinkedIn)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-05-05] (Netflix, Inc.)
New for You -> C:\windows\SystemApps\WhatsNew_cw5n1h2txyewy [2019-03-14] (Microsoft Corporation)
Passthrough -> C:\windows\SystemApps\passthrough_cw5n1h2txyewy [2019-03-14] (Microsoft Corporation)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-05-05] (CYBERLINKCOM CORP)
Sign In -> C:\windows\SystemApps\WebAuthBridgeInternet_cw5n1h2txyewy [2019-03-14] (ms-resource:PublisherDisplayName)
Sign In -> C:\windows\SystemApps\WebAuthBridgeInternetSso_cw5n1h2txyewy [2019-03-14] (ms-resource:PublisherDisplayName)
Sign In -> C:\windows\SystemApps\WebAuthBridgeIntranetSso_cw5n1h2txyewy [2019-03-14] (ms-resource:PublisherDisplayName)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.14.58.0_x64__kx24dqmazqk8j [2019-05-05] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0 [2019-05-22] (Spotify AB)
WildTangent Games UWP -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.50.0_x64__qt5r5pa5dyg8m [2019-05-05] (WildTangent Games)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-06-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-05-17 19:42 - 2019-05-17 19:42 - 000141312 _____ ( ) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\de0b20812b0797582510baf9f34372f0\Interop.IWshRuntimeLibrary.ni.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 22:11 - 2018-04-24 22:11 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-05-20 13:07 - 2019-05-20 13:07 - 000156672 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\042bd18c4380cb57a535aba160f50193\BRIDGECommon.ni.dll
2019-05-17 19:41 - 2019-05-17 19:41 - 000121344 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\BridgeExtension\ff15376e66c0b8f783b5eb782fa39987\BridgeExtension.ni.dll
2019-05-17 19:41 - 2019-05-17 19:41 - 000375296 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\CleanStartController\a083a651c5bf71bb0f3c9e19bbf01eb1\CleanStartController.ni.dll
2019-05-17 19:41 - 2019-05-17 19:41 - 000139776 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\e786d6b4051f72e4db3f0a1cddeb4eed\RegistrationUtilities.ni.dll
2019-05-17 19:42 - 2019-05-17 19:42 - 000129536 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\8e58d1914799c1217b18520fd86c547c\Hardcodet.Wpf.TaskbarNotification.ni.dll
2019-05-22 03:12 - 2019-05-22 03:12 - 001252864 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.35.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
2019-05-22 03:12 - 2019-05-22 03:12 - 000015360 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.35.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2019-05-17 19:41 - 2019-05-17 19:41 - 000131584 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\CommonPortable\3fd2eedae51329b6ae4b05d0c49280e9\CommonPortable.ni.dll
2019-05-17 19:42 - 2019-05-17 19:42 - 001567232 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\HPAudioSwitch\9be1926f94ca5032708cf6a1b87e3fa6\HPAudioSwitch.ni.exe
2019-05-17 19:41 - 2019-05-17 19:41 - 000172544 _____ (HP Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\HPJumpStartBridge\47e956beada4528003b1cef1450abba1\HPJumpStartBridge.ni.exe
2019-05-17 19:42 - 2019-05-17 19:42 - 001555456 _____ (Mark Heath) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\NAudio\b88b41f705b91b76561b09b578e094f2\NAudio.ni.dll
2019-05-17 19:40 - 2019-05-17 19:40 - 002227200 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\a58019292ba2cc9d0fb918d2c8c2acff\Newtonsoft.Json.ni.dll
2019-05-17 19:42 - 2019-05-17 19:42 - 002988032 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\b56677bbec3f082bc34f5501a38a7071\Newtonsoft.Json.ni.dll
2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000096768 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\EbpD4Fax.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUADRFIL.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000282624 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCFG.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000446464 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCSR.DLL
2019-05-10 10:58 - 2018-12-26 01:00 - 000389120 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXLDB.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000536576 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXTIF.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUIMGCDC.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FULEPP.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSTMMSG.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSVCCLT.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUUSBHLP.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000258048 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUVERDLG.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000069632 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDEVCOM.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDRVUTL.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUPRBDEV.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUSNMPUT.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000086016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000241664 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll
2019-05-10 10:58 - 2018-12-25 12:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\windows\System32\enppmon.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000786432 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENCM.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000278528 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENNW.dll
2019-05-10 10:58 - 2018-12-26 01:00 - 000299008 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENUTIL.dll
2019-05-17 19:42 - 2019-05-17 19:42 - 000765440 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\3064b36d50fa3181a26462181f8ae401\log4net.ni.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 001136128 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2018-06-16 13:20 - 2018-06-16 13:20 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000139264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 22:11 - 2018-04-24 22:11 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-09-15 03:31 - 2018-09-15 03:31 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3924723779-1150026729-1743089468-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\metzn\Pictures\2016-07-23- Italy\1536.JPG
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7CB1A8C9-8B4E-4BD1-A0CB-3D1D15A4B48B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A971F7C5-D0DC-4D69-B3CA-C5B540EF8728}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{2E3C6965-2FDF-48FC-B17C-10E7B40054E4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{19AECF7D-9A04-4C4B-8D18-9A6A738EE4B9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46BFE370-B126-4E93-A157-D4FF199D7AD5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1E116A78-B206-4967-B8A3-F6D26FA6EA15}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{11A08468-D7EF-495B-99B2-FC787F54B32A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{70F68DFF-A824-4653-9B8E-10DC89AB3CD3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{015244A3-0FDF-4B79-86C5-7CC04E4AD8FE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4C3D0594-2EB7-4914-9E07-F06381BEAF88}] => (Allow) LPort=5357
FirewallRules: [{1696D62C-6B20-44AC-9D00-04845CB9F399}] => (Allow) C:\Program Files\HP\HP Officejet Pro 3620\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DF0BDE20-0F0D-4047-AEA5-849555E721AB}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{74306D7B-FD99-46E6-99F7-C38DC1335CBD}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6B95A8D0-3F9C-4AFD-B979-3A53F1DCF7A9}] => (Allow) C:\Users\metzn\AppData\Local\Temp\WF-3620\Common\EpsonNet Setup\ENEasyApp.exe No File
FirewallRules: [{8B077D80-EF3A-4A1A-B3F1-E14ED68E287E}] => (Allow) C:\Users\metzn\AppData\Local\Temp\WF-3620\Common\EpsonNet Setup\ENEasyApp.exe No File
FirewallRules: [{EA2848F8-EF4A-457A-A588-F4C498EDA015}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{7E936A0B-C1D7-4513-9394-BB9BC496E6E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC3889B1-FA87-4B25-AB08-C55799EF2231}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D4DC8F79-85BC-4F8F-8BD3-32CA0B22535C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EEBA3EAB-1AEA-44AD-A3B2-A58D353C9364}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D18BF451-8A42-4C52-A194-7B96275CAB14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF3F1644-B13A-432D-93C7-8058896BCDAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{213E308E-5518-4ADB-85CF-A0300C0A009E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{58504A5E-CCBE-430E-9143-0770938D832D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.107.13766.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DDFF293D-114F-49EF-B6E6-73119E608EC4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{43DD7059-385D-4918-B88F-2C2C06EEF3CF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D153D89D-A4EA-4E3C-9BE4-A658425DDE10}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17B589B4-636D-4CDE-ACD0-58ED74B71FA3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{087EB143-BDB3-4F49-B491-394725975212}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9439CB8D-D965-4BC7-AE02-946256688E91}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{622D2EBA-24A8-4D20-B2B2-52D443F79596}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5B0FE848-42F3-45E7-A8E8-CBBC293F029A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
 
==================== Restore Points =========================
 
24-05-2019 18:14:20 Scheduled Checkpoint
26-05-2019 16:22:17 Windows Modules Installer
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/31/2019 10:29:23 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
 
Error: (05/27/2019 05:39:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 67.0.0.7075, time stamp: 0x5cdded92
Faulting module name: ntdll.dll, version: 10.0.17763.475, time stamp: 0x3230aa04
Exception code: 0xc0000374
Fault offset: 0x00000000000fb049
Faulting process id: 0x20b4
Faulting application start time: 0x01d514b050dc2e77
Faulting application path: C:\Program Files\Mozilla Firefox\firefox.exe
Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report Id: f8703107-117a-4d3f-92ca-7cef9c96d4af
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (05/26/2019 12:08:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SolutionFinder.exe, version: 1.0.3.0, time stamp: 0x5c75fc20
Faulting module name: KERNELBASE.dll, version: 10.0.17763.475, time stamp: 0x9877ee8b
Exception code: 0xe0434352
Fault offset: 0x0011c762
Faulting process id: 0x3090
Faulting application start time: 0x01d51378a1be5519
Faulting application path: C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.4.105.0_x64__v10z8vjag6ke6\www\HPSF\Modules\SolutionFinder.exe
Faulting module path: C:\windows\System32\KERNELBASE.dll
Report Id: 88427cb5-10f3-4d44-a34e-9f4a9a685f80
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (05/26/2019 12:08:12 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SolutionFinder.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentNullException
   at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InsertRange(Int32, System.Collections.Generic.IEnumerable`1<System.__Canon>)
   at SolutionFinder.Program.GetMessages(System.String, System.String, System.String, System.String)
   at SolutionFinder.Program.Main(System.String[])
 
Error: (05/24/2019 05:04:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ShellExperienceHost.exe version 10.0.17763.439 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1adc
 
Start Time: 01d51273d93af971
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
 
Report Id: d4902284-3009-4a86-8574-f9d9febb9832
 
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: App
 
Hang type: Quiesce
 
 
System errors:
=============
Error: (05/31/2019 12:21:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/31/2019 12:19:41 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/31/2019 12:19:40 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/31/2019 11:13:48 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-2500506350-3844363575-648186418-1716349564-1931658227-3599218533-3955442235). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/31/2019 11:12:45 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/31/2019 10:59:13 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-N9EK5G0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-N9EK5G0\metzn SID (S-1-5-21-3924723779-1150026729-1743089468-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/31/2019 10:43:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscDataProtection
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (05/31/2019 10:43:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.SecurityAppBroker
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
==================== Memory info =========================== 
 
BIOS: AMI F.22 01/25/2019
Motherboard: HP 8433
Processor: AMD Ryzen 5 2400G with Radeon Vega Graphics 
Percentage of memory in use: 44%
Total physical RAM: 10149.47 MB
Available physical RAM: 5619.65 MB
Total Virtual: 11685.47 MB
Available Virtual: 6489.93 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:930.28 GB) (Free:741.52 GB) NTFS
Drive d: (My Book) (Fixed) (Total:465.65 GB) (Free:155.83 GB) FAT32
 
\\?\Volume{2988719e-db8c-413a-ba6f-4e508a142ff7}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.57 GB) NTFS
\\?\Volume{5602cc68-a6f7-44dc-b4ff-2ac1aa997934}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E1EF715B)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)
 
==================== End of Addition.txt ============================

  • 0

#8
[email protected]
Posted 01 June 2019 - 10:08 AM

[email protected]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

I received another warning.  Here it is 

 

 

Capture.PNG
 
 
Here is an attachment of another one too
 
 

Attached Thumbnails

  • Windows Message.PNG

Edited by [email protected], 01 June 2019 - 10:17 AM.

  • 0

#9
iMacg3
Posted 01 June 2019 - 11:23 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

---------------------------------------------------
Farbar Recovery Scan Tool - Fix
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press Ctrl+y (Ctrl and y keys at the same time)
  • A blank, randomly named notepad file will open.
  • Copy and paste the following into it ....
start
2019-05-06 00:24 - 2019-03-14 19:37 - 000000000 ____D C:\windows\System32\Tasks\McAfee
FirewallRules: [{A971F7C5-D0DC-4D69-B3CA-C5B540EF8728}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{2E3C6965-2FDF-48FC-B17C-10E7B40054E4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
Reboot:
end
  • Press Ctrl+s to save the file.
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process the fixlist
  • When finished, it will produce a log (fixlog.txt) in the same folder/directory as FRST
  • Please post the log in your next reply.
---------------------------------------------------
Try clearing the Chrome browsing cache:
  • Open Google Chrome
  • At the upper right corner of the Chrome window, click the three dots to open the Chrome settings menu
  • Click More Tools, then Clear Browsing Data
  • Select the time range to clear as "All time"
  • Place a checkmark next to
    • Cookies and other site data
    • Cached images and files
  • Select Clear Data
  • Close Google Chrome
Let me know if the problem persists.
  • 0

#10
[email protected]
Posted 01 June 2019 - 12:33 PM

[email protected]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Thanks very much for your continued assistance with this, much appreciated!   I followed the instructions including clearing Chrome.  Here are the fix results:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by metzn (01-06-2019 14:21:01) Run:1
Running from C:\Users\metzn\Desktop
Loaded Profiles: metzn (Available Profiles: metzn)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
2019-05-06 00:24 - 2019-03-14 19:37 - 000000000 ____D C:\windows\System32\Tasks\McAfee
FirewallRules: [{A971F7C5-D0DC-4D69-B3CA-C5B540EF8728}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{2E3C6965-2FDF-48FC-B17C-10E7B40054E4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
Reboot:
end
*****************
 
C:\windows\System32\Tasks\McAfee => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A971F7C5-D0DC-4D69-B3CA-C5B540EF8728}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2E3C6965-2FDF-48FC-B17C-10E7B40054E4}" => removed successfully
 
 
The system needed a reboot.
 
==== End of Fixlog 14:21:02 ====

  • 0

Advertisements

#11
iMacg3
Posted 01 June 2019 - 01:06 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

---------------------------------------------------
AdwCleaner

Download AdwCleaner and save it to your desktop.
  • Right-click on AdwCleaner.exe and select Run as Administrator
  • Accept the EULA (I accept), then click on Scan.
  • Let the scan complete. If no objects are detected, close the AdwCleaner window.
  • If any objects are detected, uncheck any items you want to keep.
  • Click on the Clean and Repair button.
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer. Allow it to do so.
  • After the restart, an AdwCleaner window will open. Click on View Log File, and the log will open in notepad. Copy and paste the contents of the log into your next reply.
Note: the AdwCleaner log is also saved to C:\AdwCleaner\Logs\AdwCleaner[CXX].txt (where XX is two numbers).

---------------------------------------------------
ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
---------------------------------------------------
Let me know if you receive any "security warning" pop ups.
  • 0

#12
[email protected]
Posted 01 June 2019 - 05:44 PM

[email protected]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Okay, the AdwCleaner did not restart the computer.  Perhaps because it did not find anything?  That did run however.  Results below. 

Also did the ESET scan.  That did take a long time.  Looks like it foud 3 items.  Results below.  I did not see any security warning pop-ups.  Thanks!

 

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-05-27.1 (Cloud)
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-01-2019
# Duration: 00:00:07
# OS:       Windows 10 Home
# Scanned:  27501
# Detected: 0
 
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
No malicious folders found.
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries found.
 
***** [ Chromium URLs ] *****
 
No malicious Chromium URLs found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries found.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs found.
 
 
AdwCleaner[S00].txt - [1250 octets] - [01/06/2019 14:00:05]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
 
 
 
 
Second Log:
 
6/1/2019 19:40:06 PM
Files scanned: 825067
Infected files: 3
Cleaned threats: 3
Total scan time 03:10:43
Scan status: Finished
 
 
C:\Users\metzn\Documents\Greg and Lori\Greg's Stuff\Work Information\Personal\INFOMAP.DOT probably a variant of WM/Muck.{BQ,Q} virus cleaned
C:\Users\metzn\Downloads\ccsetup556.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
D:\Home Backup 05-04-2019\Documents\Documents\Greg and Lori\Greg's Stuff\Work Information\Personal\INFOMAP.DOT probably a variant of WM/Muck.{BQ,Q} virus cleaned
 

  • 0

#13
iMacg3
Posted 02 June 2019 - 08:37 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts

Hi,

If all is well:

Uninstall FRST
  • Right-click on Frst.exe/Frst64.exe and select Rename
  • Rename the file to Uninstall.exe
  • Double-click on Uninstall.exe to uninstall FRST
Feel free to delete any other tools we used in the cleanup process.
----------------------------------------------------
Some tips to keep your computer safe on the Internet

Make sure to use strong passwords. There are password managers (for example, Bitwarden) that can help you use secure passwords, and keep track of them.

How to create a strong password
----------------------------------------------------
Keeping software up-to-date is important as well. Programs such as UCheck, Heimdal Free, or PatchMyPC can help keep software on your computer up-to-date.

To keep your operating system up-to-date, make sure that Windows Update is enabled on your computer.
----------------------------------------------------
Here are some articles about how to keep your computer safe on the internet -

Simple and easy ways to keep your computer safe and secure on the Internet - by Lawrence Abrams

Answers to common security questions - Best Practices - by quietman7

COMPUTER SECURITY - a short guide to staying safer online - Malware Removal

PC Safety and Security - What Do I Need? - Tech Support Forum
----------------------------------------------------

Safe surfing :)
  • 0

#14
[email protected]
Posted 02 June 2019 - 09:25 AM

[email protected]

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Well, I thought all was okay.  Here is what I just go again.  It is the fake McAffee message.  I attached a screen shot.  This seems to be in Firefox.  I hit the home button which we have set to the USA Today website.  Here is the URL from the message:
 
hxxp://windowsappcenter.apps-centerzhu.info/pmtgw/fsqmfask302/?utm_source=dhara1&utm_pubid=b18bc66b-e9fe-4938-8605-7e4079dee034&x-context=wORDIGLD2C75AOTMHCMR1GRE&xm=r.awxgwomtxay.online

Edited by iMacg3, 02 June 2019 - 04:49 PM.
disabled link

  • 0

#15
iMacg3
Posted 02 June 2019 - 04:53 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

Please refresh the Firefox browser.
Instructions to do so can be found here:
https://support.mozi...ns-and-settings

(This step will remove any installed Firefox add-ons. Note down any add-ons you have installed so you can re-install them if needed)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP