Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

StartupCheckLibrary.dll

RunDLL

  • Please log in to reply

#1
heyzeler

heyzeler

    New Member

  • Member
  • Pip
  • 6 posts

Hi! I'm having trouble with this error and I have no idea how to fix this. I think there might also be some other problems with my computer. Hoping you guys could help. Thank you!


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,914 posts
  • MVP

  • Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Check the Addition.txt box
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here.
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 


  • 0

#3
heyzeler

heyzeler

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-10-2019
Ran by Hazel (administrator) on DESKTOP-TUO0BQN (ASUSTeK COMPUTER INC. GL552VX) (23-10-2019 18:25:03)
Running from C:\Users\Hazel\Downloads
Loaded Profiles: Hazel (Available Profiles: Hazel)
Platform: Windows 10 Home Single Language Version 1903 18362.418 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE
() [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Chaos Software Ltd. -> ) [File not signed] C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\register-service.exe
(Chaos Software Ltd.) [File not signed] C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\swrm.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Intel® Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel® Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel® Software -> Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel® Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe
(Intel® Trusted Connect Service -> Intel® Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oracle.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUPE.EXE
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.85.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.85.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-11] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-02] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2016-02-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Run: [Spotify] => C:\Users\Hazel\AppData\Roaming\Spotify\Spotify.exe [25805544 2019-05-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUPE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-08-12] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049600 2017-09-18] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2017-01-05] (McAfee, Inc. -> McAfee, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0AA1B33D-33CF-436A-BB49-9C63131FD071} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {16C87D94-E43B-41AF-AD3F-FCE5C5D4A1D6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1D179747-E065-4036-9D95-85F48F52C0A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {208365BB-3800-450E-9CEF-90CF6E826DFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {29015622-7C79-456B-836B-959B2336B871} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470440 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {295FB493-08AA-4587-A381-2393ADA37DA6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2E714087-906F-4D7C-A06F-48A4562BCB51} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {3C4EE33C-890A-424C-B5CF-2375FFEC3727} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-TUO0BQN-Hazel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {468103B2-FA4F-4312-AE65-0AF3416DA7D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {47D6ACFB-6CDF-4CD2-8292-21AF2AC70EE0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [122344 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {4EB2184B-02FE-4F94-AF1D-E45DED5F9069} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {57440F4E-DA8D-4D0F-8B2E-EFF25DF18969} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [144248 2019-10-10] (HP Inc. -> HP Inc.)
Task: {59BFAF79-5492-4793-B501-DC5C894F4BCA} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049600 2017-09-18] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
Task: {5CAFAACC-94B5-45FE-8A4F-6CB3017B9DFD} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-12-19] (ASUSTeK Computer Inc. -> AsusTek)
Task: {5F9D1810-3F79-432A-8466-73136D1795BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {62083922-CD20-44CD-A50A-829A24191228} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470440 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C543AE1-E43C-4C00-8D47-E023CFE03C72} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-19] (HP Inc. -> )
Task: {71EB0AA9-312F-4A02-831D-926DAD96683C} - System32\Tasks\HPCeeScheduleForHazel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {72B50BC7-0050-49FB-940F-02DC270FF0DD} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [3643592 2016-03-15] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7553F2AE-A402-46A9-84E0-94E81F8A466D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [250232 2019-10-08] (HP Inc. -> HP Inc.)
Task: {801EEF95-4DFF-437A-9816-9A4EECB2435A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {8155111A-B36F-4742-9164-7F05E7C603EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81D2D295-E36B-49A4-B383-5E2AF706D923} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [570240 2017-02-14] (Apple Inc. -> Apple Inc.)
Task: {82FAE235-A909-4627-A1C7-7CC7E74411D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {841EF457-5EA6-40B1-95B5-1BDE6803827E} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {895D1674-D51B-4FAB-8B4E-910A89F5CE57} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1616160 2016-01-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {8DE908AF-7CE6-43C6-A080-D9F300758FDE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {8E7CADF0-5715-4C1A-8E16-BBD4AAF24082} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-09] (Google Inc -> Google Inc.)
Task: {9516E27D-357B-4DE6-85F2-77693A5E2027} - System32\Tasks\EPSON L3110 Series Update {32F8E2AA-9652-4E56-BC1A-D64CA7C7F66F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUPE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {960DBD42-A68E-4651-8987-FCBCD641E667} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {97767B9B-512E-4A93-8E8A-B44CC737A593} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E61207A-4352-4DEF-9D0F-08A0F7E5E665} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe [514408 2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {A9D7BF1D-C3BB-43B7-9638-DA8B89A1F338} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295856 2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC113191-7D97-4D5D-9C6E-49D497A03EEC} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54784 2015-12-03] (ASUS) [File not signed]
Task: {AED4BED0-E26C-402F-A660-BD31FCB67D6E} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {B98EE57E-3E56-40D3-8712-03389D55CC19} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C54F58FB-0EB5-4234-A718-8F102C9AA322} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [4119656 2012-10-02] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {D7A5AB92-48DC-415B-A3DD-AD0FF01C77F4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [122344 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9ABE4FF-21F1-45E2-858C-626E72A7EBB5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295856 2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA868C25-65D1-4732-8B3D-25DAD9719C85} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {DC200C68-CD06-43CE-B1FF-5440A804ACFA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF55E94D-D04C-4BCC-B245-9CB05B1B296D} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe [481128 2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {E950B5FD-26F5-4BE8-A05D-F60260BAA7FD} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )
Task: {FDE8097A-2775-4CA0-9176-07B2D7774CD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-09] (Google Inc -> Google Inc.)
Task: {FECF8FD8-823F-4C97-AE17-E48303974A94} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FF274BF5-CD7E-4F41-A40F-749369997FE4} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON L3110 Series Update {32F8E2AA-9652-4E56-BC1A-D64CA7C7F66F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUPE.EXE:/EXE:{32F8E2AA-9652-4E56-BC1A-D64CA7C7F66F} /F:UpdateWORKGROUP\DESKTOP-TUO0BQN$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\HPCeeScheduleForHazel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6beea351-e5fa-4bd1-a9bb-b47e47435556}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{80fb65e1-dd0a-4ae2-873c-398adc0a8811}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{a4acc05d-7048-498a-b9c0-e7d82aec20a9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d83180f9-2c1d-4387-b890-ce2d653008cc}: [DhcpNameServer] 103.37.51.193
 
Internet Explorer:
==================
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3160961081-3692599767-903795011-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3160961081-3692599767-903795011-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (McAfee, Inc. -> Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-04] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Oracle\Primavera Common\Java\_jvm\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-04] (Sun Microsystems, Inc.) [File not signed]
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (McAfee, Inc. -> Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: nuh4q3tq.default
FF ProfilePath: C:\Users\Hazel\AppData\Roaming\Mozilla\Firefox\Profiles\nuh4q3tq.default [2018-11-11]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN -> VideoLAN) [File not signed]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default [2019-10-23]
CHR Extension: (Docs) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-05]
CHR Extension: (YouTube) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-05]
CHR Extension: (Google Search) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-01-05]
CHR Extension: (Mendeley Web Importer) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2019-10-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-01]
CHR Extension: (Google Docs Offline) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Grammarly for Chrome) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-10-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe [716824 2019-09-22] (Intel® Software Development Products -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [415992 2019-01-30] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642472 2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel® Software -> Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent Inc -> WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [360312 2019-10-14] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-15] (Canon Inc. -> )
R3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-09-19] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc. -> McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe [102400 2006-02-02] () [File not signed]
S3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe [57616 2006-02-02] (Oracle Corporation) [File not signed]
R2 OracleServiceXE; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE [59064320 2006-02-02] (Oracle Corporation) [File not signed]
S3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe [45056 2006-02-02] () [File not signed]
R2 OracleXETNSListener; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [204800 2006-02-02] () [File not signed]
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [49704 2016-03-15] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2017-01-05] (McAfee, Inc. -> McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-01-05] (McAfee, Inc. -> McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-01-05] (McAfee, Inc. -> McAfee, Inc.)
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\register-service.exe [90176 2019-07-29] (Chaos Software Ltd. -> ) [File not signed]
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-09-30] (Intel® Software -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [141304 2015-12-19] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-17] (Intel® Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel® Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel® Software -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-29] (Intel® Software -> Intel Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (TITAN ARC CORP. TAIWAN BRANCH (SAMOA) -> Titan ARC Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [17003280 2017-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46688 2019-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [350136 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-10-23 18:25 - 2019-10-23 18:28 - 000043264 _____ C:\Users\Hazel\Downloads\FRST.txt
2019-10-23 18:24 - 2019-10-23 18:27 - 000000000 ____D C:\FRST
2019-10-23 18:22 - 2019-10-23 18:22 - 001617408 _____ (Farbar) C:\Users\Hazel\Downloads\FRST64.exe
2019-10-23 08:30 - 2019-10-23 08:30 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign84b06f6ca5f7d62d
2019-10-23 08:27 - 2019-10-23 08:27 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign91e05e95cd4f29ee
2019-10-23 08:27 - 2019-10-23 08:27 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign4d7ad7e0f78d5d34
2019-10-23 08:27 - 2019-10-23 08:27 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign067aee8feb38ad17
2019-10-22 22:13 - 2019-10-22 22:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsigne940ae0e03e4212d
2019-10-22 22:13 - 2019-10-22 22:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign4150225ff3685e43
2019-10-22 22:13 - 2019-10-22 22:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign111bf7b5aa4c97e2
2019-10-22 01:57 - 2019-10-22 01:57 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign939616daa2d2b96b
2019-10-21 18:03 - 2019-10-21 02:32 - 000000000 ____D C:\Windows.old
2019-10-21 17:30 - 2019-10-21 18:03 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-10-21 17:29 - 2019-10-21 17:30 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-10-21 17:29 - 2019-10-21 17:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-10-21 17:27 - 2019-10-21 17:27 - 000000000 ____D C:\ProgramData\USOShared
2019-10-21 17:24 - 2019-10-21 17:24 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 022628352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 019811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-10-21 17:24 - 2019-10-21 17:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-10-21 17:24 - 2019-10-21 17:24 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-21 17:24 - 2019-10-21 17:24 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 002236144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-21 17:24 - 2019-10-21 17:24 - 002132280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001788728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-21 17:24 - 2019-10-21 17:24 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000487576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-21 17:24 - 2019-10-21 17:24 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-21 17:24 - 2019-10-21 17:24 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-21 17:24 - 2019-10-21 17:24 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-21 17:24 - 2019-10-21 17:24 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000100664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-21 17:24 - 2019-10-21 17:24 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-10-21 17:24 - 2019-10-21 17:24 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-21 17:24 - 2019-10-21 17:24 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-21 17:23 - 2019-10-21 17:24 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 007848192 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 006425600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 006227624 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 006164480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 004612520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 004046336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003386880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003105280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 002772032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002160640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002120272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002069504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-21 17:23 - 2019-10-21 17:23 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001664928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001664376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-21 17:23 - 2019-10-21 17:23 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001261800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000944664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-21 17:23 - 2019-10-21 17:23 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000833312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000732176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000551952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000334936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000119840 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-21 17:14 - 2019-10-21 18:03 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-10-21 17:14 - 2019-10-21 17:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-10-21 17:14 - 2019-10-21 17:14 - 000000000 ____D C:\Program Files\MSBuild
2019-10-21 17:14 - 2019-03-19 11:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-10-21 17:14 - 2019-03-19 11:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-10-21 17:14 - 2019-03-19 11:16 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-10-21 17:14 - 2019-03-19 10:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-10-21 17:14 - 2019-03-19 10:09 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-10-21 17:14 - 2019-03-02 09:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-10-21 17:14 - 2019-03-02 09:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-10-21 17:14 - 2019-03-02 09:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-10-21 17:14 - 2019-03-02 09:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-10-21 17:14 - 2019-02-06 10:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-10-21 17:14 - 2019-02-06 10:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-10-21 17:14 - 2019-02-06 10:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-10-21 17:14 - 2018-08-10 06:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-10-21 17:10 - 2019-10-21 17:10 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-21 17:10 - 2019-10-21 17:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-10-21 09:45 - 2019-10-21 09:45 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-10-21 09:43 - 2019-10-21 09:43 - 000000020 ___SH C:\Users\Hazel\ntuser.ini
2019-10-21 02:31 - 2019-10-23 18:23 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{CAF69248-8177-41D6-BEC7-65AA54FAF32B}
2019-10-21 02:31 - 2019-10-23 18:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-21 02:31 - 2019-10-23 11:32 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-21 02:31 - 2019-10-21 02:32 - 000003500 _____ C:\WINDOWS\system32\Tasks\EPSON L3110 Series Update {32F8E2AA-9652-4E56-BC1A-D64CA7C7F66F}
2019-10-21 02:31 - 2019-10-21 02:32 - 000003462 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2019-10-21 02:31 - 2019-10-21 02:32 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-21 02:31 - 2019-10-21 02:32 - 000003004 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_Administrator
2019-10-21 02:31 - 2019-10-21 02:32 - 000003004 _____ C:\WINDOWS\system32\Tasks\WpsNotifyTask_Administrator
2019-10-21 02:31 - 2019-10-21 02:32 - 000002924 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3
2019-10-21 02:31 - 2019-10-21 02:32 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3160961081-3692599767-903795011-1001
2019-10-21 02:31 - 2019-10-21 02:32 - 000002800 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForHazel
2019-10-21 02:31 - 2019-10-21 02:32 - 000002706 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Deskjet 2510 series
2019-10-21 02:31 - 2019-10-21 02:32 - 000002214 _____ C:\WINDOWS\system32\Tasks\ATK Package A22126881260
2019-10-21 02:31 - 2019-10-21 02:31 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-10-21 02:31 - 2019-10-21 02:31 - 000003238 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2019-10-21 02:31 - 2019-10-21 02:31 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-21 02:31 - 2019-10-21 02:31 - 000002862 _____ C:\WINDOWS\system32\Tasks\ASUS Smart Gesture Launcher
2019-10-21 02:31 - 2019-10-21 02:31 - 000002772 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-TUO0BQN-Hazel
2019-10-21 02:31 - 2019-10-21 02:31 - 000002516 _____ C:\WINDOWS\system32\Tasks\ROG Gaming Center
2019-10-21 02:31 - 2019-10-21 02:31 - 000002340 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2019-10-21 02:31 - 2019-10-21 02:31 - 000002262 _____ C:\WINDOWS\system32\Tasks\DropboxOEM
2019-10-21 02:31 - 2019-10-21 02:31 - 000002214 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUSTek Computer Inc
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2019-10-21 02:30 - 2019-10-21 02:31 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-10-21 02:30 - 2019-10-21 02:31 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-10-21 02:25 - 2019-10-21 10:01 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-21 02:12 - 2019-10-21 09:43 - 000000000 ____D C:\Users\Hazel
2019-10-21 02:12 - 2019-03-19 12:46 - 000001105 _____ C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-21 02:09 - 2016-11-30 07:36 - 000113672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2019-10-21 02:09 - 2016-11-30 07:36 - 000104456 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2019-10-21 02:08 - 2019-09-10 01:44 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-10-21 02:04 - 2019-10-23 09:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-21 02:04 - 2019-10-21 02:17 - 001131264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-20 22:14 - 2019-10-21 09:43 - 000000000 ___DC C:\WINDOWS\Panther
2019-10-20 21:15 - 2019-10-20 21:15 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignd0c1cd4ce8a75abc
2019-10-20 21:15 - 2019-10-20 21:15 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignb26ba32f5ea2cdca
2019-10-20 21:15 - 2019-10-20 21:15 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign6346d934ca01986e
2019-10-20 20:48 - 2019-10-20 20:48 - 000000000 ____D C:\Users\Hazel\AppData\Local\HP_Inc
2019-10-20 12:47 - 2019-10-23 08:42 - 000000000 ____D C:\ESD
2019-10-20 12:41 - 2019-10-20 12:41 - 006261296 _____ (Microsoft Corporation) C:\Users\Hazel\Downloads\Windows10Upgrade9252.exe
2019-10-20 12:40 - 2019-10-20 12:41 - 019255000 _____ (Microsoft Corporation) C:\Users\Hazel\Downloads\MediaCreationTool1903.exe
2019-10-20 12:35 - 2019-10-20 12:35 - 000214174 _____ C:\Users\Hazel\Downloads\WindowsFirewall.diagcab
2019-10-19 21:00 - 2019-10-19 21:00 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignc18c3376ba03e8ab
2019-10-19 17:59 - 2019-10-19 17:59 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignafc41aa1392aa08c
2019-10-19 17:59 - 2019-10-19 17:59 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign85ecb1a765da1e67
2019-10-19 17:59 - 2019-10-19 17:59 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign6bbebc6cc286751c
2019-10-19 16:47 - 2019-10-19 16:47 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign99eb7c70b2e73145
2019-10-19 16:47 - 2019-10-19 16:47 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign47a299b6deb256dc
2019-10-19 16:47 - 2019-10-19 16:47 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign059f674b26f6fc90
2019-10-19 12:40 - 2019-10-19 12:40 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignedd89bd852e1b6a5
2019-10-19 00:05 - 2019-10-19 00:05 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignaaffe0a786f0bcd2
2019-10-18 19:25 - 2019-10-18 19:25 - 001322394 _____ C:\Users\Hazel\Downloads\Achievers.pptx
2019-10-18 17:26 - 2019-10-18 17:26 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignfdb9aa70943423a3
2019-10-18 17:24 - 2019-10-18 17:24 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignbc405655f1756655
2019-10-18 17:24 - 2019-10-18 17:24 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignb0a99b904ea9cd55
2019-10-18 16:58 - 2019-10-18 16:58 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsigndb8860c98109260d
2019-10-18 16:58 - 2019-10-18 16:58 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign2a99a71949aec3e8
2019-10-18 16:58 - 2019-10-18 16:58 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign08b8c06b89c21190
2019-10-17 14:57 - 2019-10-17 14:57 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign8e8b4f6162e04eda
2019-10-17 13:13 - 2019-10-17 13:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign221cf983cab04c2d
2019-10-16 16:00 - 2019-10-16 15:54 - 186204407 _____ C:\Users\Hazel\Documents\Men's Hoodie Mockup.zip
2019-10-16 16:00 - 2019-06-18 05:51 - 000000000 ____D C:\Users\Hazel\Documents\Men's Hoodie Mockup
2019-10-16 15:59 - 2019-06-18 05:51 - 000000000 ____D C:\Users\Hazel\Downloads\Men's Hoodie Mockup
2019-10-16 15:44 - 2019-10-16 15:54 - 186204407 _____ C:\Users\Hazel\Downloads\Men's Hoodie Mockup.zip
2019-10-16 15:43 - 2019-10-16 15:43 - 073937972 _____ C:\Users\Hazel\Downloads\Men's Hoodie Mockup Free Download.zip
2019-10-16 15:43 - 2019-10-16 15:43 - 000000000 ____D C:\Users\Hazel\Downloads\Men's Hoodie Mockup Free Download
2019-10-16 13:58 - 2019-10-16 13:58 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign4ba96dfff2a6b7f7
2019-10-16 13:56 - 2019-10-16 13:56 - 084697228 _____ C:\Users\Hazel\Downloads\saki.psd
2019-10-16 13:56 - 2019-10-16 13:56 - 082164148 _____ C:\Users\Hazel\Downloads\hoodie (1).psd
2019-10-16 13:51 - 2019-10-16 13:51 - 009598618 _____ C:\Users\Hazel\Downloads\arki hoodie.pptx
2019-10-13 01:56 - 2019-10-16 09:33 - 000000000 ____D C:\Users\Hazel\Documents\RC
2019-10-13 01:15 - 2019-10-13 01:15 - 001931264 _____ (Microsoft Corporation) C:\WINDOWS\system32\winscomrssrv.dll
2019-10-13 01:15 - 2019-10-13 01:15 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-10-13 01:15 - 2019-10-13 01:15 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2019-10-11 22:51 - 2019-10-11 22:51 - 011881188 _____ C:\Users\Hazel\Downloads\MOCK-DEFENSE.pptx
2019-10-11 22:22 - 2019-10-11 22:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-10-11 15:03 - 2019-10-11 15:03 - 020000000 _____ C:\Users\Hazel\Downloads\Lumion_9_5_Trial_LUM9TRIAL-1a.bin
2019-10-11 15:00 - 2019-10-11 15:03 - 000000000 ____D C:\Users\Hazel\AppData\Local\Lumion_9_5_Trial
2019-10-11 14:59 - 2019-10-11 14:59 - 001746600 _____ C:\Users\Hazel\Downloads\Lumion_9_5_Trial_Download.exe
2019-10-11 14:41 - 2019-10-11 14:50 - 000000000 ____D C:\Users\Hazel\Documents\Lumion 9.0
2019-10-11 14:41 - 2019-10-11 14:42 - 000000000 ____D C:\Users\Hazel\AppData\Local\Lumion 9.0
2019-10-11 14:39 - 2019-10-11 14:39 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\Quest3D
2019-10-11 14:02 - 2019-04-24 09:38 - 828125634 _____ C:\Users\Hazel\Downloads\Lumion 9.zip
2019-10-11 08:39 - 2019-10-11 08:39 - 000092634 _____ C:\Users\Hazel\Downloads\CMProject-GanttChart.pdf
2019-10-10 23:53 - 2019-10-10 23:53 - 003870627 _____ C:\Users\Hazel\Downloads\Project3.dwg
2019-10-08 02:01 - 2019-10-08 02:01 - 000176653 _____ C:\Users\Hazel\Downloads\CMProject-PERT-CPM.pdf
2019-10-08 02:01 - 2019-10-08 02:01 - 000163719 _____ C:\Users\Hazel\Downloads\CMProject-WorksSpecs.pdf
2019-10-07 22:41 - 2019-10-07 22:42 - 000326994 _____ C:\Users\Hazel\Downloads\CMProject-Estimates.pdf
2019-10-07 22:32 - 2019-10-07 22:32 - 001182041 _____ C:\Users\Hazel\Downloads\Postal-ID-Form.pdf
2019-10-07 02:05 - 2019-10-07 02:05 - 020437744 _____ C:\Users\Hazel\Downloads\BD-2-Prelim-Exam-DELMO-Kris-Lois-C..skb
2019-10-07 00:59 - 2019-10-07 01:04 - 199673832 _____ (InstallShield Software Corporation) C:\Users\Hazel\Downloads\Install_IRender_2019_SI26.exe
2019-10-06 18:46 - 2019-10-06 18:46 - 000101226 _____ C:\Users\Hazel\Downloads\CM-PERT-CPM-Layout1.pdf
2019-10-06 18:45 - 2019-10-06 18:45 - 000313285 _____ C:\Users\Hazel\Downloads\CM-PERT-CPM.dwg
2019-10-06 18:45 - 2019-10-06 18:45 - 000192630 _____ C:\Users\Hazel\Downloads\CM-GANTT-1-Model.pdf
2019-10-06 18:45 - 2019-10-06 18:45 - 000052323 _____ C:\Users\Hazel\Downloads\GANTT-CHART.xlsx
2019-10-06 18:44 - 2019-10-06 18:45 - 000232133 _____ C:\Users\Hazel\Downloads\CM-GANTT-2-Model (1).pdf
2019-10-06 18:43 - 2019-10-06 18:43 - 000232133 _____ C:\Users\Hazel\Downloads\CM-GANTT-2-Model.pdf
2019-10-06 03:02 - 2019-10-16 10:33 - 000000000 ____D C:\Users\Hazel\Documents\CM
2019-10-05 22:14 - 2019-10-05 22:14 - 020266718 _____ C:\Users\Hazel\Downloads\AutoSave_BD-2-Prelim-Exam-DELMO-Kris-Lois-C..skp
2019-10-05 20:43 - 2019-10-11 14:03 - 020439615 _____ C:\Users\Hazel\Downloads\BD-2-Prelim-Exam-DELMO-Kris-Lois-C..skp
2019-10-05 20:43 - 2019-10-05 20:43 - 004712269 _____ C:\Users\Hazel\Downloads\BD-2-Prelim-Exam-DELMO-Kris-Lois-C..dwg
2019-10-05 14:17 - 2019-10-23 08:29 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-05 14:17 - 2019-10-23 08:29 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-10-04 23:18 - 2019-10-04 23:18 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignffd917d1c4282dfe
2019-10-04 23:18 - 2019-10-04 23:18 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsigna6c930eb79272e32
2019-10-04 23:18 - 2019-10-04 23:18 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign624b52f0d1558448
2019-10-04 21:43 - 2019-10-05 12:04 - 000376682 _____ C:\Users\Hazel\Documents\LogoTimber.ai
2019-10-04 21:33 - 2019-10-04 21:33 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign41e381ec3e18f881
2019-10-04 21:32 - 2019-10-04 21:32 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign7a284619fea3f2b1
2019-10-04 21:32 - 2019-10-04 21:32 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign6abaa5b7ad0cd5df
2019-10-04 21:32 - 2019-10-04 21:32 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign30905fba7ba7fc72
2019-10-04 21:32 - 2019-10-04 21:32 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign1f3636b024e05547
2019-10-04 20:39 - 2019-09-24 22:48 - 002128104 _____ C:\Users\Hazel\Downloads\tianbugayong.bak
2019-10-04 15:09 - 2019-10-04 15:11 - 000065103 _____ C:\Users\Hazel\Downloads\Unconfirmed 23173.crdownload
2019-10-04 14:13 - 2019-10-16 09:32 - 000000000 ____D C:\Users\Hazel\Documents\TIMBER FINAL
2019-10-04 13:21 - 2019-10-04 13:21 - 000000181 _____ C:\Users\Hazel\Documents\acad.err
2019-10-04 08:26 - 2019-10-04 08:26 - 000198859 _____ C:\Users\Hazel\Downloads\New Recording.m4a
2019-10-03 23:43 - 2019-10-03 23:44 - 002260148 _____ C:\Users\Hazel\Downloads\Immersion.m4a
2019-10-03 16:16 - 2019-10-03 16:16 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign33952d4c05f98dc7
2019-10-03 10:53 - 2019-10-04 09:51 - 000000000 ____D C:\Users\Hazel\Downloads\Adobe Premiere Pro Auto-Save
2019-10-03 10:25 - 2019-10-03 10:25 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2019-10-03 10:25 - 2019-10-03 10:25 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2019-10-02 17:24 - 2019-10-03 14:09 - 000042564 _____ C:\Users\Hazel\Downloads\Theo 141.prproj
2019-10-02 16:38 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2019-10-02 16:38 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\system32\id-ID
2019-10-02 16:37 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2019-10-02 16:37 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2019-10-02 16:34 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2019-10-01 23:35 - 2019-10-01 23:35 - 016402758 _____ C:\Users\Hazel\Downloads\Proposal-Defense-FINAL-NA-JUD.pptx
2019-09-28 21:36 - 2019-09-28 21:36 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignb297ca5d248d7db6
2019-09-28 15:35 - 2019-09-28 15:35 - 000380967 _____ C:\Users\Hazel\Downloads\Concrete Construction Article PDF_ Four-by-Eight Test Cylinders Are Big Enough.pdf
2019-09-28 15:35 - 2019-09-28 15:35 - 000380967 _____ C:\Users\Hazel\Downloads\Concrete Construction Article PDF_ Four-by-Eight Test Cylinders Are Big Enough (1).pdf
2019-09-26 08:55 - 2019-09-26 08:55 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignd86c9df9e44b224b
2019-09-25 22:49 - 2019-09-25 22:52 - 082164148 _____ C:\Users\Hazel\Downloads\hoodie.psd
2019-09-25 19:35 - 2019-09-25 19:35 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignad171e947626c7c2
2019-09-25 19:34 - 2019-09-25 19:34 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign495c0a77e6e999be
2019-09-25 19:33 - 2019-09-25 19:33 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign7a8725066c975fe6
2019-09-25 19:33 - 2019-09-25 19:33 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign660e6d9e937de0cf
2019-09-25 19:33 - 2019-09-25 19:33 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign00e5ebcc38bb8c76
2019-09-25 19:19 - 2019-09-25 19:19 - 007050941 _____ C:\Users\Hazel\Downloads\2019_Event_Planning_Kit.pdf
2019-09-25 19:07 - 2019-09-25 19:07 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign895b7ed768ec7f9d
2019-09-24 22:48 - 2019-10-04 20:39 - 002003310 _____ C:\Users\Hazel\Downloads\tianbugayong.dwg
2019-09-24 16:23 - 2019-09-24 16:25 - 004466784 _____ C:\Users\Hazel\Downloads\solera.dwg
2019-09-24 14:14 - 2019-09-24 14:14 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign7d6426c0f4875e7b
2019-09-24 13:43 - 2019-09-24 13:43 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign6fea06bb2c9eb317
2019-09-24 13:43 - 2019-09-24 13:43 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign1567c017351b789f
2019-09-24 13:43 - 2019-09-24 13:43 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign09183bdd5e079d9d
2019-09-24 13:42 - 2019-09-24 13:42 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsigndea7047f61f4ea11
2019-09-24 13:42 - 2019-09-24 13:42 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignbe364355fe4d06bf
2019-09-24 13:42 - 2019-09-24 13:42 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign4f2be9a0df053e87
2019-09-23 23:28 - 2019-09-24 22:32 - 000000036 _____ C:\WINDOWS\progress.ini
2019-09-23 22:02 - 2019-09-24 22:32 - 000000000 ___HD C:\$GetCurrent
2019-09-23 22:02 - 2019-09-24 22:23 - 000000000 ____D C:\Windows10Upgrade
2019-09-23 21:52 - 2019-09-23 21:52 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignccaedc3c67d52439
2019-09-23 17:22 - 2019-09-23 21:50 - 000000000 ____D C:\WINDOWS\UpdateAssistant
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-10-23 18:24 - 2017-01-05 07:54 - 000000184 _____ C:\Users\Hazel\AppData\Roaming\sp_data.sys
2019-10-23 18:16 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-23 18:15 - 2017-01-05 07:54 - 000000000 __SHD C:\Users\Hazel\IntelGraphicsProfiles
2019-10-23 18:14 - 2017-02-17 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-23 11:47 - 2019-03-19 12:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-23 11:24 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF
2019-10-23 11:12 - 2017-12-06 22:31 - 000000000 ____D C:\Users\Hazel\AppData\Local\Packages
2019-10-23 10:50 - 2019-07-13 16:24 - 000000000 ____D C:\Users\Hazel\Documents\Henry
2019-10-23 10:48 - 2018-08-25 21:45 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-10-23 09:35 - 2019-03-15 13:39 - 000000000 ____D C:\Users\Hazel\Documents\EASEC
2019-10-23 08:38 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-23 08:26 - 2017-09-09 23:45 - 000000033 _____ C:\Users\Hazel\AppData\Roaming\AdobeWLCMCache.dat
2019-10-23 01:42 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-23 00:35 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-23 00:28 - 2017-01-10 14:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-23 00:12 - 2017-01-10 14:05 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-22 21:39 - 2019-07-29 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2019-10-22 21:39 - 2019-07-29 00:30 - 000000000 ____D C:\Program Files\Common Files\ChaosGroup
2019-10-22 21:04 - 2017-01-17 22:07 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\BitTorrent
2019-10-22 20:50 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-10-21 18:03 - 2019-09-06 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mendeley Desktop
2019-10-21 18:03 - 2019-08-23 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle - Primavera P6
2019-10-21 18:03 - 2019-08-23 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 10g Express Edition
2019-10-21 18:03 - 2019-05-20 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-10-21 18:03 - 2019-05-08 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Subassembly Composer 2018
2019-10-21 18:03 - 2019-05-08 09:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Storm and Sanitary Analysis 2018
2019-10-21 18:03 - 2019-05-08 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk AutoCAD Civil 3D 2018 - English
2019-10-21 18:03 - 2019-04-24 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETABS 2016
2019-10-21 18:03 - 2019-04-15 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGIS 2.18
2019-10-21 18:03 - 2019-03-19 14:18 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-10-21 18:03 - 2019-03-19 14:18 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-10-21 18:03 - 2019-03-19 12:56 - 000000000 ____D C:\WINDOWS\Setup
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Registration
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\IME
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Help
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-10-21 18:03 - 2019-03-19 12:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\3082
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1055
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1049
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1046
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1045
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1040
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1036
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1029
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\3082
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1055
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1049
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1046
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1045
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1040
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1036
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1033
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1029
2019-10-21 18:03 - 2018-10-05 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-21 18:03 - 2018-08-26 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2018
2019-10-21 18:03 - 2018-08-25 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IronPython 2.7
2019-10-21 18:03 - 2018-08-25 21:41 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2019-10-21 18:03 - 2018-08-25 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP2700 series Manual
2019-10-21 18:03 - 2018-08-25 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP2700 series
2019-10-21 18:03 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-10-21 18:03 - 2017-09-26 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2019-10-21 18:03 - 2017-05-18 12:29 - 000000000 ____D C:\Program Files\UNP
2019-10-21 18:03 - 2017-04-01 12:05 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-10-21 18:03 - 2017-02-17 18:32 - 000000000 ____D C:\Program Files\Intel
2019-10-21 18:03 - 2017-02-17 18:32 - 000000000 ____D C:\Program Files\CONEXANT
2019-10-21 18:03 - 2017-02-17 18:31 - 000000000 ____D C:\Program Files (x86)\Intel
2019-10-21 18:03 - 2017-01-28 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-10-21 18:03 - 2017-01-28 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-10-21 18:03 - 2017-01-10 14:17 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2019-10-21 18:03 - 2017-01-10 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 360
2019-10-21 18:03 - 2017-01-10 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2017 - English
2019-10-21 18:03 - 2017-01-10 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2019-10-21 18:03 - 2017-01-05 08:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-21 18:03 - 2017-01-05 08:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-10-21 18:03 - 2016-10-16 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2019-10-21 18:03 - 2016-10-16 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameFirst IV
2019-10-21 18:03 - 2016-10-16 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2019-10-21 18:03 - 2016-10-16 17:34 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-10-21 18:03 - 2016-03-31 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2019-10-21 18:03 - 2016-03-31 11:50 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-10-21 18:03 - 2016-03-31 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2019-10-21 18:03 - 2016-03-31 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2019-10-21 18:03 - 2016-03-31 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-10-21 17:31 - 2019-06-27 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bentley Engineering
2019-10-21 17:31 - 2019-03-19 14:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-10-21 17:31 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Resources
2019-10-21 17:31 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-21 17:31 - 2019-01-07 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2019-10-21 17:31 - 2018-08-25 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2019-10-21 17:31 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2019-10-21 17:31 - 2017-01-10 14:17 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-10-21 17:31 - 2016-10-16 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2019-10-21 17:31 - 2016-10-16 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2019-10-21 17:31 - 2016-03-31 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KKBOX
2019-10-21 17:30 - 2019-03-19 14:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-10-21 10:23 - 2019-03-19 12:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-10-21 09:59 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-10-21 09:58 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-21 09:43 - 2017-12-06 22:50 - 000000000 ___RD C:\Users\Hazel\3D Objects
2019-10-21 09:43 - 2016-11-21 07:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-21 02:31 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-10-21 02:31 - 2019-03-07 14:35 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForHazel.job
2019-10-21 02:25 - 2019-03-19 12:52 - 000000000 __RSD C:\WINDOWS\Media
2019-10-21 02:15 - 2019-09-07 00:13 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly
2019-10-21 02:15 - 2017-01-05 08:04 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-21 02:09 - 2017-02-17 18:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-10-21 02:09 - 2017-02-17 18:32 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-10-20 12:35 - 2017-03-21 22:56 - 000000000 ____D C:\Users\Hazel\AppData\Local\ElevatedDiagnostics
2019-10-19 23:51 - 2017-01-06 12:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-19 15:01 - 2016-03-31 11:51 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-18 16:56 - 2016-03-31 11:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-17 15:06 - 2017-01-05 13:11 - 000000000 ____D C:\Users\Hazel\AppData\Local\Adobe
2019-10-16 23:27 - 2017-02-10 20:55 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-16 23:27 - 2017-02-10 20:55 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-16 23:27 - 2017-02-10 20:55 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-10-16 12:38 - 2019-07-06 12:41 - 000000000 ____D C:\Users\Hazel\Documents\Academic
2019-10-16 09:33 - 2018-11-26 22:27 - 000000000 ____D C:\Users\Hazel\Documents\Important Document
2019-10-15 00:50 - 2019-08-29 19:02 - 000000000 ____D C:\Users\Hazel\Documents\RC STAAD
2019-10-11 14:39 - 2016-03-31 11:49 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-10 08:33 - 2017-01-05 07:56 - 000000000 ___RD C:\Users\Hazel\OneDrive
2019-10-08 22:52 - 2017-01-05 08:02 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-06 00:37 - 2018-07-19 03:21 - 000000000 ____D C:\ProgramData\Packages
2019-10-05 12:18 - 2019-08-29 15:01 - 005804226 _____ C:\Users\Hazel\Documents\Timber Struc.dwg
2019-10-05 12:18 - 2019-08-29 15:01 - 001705748 _____ C:\Users\Hazel\Documents\Timber Archi.dwg
2019-10-04 23:17 - 2019-08-30 08:31 - 000000000 ____D C:\Users\Hazel\Documents\TIMBER
2019-10-04 13:21 - 2019-08-29 15:01 - 001566588 _____ C:\Users\Hazel\Documents\Timber Archi_recover.dwg
2019-10-04 13:21 - 2018-07-06 16:23 - 000000000 ____D C:\Users\Hazel\AppData\Local\D3DSCache
2019-10-04 08:21 - 2018-02-25 00:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-03 16:03 - 2017-01-21 22:55 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\vlc
2019-10-02 17:38 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-10-02 17:22 - 2017-01-05 07:54 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\Adobe
2019-10-02 14:41 - 2017-10-03 23:14 - 000000000 ____D C:\Program Files\rempl
2019-10-02 02:08 - 2017-02-17 19:06 - 000000000 ____D C:\Users\Hazel\AppData\Local\ConnectedDevicesPlatform
 
==================== Files in the root of some directories ================
 
2017-02-09 23:54 - 2017-02-09 23:54 - 007680000 _____ () C:\Program Files (x86)\GUTD843.tmp
2017-09-09 23:45 - 2019-10-23 08:26 - 000000033 _____ () C:\Users\Hazel\AppData\Roaming\AdobeWLCMCache.dat
2019-04-24 09:08 - 2019-04-24 15:57 - 000001269 _____ () C:\Users\Hazel\AppData\Roaming\ETABS 2016.settings
2017-01-05 07:54 - 2019-10-23 18:24 - 000000184 _____ () C:\Users\Hazel\AppData\Roaming\sp_data.sys
2018-07-01 20:41 - 2019-06-22 15:40 - 000001456 _____ () C:\Users\Hazel\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-09-28 13:53 - 2018-09-28 13:53 - 000000000 _____ () C:\Users\Hazel\AppData\Local\oobelibMkey.log
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2019
Ran by Hazel (23-10-2019 18:30:43)
Running from C:\Users\Hazel\Downloads
Windows 10 Home Single Language Version 1903 18362.418 (X64) (2019-10-20 18:32:53)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3160961081-3692599767-903795011-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3160961081-3692599767-903795011-503 - Limited - Disabled)
Guest (S-1-5-21-3160961081-3692599767-903795011-501 - Limited - Disabled)
Hazel (S-1-5-21-3160961081-3692599767-903795011-1001 - Administrator - Enabled) => C:\Users\Hazel
WDAGUtilityAccount (S-1-5-21-3160961081-3692599767-903795011-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20048 - Adobe Systems Incorporated)
Adobe Ae (HKLM\...\{B910FB1A-0B9D-412D-A735-28AF88A52FF1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
ai (HKLM\...\{66C2EA78-E284-47C1-BFEA-56340D0C68CD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.6.5 - ASUSTek Computer Inc)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.114 - ICEpower a/s)
AutoCAD 2017 - English (HKLM\...\{28B89EEF-0001-0409-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (HKLM\...\{28B89EEF-0001-0409-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.154.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.154.0 - Autodesk) Hidden
AutoCAD Architecture 2018 Language Shared - English (HKLM\...\{28B89EEF-1004-0409-4102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Architecture 2018 Shared (HKLM\...\{28B89EEF-1004-0000-4102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Civil 3D 2018 Help - English (HKLM\...\{28B89EEF-1047-0409-0100-CF3F3A09B77D}) (Version: 12.0.844.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\{AA384BE4-1700-0010-0000-97E7D7D00B17}) (Version: 17.0.416.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\Autodesk A360 Collaboration for Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 - English (HKLM\...\{28B89EEF-1000-0409-2102-CF3F3A09B77D}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 - English (HKLM\...\Autodesk AutoCAD Civil 3D 2018 - English) (Version: 12.0.842.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 (HKLM\...\{28B89EEF-1000-0000-0102-CF3F3A09B77D}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Help - English (HKLM\...\AutoCAD Civil 3D 2018 Help - English) (Version: 12.0.844.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 Language Pack - English (HKLM\...\{28B89EEF-1000-0409-1102-CF3F3A09B77D}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Object Enabler 32 Bit (HKLM-x32\...\{6979BD25-1000-479A-0001-72684B59A545}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Object Enabler 32 Bit (HKLM-x32\...\{9d04fcf1-1000-9043-0001-39caef5b9ebc}) (Version: 12.0.842.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 Object Enabler 64 Bit (HKLM\...\{6979BD25-1000-479A-1001-72684B59A545}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Object Enabler 64 Bit (HKLM-x32\...\{9d04fc1e-1000-4390-1001-39caef5b9ebc}) (Version: 12.0.842.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 Private Pack (HKLM\...\{28B89EEF-1000-0000-3102-CF3F3A09B77D}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Map 3D 2018 Core (HKLM\...\{28B89EEF-1002-0000-0102-CF3F3A09B77D}) (Version: 21.0.015.11 - Autodesk) Hidden
Autodesk AutoCAD Map 3D 2018 Language Pack - English (HKLM\...\{28B89EEF-1002-0409-1102-CF3F3A09B77D}) (Version: 21.0.015.11 - Autodesk) Hidden
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2018 Add-in 64 bit (HKLM\...\{5BE01E33-C3BE-4707-8C95-83B748C5AF15}) (Version: 4.70.6 - Autodesk)
Autodesk BIM 360 Revit 2017 Add-in 64 bit (HKLM\...\{A26EBAD5-9591-407F-9D6C-C7A4F3DFE506}) (Version: 4.37.6853 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk Featured Apps 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk License Service (x64) - 5.1.5 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.5.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Autodesk Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Revit 2017) (Version:  - )
Autodesk Revit Content Libraries 2017 (HKLM\...\Autodesk Revit Content Libraries 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit Content Libraries 2017 (HKLM\...\Revit Content Libraries 2017) (Version:  - )
Autodesk Revit MEP Imperial Content v2.0 (HKLM\...\{F2538944-3E07-4E97-B41A-FC48AB53EE9D}) (Version: 2.0 - Autodesk)
Autodesk Revit MEP Metric Content v2.0 (HKLM\...\{DEF775C7-84BF-4730-976A-FE3747F1757C}) (Version: 2.0 - Autodesk)
Autodesk Storm and Sanitary Analysis 2018 (HKLM-x32\...\{58E36D07-2112-0000-8518-C854F44898ED}) (Version: 12.0.42.0 - Autodesk)
Autodesk Storm and Sanitary Analysis 2018 x64 Plug-in (HKLM\...\{58E36D07-2122-0000-8518-C854F44898ED}) (Version: 12.0.42.0 - Autodesk)
Autodesk Subassembly Composer on Autodesk AutoCAD Civil 3D 2018 - English - English (United States) (HKLM\...\{F99EC705-ECD4-4C45-A21E-BF2A56D2886D}) (Version: 842.0 - Autodesk, Inc.)
Autodesk Vehicle Tracking 2018 (64 bit) Core (HKLM\...\{9BB641F3-24B1-427E-A850-1C02157219EC}) (Version: 18.0.533.0 - Autodesk, Inc.) Hidden
Autodesk Workflows 2017 (HKLM\...\{23A13F78-5B67-441A-ABF9-48BE8B5455DB}) (Version: 15.11.13.0 - Autodesk, Inc.)
Bentley IEG License Service (HKLM-x32\...\{B1687FC2-7412-4B52-83AC-E5475022B506}) (Version: 2.0.20.1 - Bentley Systems, Inc.)
Bentley OpenSTAADOEM (HKLM-x32\...\{703B113F-F445-4875-A244-EE60F8254C10}) (Version: 08.02.09.16 - Bentley Systems, Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.30.60 - Conexant)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Dynamo 0.9.1 (HKLM\...\{85626FB3-CAF9-49C1-AA28-E3C75164BD6F}) (Version: 0.9.1.4062 - Autodesk)
Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON L3110 Series Printer Uninstall (HKLM\...\EPSON L3110 Series) (Version:  - Seiko Epson Corporation)
ETABS 2016 64-bit (HKLM\...\{EF79AC96-AF71-43F6-BCF5-DA7B1841F6D5}) (Version: 16.2.0 - Computers and Structures, Inc.)
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
FormIt 360 Converter For Revit 2017 (HKLM\...\{637211B6-D2E9-474A-BF06-4F61F1254104}) (Version: 1.9.0.0 - Autodesk)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
GameFirst IV (HKLM-x32\...\{2B5BE4E7-3E40-4BC4-A534-5342E3078F89}) (Version: 1.5.12 - ASUS) Hidden
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
Grammarly (HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\GrammarlyForWindows) (Version: 1.5.52 - Grammarly)
Grammarly for Microsoft® Office Suite (HKLM\...\{F0E0C340-6901-47B9-B2E6-F9A4CCAE6C75}) (Version: 6.7.190 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\{92a2ef9a-75ce-46ea-92d9-5774c698c9ee}) (Version: 6.7.190 - Grammarly)
HP Deskjet 2510 series Basic Device Software (HKLM\...\{293CC68A-32BA-4BA4-84BD-0DCF6583566F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Help (HKLM-x32\...\{234DADAD-3C3C-4FB1-90A4-0AF015D56E18}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Product Improvement Study (HKLM\...\{4B3264AA-951A-4A6B-B837-125224261F12}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.13.42.1 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.12.108.1 - Intel Security)
Intel® Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
iTunes (HKLM\...\{DF90B2B3-5832-4E85-934D-8048B33A1D67}) (Version: 12.9.4.102 - Apple Inc.)
KKBOX (HKLM-x32\...\KKBOX) (Version: 6.2.0.570 - KKBOX Taiwan Co., Ltd.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12026.20334 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27029 (HKLM-x32\...\{64ff2cb0-807c-4ee9-87ef-ec1b2ede0daf}) (Version: 14.16.27029.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27029 (HKLM-x32\...\{f50edb7e-c25e-47b4-bc4f-7ec4a4d256b1}) (Version: 14.16.27029.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1096.130 - Microsoft Corporation)
Mozilla Firefox 37.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0 (x86 en-US)) (Version: 37.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Oracle Data Provider for .NET Help (HKLM-x32\...\{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}) (Version: 10.2.000 - Oracle Corporation)
Oracle Database 10g Express Edition (HKLM-x32\...\{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}) (Version: 10.2.1015 - Oracle Corporation) Hidden
Oracle Database 10g Express Edition (HKLM-x32\...\InstallShield_{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}) (Version: 10.2.1015 - Oracle Corporation)
PDF Report Writer (novaPDF 6.4  printer) (HKLM\...\PDF Report Writer_is1) (Version:  - Softland)
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F31F-4024-A289-92CF4B6FB256}) (Version: 16.0.1109.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1109.0 - Autodesk)
PipeLink for STAAD.Pro V8i (Build 20.13.2.27) (HKLM-x32\...\{88A34C6C-D222-4FC2-9B1B-D7EC8B520E65}) (Version: 20.13.2.27 - Bentley Systems, Inc.)
Primavera P6 v7.0 Service Pack 3 (HKLM-x32\...\{1C3AB52E-C4CD-4D72-BCCB-A8FEA142CCCC}) (Version: 7.0.3 - Oracle Corporation) Hidden
Primavera P6 v7.0 Service Pack 3 (HKLM-x32\...\InstallShield_{1C3AB52E-C4CD-4D72-BCCB-A8FEA142CCCC}) (Version: 7.0.3 - Oracle Corporation)
QGIS 2.18.20 'Las Palmas' (HKLM\...\QGIS 2.18) (Version: 2.18.20 - QGIS Development Team)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Revit 2017 (HKLM\...\{7346B4A0-1700-0510-0000-705C0D862004}) (Version: 17.0.416.0 - Autodesk) Hidden
Revit Content Libraries 2017 (HKLM\...\{941030D0-1700-0410-0000-818BB38A95FC}) (Version: 17.0.416.0 - Autodesk) Hidden
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.8 - ASUS)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
SPDS Extension for AutoCAD® 2018 (HKLM\...\{E82D6445-4C8A-4972-8588-69180FDBCE97}) (Version: 22.0.0 - Autodesk, Inc.)
Spotify (HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Spotify) (Version: 1.1.5.153.gf614956d - Spotify AB)
STAAD.foundation V8i (SELECTseries 4) Release 5.3 (HKLM-x32\...\{C3010B65-2BF1-4028-B1D0-0B3D513664AD}) (Version: 05.03.00.32 - Bentley Systems Inc.)
STAAD.Pro V8i SELECTseries 4 (HKLM-x32\...\{9260B6A1-12FE-4912-A7C5-6AF7EB1FBA58}) (Version: 20.07.09.31 - Bentley Systems, Inc.)
StrucLink for STAAD.Pro V8i (Build 20.13.3.14) (HKLM-x32\...\{74DB7277-BA51-450A-AB13-FC3EEFC688CE}) (Version: 20.13.3.14 - Bentley Systems, Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio Community 2017 (HKLM-x32\...\b04772a5) (Version: 15.9.28307.518 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
V-Ray for SketchUp (HKLM\...\V-Ray for SketchUp) (Version: 4.00.02 - Chaos Software Ltd)
V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.4.3 - Chaos Software Ltd)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.1.1.8 - WildTangent)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (11/11/2015 8.0.0.23) (HKLM\...\FF0137EA2940E916D51DA702B6425126CC7C89BF) (Version: 11/11/2015 8.0.0.23 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)
XSplit Gamecaster (HKLM-x32\...\{083E9AF8-1900-4D7A-AB08-0B4BB98D2848}) (Version: 2.7.1512.1839 - SplitmediaLabs)
 
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-08-24] (Adobe Systems Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.150.300.0_x86__kgqvnymyfvs32 [2019-10-23] (king.com)
Cooking Madness: Restaurant Fever -> C:\Program Files\WindowsApps\33051SweetCandyKingdomInc.CookingMadnessRestaurant_1.7.0.0_x86__hjr4mytw8n6et [2019-09-04] (Sweet Candy Kingdom Inc.) [MS Ad]
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-09-01] (MAGIX)
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-04-28] (ASUSTeK COMPUTER INC.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.94.574.0_x64__mcm4njqhnhss8 [2019-09-29] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-10-17] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2017-01-11] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F61CA57E32D5} -> [Creative Cloud Files] => C:\Users\Hazel\Creative Cloud Files [2019-08-24 21:33]
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Hazel\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.190\E3513CB438\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\Hazel\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.190\E3513CB438\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSContextMenu.dll [2015-12-24] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ==================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Hazel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7634a48803fa655b\ASUS GIFTBOX.lnk -> C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (ASUSTek Computer Inc) -> --user-data-dir="C:\Users\Hazel\AppData\Local\ASUS GIFTBOX\User Data" --profile-directory=Default --app-id=gicdkbgeaegfghgkdgaejkfeppmlobel
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-07-29 00:40 - 2019-07-29 00:40 - 000174592 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\ffi\build\Release\ffi_bindings.node
2019-07-29 00:40 - 2019-07-29 00:40 - 000163328 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\ref\build\Release\binding.node
2019-07-29 00:40 - 2019-07-29 00:40 - 000204800 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node
2006-02-02 00:47 - 2006-02-02 00:47 - 000057344 _____ () [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\onsclient.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 000006144 _____ () [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orajox10.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 001937408 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 000079360 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 002177536 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 003561984 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\node.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000029184 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2015-04-22 21:59 - 2015-04-22 21:59 - 001489920 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 001676288 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000178176 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000164864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2006-02-02 00:42 - 2006-02-02 00:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\MSVCR71.dll
2016-10-16 17:34 - 2015-08-27 08:37 - 001943384 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 002392064 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oraclient10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000032256 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\bin\oraclsra10.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 000991232 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oracommon10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000929792 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oracore10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000110592 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oradbcfg10.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 005599232 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orageneric10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000569344 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orahasgen10.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 000094208 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\ORAIMR10.Dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000335872 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oraldapclnt10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 001101824 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oran10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000023552 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\bin\oranbeq10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000005120 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orancds10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000110592 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orancrypt10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000013312 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oranhost10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000029696 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\bin\oranipc10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000249856 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oranl10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000076288 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oranldap10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000806912 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oranls10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 001081344 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orannzsbb10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000307200 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oranro10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000039424 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oransgr10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000065536 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orantcp10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000017408 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orantns10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000434176 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oraocr10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000262144 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oraocrb10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000029696 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\bin\oraocrutl10.dll
2006-02-02 00:46 - 2006-02-02 00:46 - 002113536 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oraplp10.dll
2006-02-02 00:46 - 2006-02-02 00:46 - 003510272 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orapls10.dll
2006-02-02 00:42 - 2006-02-02 00:42 - 000036930 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oraslax10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000159744 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orasnls10.dll
2006-02-02 00:46 - 2006-02-02 00:46 - 000630784 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orasql10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000098304 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oraunls10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000009216 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\orauts.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 000005120 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oravsn10.dll
2006-02-02 00:51 - 2006-02-02 00:51 - 000138000 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orawwg.dll
2006-02-02 00:41 - 2006-02-02 00:41 - 002152340 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oraxml10.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 073507840 _____ (The NWJS Community) [File not signed] C:\Program Files (x86)\ASUS\Giftbox\nw.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 000124928 _____ (The NWJS Community) [File not signed] C:\Program Files (x86)\ASUS\Giftbox\nw_elf.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
 
==================== Safe Mode (Whitelisted) ===================
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Software\Classes\.scr: AutoCADScriptFile => 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 15:24 - 2019-01-01 20:38 - 000001532 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
0.0.0.1 mssplus.mcafee.com 
0.0.0.0 adclick.g.doublecklick.net
0.0.0.0 googleads.g.doubleclick.net
0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 securepubads.g.doubleclick.net
0.0.0.0 pagead2.googlesyndication.com
0.0.0.0 spclient.wg.spotify.com
0.0.0.0 audio2.spotify.com
 
2018-03-10 20:41 - 2019-08-10 19:01 - 000000737 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\oraclexe\app\oracle\product\10.2.0\server\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Common Files\Autodesk Shared\
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run: => "pac"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "Spotify Web Helper"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
22-10-2019 01:20:28 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/23/2019 01:58:07 AM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel® Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.
 
Error: (10/22/2019 10:03:40 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (10/22/2019 10:03:40 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (10/22/2019 09:43:34 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Failed to process session change. System.ArgumentNullException: Value cannot be null.
   at System.Threading.Monitor.Enter(Object obj)
   at McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
   at McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (10/22/2019 09:41:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (10/22/2019 09:41:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (10/22/2019 09:20:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2019.19071.17920.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2e44
 
Start Time: 01d588db5589edd7
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
 
Report Id: b466e67c-636e-4335-ae1c-e44c7fc3ed7a
 
Faulting package full name: Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
Hang type: Quiesce
 
Error: (10/22/2019 09:06:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
 
System errors:
=============
Error: (10/23/2019 06:18:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® SGX AESM service hung on starting.
 
Error: (10/23/2019 06:15:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/23/2019 06:15:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (10/23/2019 06:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kingsoft_WPS_UpdateService service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/23/2019 06:14:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Kingsoft_WPS_UpdateService service to connect.
 
Error: (10/23/2019 12:09:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Conexant - MEDIA - 4/12/2016 12:00:00 AM - 8.66.30.60.
 
Error: (10/22/2019 10:06:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/22/2019 10:06:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
 
Windows Defender:
===================================
Date: 2019-10-23 18:22:30.447
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Azden.A!cl
ID: 2147718745
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Hazel\Downloads\FRST.exe; webfile:_C:\Users\Hazel\Downloads\FRST.exe|https://download.ble...162996407978148
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.305.392.0, AS: 1.305.392.0, NIS: 1.305.392.0
Engine Version: AM: 1.1.16500.1, NIS: 1.1.16500.1
 
Date: 2019-10-23 09:15:53.647
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/AutoKMS
ID: 2147685180
Severity: High
Category: Tool
Path: containerfile:_D:\Installers\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET].zip; containerfile:_D:\Installers\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET].rar; file:_D:\Installers\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET].zip->MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]/MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET].rar->MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]\KMSAuto Net 2015 v1.3.8 Portable\KMSAuto Net.exe; file:_D:\Installers\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET].rar->MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]\KMSAuto Net 2015 v1.3.8 Portable\KMSAuto Net.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.305.363.0, AS: 1.305.363.0, NIS: 1.305.363.0
Engine Version: AM: 1.1.16500.1, NIS: 1.1.16500.1
 
Date: 2019-10-23 09:15:53.647
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Keygen
ID: 2147593794
Severity: High
Category: Tool
Path: containerfile:_D:\Installers\Adobe After Effects CC 2018 v15.0.0 incl Patch.zip; containerfile:_D:\Installers\Civil3D 2018.zip; containerfile:_D:\Installers\Engineering\Adobe Illustrator CC 2017 v21.0.2.242 (x86x64) Incl Crack + Portable [SadeemPC].zip; containerfile:_D:\Installers\Engineering\Autodesk Revit 2017 Win64.zip; containerfile:_D:\Installers\Engineering\SketchUp.rar; file:_D:\Installers\Adobe After Effects CC 2018 v15.0.0 incl Patch.zip->Crack/adobe.snr.patch.v2.0-painter.zip->adobe.snr.patch.v2.0-painter.exe; file:_D:\Installers\Civil3D 2018.zip->civil 3d 2k18/Crack/xf-adsk2018_x64.exe; file:_D:\Installers\Engineering\Adobe Illustrator CC 2017 v21.0.2.242 (x86x64) Incl Crack + Portable [SadeemPC].zip->Adobe Illustrator CC 2017 v21.0.2.242 (x86x64) Incl Crack + Portable [SadeemPC]/Crack/Crack.rar->Crack\Adobe CC 2015 Universal Patcher 2.0\adobe.snr.patch.v2.0-painter.exe; file:_D:\Installers\Engineering\Autodesk Revit 2017 Win64.zip->Autodesk Revit 2017 Win64/crack/xf-adsk2017_x64.zip->xf-adsk2017
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.305.363.0, AS: 1.305.363.0, NIS: 1.305.363.0
Engine Version: AM: 1.1.16500.1, NIS: 1.1.16500.1
 
Date: 2019-10-23 09:15:53.645
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Keygen!MSR
ID: 2147743020
Severity: High
Category: Tool
Path: containerfile:_D:\Installers\Adobe After Effects CC 2018 v15.0.0 incl Patch.zip; containerfile:_D:\Installers\Engineering\Adobe Illustrator CC 2017 v21.0.2.242 (x86x64) Incl Crack + Portable [SadeemPC].zip; file:_D:\Installers\Adobe After Effects CC 2018 v15.0.0 incl Patch.zip->Crack/Adobe CC 2015.5 XFORCE Activation/Keygen_XF-adobecc2015.exe; file:_D:\Installers\Engineering\Adobe Illustrator CC 2017 v21.0.2.242 (x86x64) Incl Crack + Portable [SadeemPC].zip->Adobe Illustrator CC 2017 v21.0.2.242 (x86x64) Incl Crack + Portable [SadeemPC]/Crack/Crack.rar->Crack\Adobe CC 2015.5 XFORCE Activation\Keygen_XF-adobecc2015.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.305.363.0, AS: 1.305.363.0, NIS: 1.305.363.0
Engine Version: AM: 1.1.16500.1, NIS: 1.1.16500.1
 
Date: 2019-10-23 09:15:53.633
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Patch
ID: 2147649714
Severity: High
Category: Tool
Path: containerfile:_D:\Installers\Adobe After Effects CC 2018 v15.0.0 incl Patch.zip; containerfile:_D:\Installers\Adobe.InDesign.CC.2017.0.Build.12.0.0.81.64Bit.iTA-iCV-CreW.rar; file:_D:\Installers\Adobe After Effects CC 2018 v15.0.0 incl Patch.zip->Crack/Adobe CC 2015 Universal Patcher 1.5/adobe.snr.patch-painter.exe; file:_D:\Installers\Adobe.InDesign.CC.2017.0.Build.12.0.0.81.64Bit.iTA-iCV-CreW.rar->Adobe.InDesign.CC.2017.0.Build.12.0.0.81.64Bit.iTA-iCV-CreW\Crack\Patch 2.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.305.363.0, AS: 1.305.363.0, NIS: 1.305.363.0
Engine Version: AM: 1.1.16500.1, NIS: 1.1.16500.1
 
Date: 2019-10-23 18:25:00.739
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.392.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2019-10-22 20:41:38.330
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.304.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2019-10-22 20:05:03.663
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.304.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. GL552VX.204 01/28/2016
Motherboard: ASUSTeK COMPUTER INC. GL552VX
Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 44%
Total physical RAM: 8057.27 MB
Available physical RAM: 4461.8 MB
Total Virtual: 12153.27 MB
Available Virtual: 7678.18 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:465.39 GB) (Free:204.41 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (storage) (Fixed) (Total:464.83 GB) (Free:260.18 GB) NTFS
 
\\?\Volume{2462da5d-bc6c-45c1-9569-3d2bf7e7a5ec}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{09d608e7-1059-4d3c-b2fd-8c1f4ab5775a}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{672b3226-a8d4-4250-a88e-7ce51637ffcc}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6CC37E0A)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,914 posts
  • MVP

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   4.37KB   13 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 


  • 0

#5
heyzeler

heyzeler

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-10-2019
Ran by Hazel (23-10-2019 22:21:42) Run:1
Running from C:\Users\Hazel\Downloads
Loaded Profiles: Hazel (Available Profiles: Hazel)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Task: {16C87D94-E43B-41AF-AD3F-FCE5C5D4A1D6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {2E714087-906F-4D7C-A06F-48A4562BCB51} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {841EF457-5EA6-40B1-95B5-1BDE6803827E} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {AED4BED0-E26C-402F-A660-BD31FCB67D6E} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {DA868C25-65D1-4732-8B3D-25DAD9719C85} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON L3110 Series Update {32F8E2AA-9652-4E56-BC1A-D64CA7C7F66F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUPE.EXE:/EXE:{32F8E2AA-9652-4E56-BC1A-D64CA7C7F66F} /F:UpdateWORKGROUP\DESKTOP-TUO0BQN$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\HPCeeScheduleForHazel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
CMD: SET TEMP=C:\Users\Hazel\AppData\Local\Temp\
CMD: DEL C:\Users\Hazel\AppData\Local\Tempzxpsign*
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16C87D94-E43B-41AF-AD3F-FCE5C5D4A1D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16C87D94-E43B-41AF-AD3F-FCE5C5D4A1D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E714087-906F-4D7C-A06F-48A4562BCB51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E714087-906F-4D7C-A06F-48A4562BCB51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{841EF457-5EA6-40B1-95B5-1BDE6803827E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{841EF457-5EA6-40B1-95B5-1BDE6803827E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AED4BED0-E26C-402F-A660-BD31FCB67D6E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AED4BED0-E26C-402F-A660-BD31FCB67D6E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\WDI\SrvHost => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\SrvHost" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA868C25-65D1-4732-8B3D-25DAD9719C85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA868C25-65D1-4732-8B3D-25DAD9719C85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\EPSON L3110 Series Update {32F8E2AA-9652-4E56-BC1A-D64CA7C7F66F}.job => moved successfully
C:\WINDOWS\Tasks\HPCeeScheduleForHazel.job => moved successfully
C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => moved successfully
C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS removed successfully
 
========= SET TEMP=C:\Users\Hazel\AppData\Local\Temp\ =========
 
 
========= End of CMD: =========
 
 
========= DEL C:\Users\Hazel\AppData\Local\Tempzxpsign* =========
 
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Intel-SST-CFD-HDA/IntelSST.
The instance name passed was not recognized as valid by a WMI data provider.
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 22:23:50 ====

  • 0

#6
heyzeler

heyzeler

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2019
Ran by Hazel (23-10-2019 22:32:51)
Running from C:\Users\Hazel\Downloads
Windows 10 Home Single Language Version 1903 18362.418 (X64) (2019-10-20 18:32:53)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3160961081-3692599767-903795011-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3160961081-3692599767-903795011-503 - Limited - Disabled)
Guest (S-1-5-21-3160961081-3692599767-903795011-501 - Limited - Disabled)
Hazel (S-1-5-21-3160961081-3692599767-903795011-1001 - Administrator - Enabled) => C:\Users\Hazel
WDAGUtilityAccount (S-1-5-21-3160961081-3692599767-903795011-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20048 - Adobe Systems Incorporated)
Adobe Ae (HKLM\...\{B910FB1A-0B9D-412D-A735-28AF88A52FF1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
ai (HKLM\...\{66C2EA78-E284-47C1-BFEA-56340D0C68CD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.6.5 - ASUSTek Computer Inc)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.114 - ICEpower a/s)
AutoCAD 2017 - English (HKLM\...\{28B89EEF-0001-0409-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (HKLM\...\{28B89EEF-0001-0409-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.154.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.154.0 - Autodesk) Hidden
AutoCAD Architecture 2018 Language Shared - English (HKLM\...\{28B89EEF-1004-0409-4102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Architecture 2018 Shared (HKLM\...\{28B89EEF-1004-0000-4102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Civil 3D 2018 Help - English (HKLM\...\{28B89EEF-1047-0409-0100-CF3F3A09B77D}) (Version: 12.0.844.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\{AA384BE4-1700-0010-0000-97E7D7D00B17}) (Version: 17.0.416.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\Autodesk A360 Collaboration for Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 - English (HKLM\...\{28B89EEF-1000-0409-2102-CF3F3A09B77D}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 - English (HKLM\...\Autodesk AutoCAD Civil 3D 2018 - English) (Version: 12.0.842.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 (HKLM\...\{28B89EEF-1000-0000-0102-CF3F3A09B77D}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Help - English (HKLM\...\AutoCAD Civil 3D 2018 Help - English) (Version: 12.0.844.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 Language Pack - English (HKLM\...\{28B89EEF-1000-0409-1102-CF3F3A09B77D}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Object Enabler 32 Bit (HKLM-x32\...\{6979BD25-1000-479A-0001-72684B59A545}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Object Enabler 32 Bit (HKLM-x32\...\{9d04fcf1-1000-9043-0001-39caef5b9ebc}) (Version: 12.0.842.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 Object Enabler 64 Bit (HKLM\...\{6979BD25-1000-479A-1001-72684B59A545}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Civil 3D 2018 Object Enabler 64 Bit (HKLM-x32\...\{9d04fc1e-1000-4390-1001-39caef5b9ebc}) (Version: 12.0.842.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2018 Private Pack (HKLM\...\{28B89EEF-1000-0000-3102-CF3F3A09B77D}) (Version: 12.0.842.0 - Autodesk) Hidden
Autodesk AutoCAD Map 3D 2018 Core (HKLM\...\{28B89EEF-1002-0000-0102-CF3F3A09B77D}) (Version: 21.0.015.11 - Autodesk) Hidden
Autodesk AutoCAD Map 3D 2018 Language Pack - English (HKLM\...\{28B89EEF-1002-0409-1102-CF3F3A09B77D}) (Version: 21.0.015.11 - Autodesk) Hidden
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2018 Add-in 64 bit (HKLM\...\{5BE01E33-C3BE-4707-8C95-83B748C5AF15}) (Version: 4.70.6 - Autodesk)
Autodesk BIM 360 Revit 2017 Add-in 64 bit (HKLM\...\{A26EBAD5-9591-407F-9D6C-C7A4F3DFE506}) (Version: 4.37.6853 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Autodesk Featured Apps 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk License Service (x64) - 5.1.5 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.5.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk ReCap 360 (HKLM\...\{5F0F7049-0000-1033-0102-73A6DA3D7FA6}) (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Autodesk Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Revit 2017) (Version:  - )
Autodesk Revit Content Libraries 2017 (HKLM\...\Autodesk Revit Content Libraries 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit Content Libraries 2017 (HKLM\...\Revit Content Libraries 2017) (Version:  - )
Autodesk Revit MEP Imperial Content v2.0 (HKLM\...\{F2538944-3E07-4E97-B41A-FC48AB53EE9D}) (Version: 2.0 - Autodesk)
Autodesk Revit MEP Metric Content v2.0 (HKLM\...\{DEF775C7-84BF-4730-976A-FE3747F1757C}) (Version: 2.0 - Autodesk)
Autodesk Storm and Sanitary Analysis 2018 (HKLM-x32\...\{58E36D07-2112-0000-8518-C854F44898ED}) (Version: 12.0.42.0 - Autodesk)
Autodesk Storm and Sanitary Analysis 2018 x64 Plug-in (HKLM\...\{58E36D07-2122-0000-8518-C854F44898ED}) (Version: 12.0.42.0 - Autodesk)
Autodesk Subassembly Composer on Autodesk AutoCAD Civil 3D 2018 - English - English (United States) (HKLM\...\{F99EC705-ECD4-4C45-A21E-BF2A56D2886D}) (Version: 842.0 - Autodesk, Inc.)
Autodesk Vehicle Tracking 2018 (64 bit) Core (HKLM\...\{9BB641F3-24B1-427E-A850-1C02157219EC}) (Version: 18.0.533.0 - Autodesk, Inc.) Hidden
Autodesk Workflows 2017 (HKLM\...\{23A13F78-5B67-441A-ABF9-48BE8B5455DB}) (Version: 15.11.13.0 - Autodesk, Inc.)
Bentley IEG License Service (HKLM-x32\...\{B1687FC2-7412-4B52-83AC-E5475022B506}) (Version: 2.0.20.1 - Bentley Systems, Inc.)
Bentley OpenSTAADOEM (HKLM-x32\...\{703B113F-F445-4875-A244-EE60F8254C10}) (Version: 08.02.09.16 - Bentley Systems, Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.30.60 - Conexant)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Dynamo 0.9.1 (HKLM\...\{85626FB3-CAF9-49C1-AA28-E3C75164BD6F}) (Version: 0.9.1.4062 - Autodesk)
Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON L3110 Series Printer Uninstall (HKLM\...\EPSON L3110 Series) (Version:  - Seiko Epson Corporation)
ETABS 2016 64-bit (HKLM\...\{EF79AC96-AF71-43F6-BCF5-DA7B1841F6D5}) (Version: 16.2.0 - Computers and Structures, Inc.)
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production)
FormIt 360 Converter For Revit 2017 (HKLM\...\{637211B6-D2E9-474A-BF06-4F61F1254104}) (Version: 1.9.0.0 - Autodesk)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
GameFirst IV (HKLM-x32\...\{2B5BE4E7-3E40-4BC4-A534-5342E3078F89}) (Version: 1.5.12 - ASUS) Hidden
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.15 - Google Inc.) Hidden
Grammarly (HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\GrammarlyForWindows) (Version: 1.5.52 - Grammarly)
Grammarly for Microsoft® Office Suite (HKLM\...\{F0E0C340-6901-47B9-B2E6-F9A4CCAE6C75}) (Version: 6.7.190 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\{92a2ef9a-75ce-46ea-92d9-5774c698c9ee}) (Version: 6.7.190 - Grammarly)
HP Deskjet 2510 series Basic Device Software (HKLM\...\{293CC68A-32BA-4BA4-84BD-0DCF6583566F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Help (HKLM-x32\...\{234DADAD-3C3C-4FB1-90A4-0AF015D56E18}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Product Improvement Study (HKLM\...\{4B3264AA-951A-4A6B-B837-125224261F12}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.13.42.1 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.12.108.1 - Intel Security)
Intel® Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
iTunes (HKLM\...\{DF90B2B3-5832-4E85-934D-8048B33A1D67}) (Version: 12.9.4.102 - Apple Inc.)
KKBOX (HKLM-x32\...\KKBOX) (Version: 6.2.0.570 - KKBOX Taiwan Co., Ltd.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12026.20334 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27029 (HKLM-x32\...\{64ff2cb0-807c-4ee9-87ef-ec1b2ede0daf}) (Version: 14.16.27029.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27029 (HKLM-x32\...\{f50edb7e-c25e-47b4-bc4f-7ec4a4d256b1}) (Version: 14.16.27029.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1096.130 - Microsoft Corporation)
Mozilla Firefox 37.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0 (x86 en-US)) (Version: 37.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Oracle Data Provider for .NET Help (HKLM-x32\...\{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}) (Version: 10.2.000 - Oracle Corporation)
Oracle Database 10g Express Edition (HKLM-x32\...\{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}) (Version: 10.2.1015 - Oracle Corporation) Hidden
Oracle Database 10g Express Edition (HKLM-x32\...\InstallShield_{F0BC0F9E-C4A8-485C-93ED-424DB9EA3F75}) (Version: 10.2.1015 - Oracle Corporation)
PDF Report Writer (novaPDF 6.4  printer) (HKLM\...\PDF Report Writer_is1) (Version:  - Softland)
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F31F-4024-A289-92CF4B6FB256}) (Version: 16.0.1109.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1109.0 - Autodesk)
PipeLink for STAAD.Pro V8i (Build 20.13.2.27) (HKLM-x32\...\{88A34C6C-D222-4FC2-9B1B-D7EC8B520E65}) (Version: 20.13.2.27 - Bentley Systems, Inc.)
Primavera P6 v7.0 Service Pack 3 (HKLM-x32\...\{1C3AB52E-C4CD-4D72-BCCB-A8FEA142CCCC}) (Version: 7.0.3 - Oracle Corporation) Hidden
Primavera P6 v7.0 Service Pack 3 (HKLM-x32\...\InstallShield_{1C3AB52E-C4CD-4D72-BCCB-A8FEA142CCCC}) (Version: 7.0.3 - Oracle Corporation)
QGIS 2.18.20 'Las Palmas' (HKLM\...\QGIS 2.18) (Version: 2.18.20 - QGIS Development Team)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Revit 2017 (HKLM\...\{7346B4A0-1700-0510-0000-705C0D862004}) (Version: 17.0.416.0 - Autodesk) Hidden
Revit Content Libraries 2017 (HKLM\...\{941030D0-1700-0410-0000-818BB38A95FC}) (Version: 17.0.416.0 - Autodesk) Hidden
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.8 - ASUS)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
SPDS Extension for AutoCAD® 2018 (HKLM\...\{E82D6445-4C8A-4972-8588-69180FDBCE97}) (Version: 22.0.0 - Autodesk, Inc.)
Spotify (HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Spotify) (Version: 1.1.5.153.gf614956d - Spotify AB)
STAAD.foundation V8i (SELECTseries 4) Release 5.3 (HKLM-x32\...\{C3010B65-2BF1-4028-B1D0-0B3D513664AD}) (Version: 05.03.00.32 - Bentley Systems Inc.)
STAAD.Pro V8i SELECTseries 4 (HKLM-x32\...\{9260B6A1-12FE-4912-A7C5-6AF7EB1FBA58}) (Version: 20.07.09.31 - Bentley Systems, Inc.)
StrucLink for STAAD.Pro V8i (Build 20.13.3.14) (HKLM-x32\...\{74DB7277-BA51-450A-AB13-FC3EEFC688CE}) (Version: 20.13.3.14 - Bentley Systems, Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio Community 2017 (HKLM-x32\...\b04772a5) (Version: 15.9.28307.518 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
V-Ray for SketchUp (HKLM\...\V-Ray for SketchUp) (Version: 4.00.02 - Chaos Software Ltd)
V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.4.3 - Chaos Software Ltd)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.1.1.8 - WildTangent)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22866 - Microsoft Corporation)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (11/11/2015 8.0.0.23) (HKLM\...\FF0137EA2940E916D51DA702B6425126CC7C89BF) (Version: 11/11/2015 8.0.0.23 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)
XSplit Gamecaster (HKLM-x32\...\{083E9AF8-1900-4D7A-AB08-0B4BB98D2848}) (Version: 2.7.1512.1839 - SplitmediaLabs)
 
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-08-24] (Adobe Systems Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.150.300.0_x86__kgqvnymyfvs32 [2019-10-23] (king.com)
Cooking Madness: Restaurant Fever -> C:\Program Files\WindowsApps\33051SweetCandyKingdomInc.CookingMadnessRestaurant_1.7.0.0_x86__hjr4mytw8n6et [2019-09-04] (Sweet Candy Kingdom Inc.) [MS Ad]
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-09-01] (MAGIX)
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-04-28] (ASUSTeK COMPUTER INC.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.94.574.0_x64__mcm4njqhnhss8 [2019-09-29] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-10-17] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2017-01-11] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F61CA57E32D5} -> [Creative Cloud Files] => C:\Users\Hazel\Creative Cloud Files [2019-08-24 21:33]
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Hazel\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.190\E3513CB438\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\Hazel\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.190\E3513CB438\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3160961081-3692599767-903795011-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSContextMenu.dll [2015-12-24] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ==================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Hazel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7634a48803fa655b\ASUS GIFTBOX.lnk -> C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (ASUSTek Computer Inc) -> --user-data-dir="C:\Users\Hazel\AppData\Local\ASUS GIFTBOX\User Data" --profile-directory=Default --app-id=gicdkbgeaegfghgkdgaejkfeppmlobel
 
==================== Loaded Modules (Whitelisted) ==============
 
2019-07-29 00:40 - 2019-07-29 00:40 - 000174592 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\ffi\build\Release\ffi_bindings.node
2019-07-29 00:40 - 2019-07-29 00:40 - 000163328 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\ref\build\Release\binding.node
2019-07-29 00:40 - 2019-07-29 00:40 - 000204800 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node
2006-02-02 00:47 - 2006-02-02 00:47 - 000057344 _____ () [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\onsclient.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 000006144 _____ () [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orajox10.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 001937408 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 000079360 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 002177536 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 003561984 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\node.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000029184 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2015-04-22 21:59 - 2015-04-22 21:59 - 001489920 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 001676288 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000178176 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2015-12-03 09:01 - 2015-12-03 09:01 - 000164864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2019-10-23 18:19 - 2019-10-23 18:19 - 004508672 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\hp.supportf7f36df2d#\520617dcd4785a8f9bcac2d2fa1a3551\hp.supportframework.localization.ni.dll
2019-10-23 18:19 - 2019-10-23 18:19 - 001569280 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\HP.SupportFcb4ea9d2#\f4a37203dcd17086623dfbe7cbe5a5c4\HP.SupportFramework.UI.ni.dll
2006-02-02 00:42 - 2006-02-02 00:42 - 000348160 _____ (Microsoft Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\MSVCR71.dll
2016-10-16 17:34 - 2015-08-27 08:37 - 001943384 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 002392064 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oraclient10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000032256 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oraclsra10.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 000991232 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oracommon10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000929792 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oracore10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000110592 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oradbcfg10.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 005599232 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orageneric10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000569344 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orahasgen10.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 000094208 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\ORAIMR10.Dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000335872 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oraldapclnt10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 001101824 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oran10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000023552 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\bin\oranbeq10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000005120 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orancds10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000110592 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orancrypt10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000013312 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oranhost10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000029696 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\bin\oranipc10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000249856 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oranl10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000076288 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oranldap10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000806912 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oranls10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 001081344 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orannzsbb10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000307200 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oranro10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000039424 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oransgr10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000065536 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orantcp10.dll
2006-02-02 00:49 - 2006-02-02 00:49 - 000017408 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orantns10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000434176 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oraocr10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000262144 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oraocrb10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000029696 _____ (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\bin\oraocrutl10.dll
2006-02-02 00:46 - 2006-02-02 00:46 - 002113536 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oraplp10.dll
2006-02-02 00:46 - 2006-02-02 00:46 - 003510272 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orapls10.dll
2006-02-02 00:42 - 2006-02-02 00:42 - 000036930 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oraslax10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000159744 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orasnls10.dll
2006-02-02 00:46 - 2006-02-02 00:46 - 000630784 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orasql10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000098304 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oraunls10.dll
2006-02-02 00:47 - 2006-02-02 00:47 - 000009216 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orauts.dll
2006-02-02 00:43 - 2006-02-02 00:43 - 000005120 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oravsn10.dll
2006-02-02 00:51 - 2006-02-02 00:51 - 000138000 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\orawwg.dll
2006-02-02 00:41 - 2006-02-02 00:41 - 002152340 _____ (Oracle Corporation) [File not signed] c:\oraclexe\app\oracle\product\10.2.0\server\bin\oraxml10.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 073507840 _____ (The NWJS Community) [File not signed] C:\Program Files (x86)\ASUS\Giftbox\nw.dll
2017-09-18 15:15 - 2017-09-18 15:15 - 000124928 _____ (The NWJS Community) [File not signed] C:\Program Files (x86)\ASUS\Giftbox\nw_elf.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
==================== Safe Mode (Whitelisted) ===================
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Software\Classes\.scr: AutoCADScriptFile => 
 
==================== Internet Explorer trusted/restricted ===============
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 15:24 - 2019-01-01 20:38 - 000001532 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
127.0.0.1                   na1r.services.adobe.com
127.0.0.1                   hlrcv.stage.adobe.com
0.0.0.1 mssplus.mcafee.com 
0.0.0.0 adclick.g.doublecklick.net
0.0.0.0 googleads.g.doubleclick.net
0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 securepubads.g.doubleclick.net
0.0.0.0 pagead2.googlesyndication.com
0.0.0.0 spclient.wg.spotify.com
0.0.0.0 audio2.spotify.com
 
2018-03-10 20:41 - 2019-08-10 19:01 - 000000737 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\oraclexe\app\oracle\product\10.2.0\server\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Common Files\Autodesk Shared\
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run: => "pac"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\StartupApproved\Run: => "Spotify Web Helper"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
22-10-2019 01:20:28 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (10/23/2019 10:30:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® SGX AESM service hung on starting.
 
Error: (10/23/2019 10:25:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kingsoft_WPS_UpdateService service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/23/2019 10:25:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Kingsoft_WPS_UpdateService service to connect.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. GL552VX.204 01/28/2016
Motherboard: ASUSTeK COMPUTER INC. GL552VX
Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 8057.27 MB
Available physical RAM: 4040.59 MB
Total Virtual: 11897.27 MB
Available Virtual: 6944.93 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:465.39 GB) (Free:201.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (storage) (Fixed) (Total:464.83 GB) (Free:289.91 GB) NTFS
 
\\?\Volume{2462da5d-bc6c-45c1-9569-3d2bf7e7a5ec}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{09d608e7-1059-4d3c-b2fd-8c1f4ab5775a}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{672b3226-a8d4-4250-a88e-7ce51637ffcc}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6CC37E0A)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

#7
heyzeler

heyzeler

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2019
Ran by Hazel (administrator) on DESKTOP-TUO0BQN (ASUSTeK COMPUTER INC. GL552VX) (23-10-2019 22:29:16)
Running from C:\Users\Hazel\Downloads
Loaded Profiles: Hazel (Available Profiles: Hazel)
Platform: Windows 10 Home Single Language Version 1903 18362.418 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\TNSLSNR.EXE
() [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation -> ) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe
(ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Chaos Software Ltd. -> ) [File not signed] C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\register-service.exe
(Chaos Software Ltd.) [File not signed] C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\swrm.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Dropbox, Inc -> ) C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Intel® Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel® Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel® Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19092.399.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\CUAssistant\culauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\10.2.0\server\BIN\oracle.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUPE.EXE
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.85.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.85.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-11] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-02] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [pac] => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe [339464 2016-02-10] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Run: [Spotify] => C:\Users\Hazel\AppData\Roaming\Spotify\Spotify.exe [25805544 2019-05-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUPE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-08-12] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049600 2017-09-18] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2017-01-05] (McAfee, Inc. -> McAfee, Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0AA1B33D-33CF-436A-BB49-9C63131FD071} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1D179747-E065-4036-9D95-85F48F52C0A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {208365BB-3800-450E-9CEF-90CF6E826DFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {29015622-7C79-456B-836B-959B2336B871} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470440 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {295FB493-08AA-4587-A381-2393ADA37DA6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C4EE33C-890A-424C-B5CF-2375FFEC3727} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-TUO0BQN-Hazel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {468103B2-FA4F-4312-AE65-0AF3416DA7D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {47D6ACFB-6CDF-4CD2-8292-21AF2AC70EE0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [122344 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {4EB2184B-02FE-4F94-AF1D-E45DED5F9069} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {57440F4E-DA8D-4D0F-8B2E-EFF25DF18969} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [144248 2019-10-10] (HP Inc. -> HP Inc.)
Task: {59BFAF79-5492-4793-B501-DC5C894F4BCA} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049600 2017-09-18] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
Task: {5CAFAACC-94B5-45FE-8A4F-6CB3017B9DFD} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-12-19] (ASUSTeK Computer Inc. -> AsusTek)
Task: {5F9D1810-3F79-432A-8466-73136D1795BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {62083922-CD20-44CD-A50A-829A24191228} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470440 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C543AE1-E43C-4C00-8D47-E023CFE03C72} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-19] (HP Inc. -> )
Task: {71EB0AA9-312F-4A02-831D-926DAD96683C} - System32\Tasks\HPCeeScheduleForHazel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {72B50BC7-0050-49FB-940F-02DC270FF0DD} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [3643592 2016-03-15] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7553F2AE-A402-46A9-84E0-94E81F8A466D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [250232 2019-10-08] (HP Inc. -> HP Inc.)
Task: {801EEF95-4DFF-437A-9816-9A4EECB2435A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {8155111A-B36F-4742-9164-7F05E7C603EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81D2D295-E36B-49A4-B383-5E2AF706D923} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [570240 2017-02-14] (Apple Inc. -> Apple Inc.)
Task: {82FAE235-A909-4627-A1C7-7CC7E74411D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {895D1674-D51B-4FAB-8B4E-910A89F5CE57} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1616160 2016-01-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {8DE908AF-7CE6-43C6-A080-D9F300758FDE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {8E7CADF0-5715-4C1A-8E16-BBD4AAF24082} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-09] (Google Inc -> Google Inc.)
Task: {9516E27D-357B-4DE6-85F2-77693A5E2027} - System32\Tasks\EPSON L3110 Series Update {32F8E2AA-9652-4E56-BC1A-D64CA7C7F66F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUPE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {960DBD42-A68E-4651-8987-FCBCD641E667} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {97767B9B-512E-4A93-8E8A-B44CC737A593} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [468120 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E61207A-4352-4DEF-9D0F-08A0F7E5E665} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe [514408 2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {A9D7BF1D-C3BB-43B7-9638-DA8B89A1F338} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295856 2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC113191-7D97-4D5D-9C6E-49D497A03EEC} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54784 2015-12-03] (ASUS) [File not signed]
Task: {B98EE57E-3E56-40D3-8712-03389D55CC19} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C54F58FB-0EB5-4234-A718-8F102C9AA322} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [4119656 2012-10-02] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {D7A5AB92-48DC-415B-A3DD-AD0FF01C77F4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [122344 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9ABE4FF-21F1-45E2-858C-626E72A7EBB5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295856 2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC200C68-CD06-43CE-B1FF-5440A804ACFA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1430176 2019-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF55E94D-D04C-4BCC-B245-9CB05B1B296D} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe [481128 2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {E950B5FD-26F5-4BE8-A05D-F60260BAA7FD} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )
Task: {FDE8097A-2775-4CA0-9176-07B2D7774CD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-09] (Google Inc -> Google Inc.)
Task: {FECF8FD8-823F-4C97-AE17-E48303974A94} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FF274BF5-CD7E-4F41-A40F-749369997FE4} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6beea351-e5fa-4bd1-a9bb-b47e47435556}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{80fb65e1-dd0a-4ae2-873c-398adc0a8811}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{a4acc05d-7048-498a-b9c0-e7d82aec20a9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d83180f9-2c1d-4387-b890-ce2d653008cc}: [DhcpNameServer] 103.37.51.193
 
Internet Explorer:
==================
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-3160961081-3692599767-903795011-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3160961081-3692599767-903795011-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3160961081-3692599767-903795011-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (McAfee, Inc. -> Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-04] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Oracle\Primavera Common\Java\_jvm\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-04] (Sun Microsystems, Inc.) [File not signed]
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (McAfee, Inc. -> Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-04] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: nuh4q3tq.default
FF ProfilePath: C:\Users\Hazel\AppData\Roaming\Mozilla\Firefox\Profiles\nuh4q3tq.default [2018-11-11]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-11] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN -> VideoLAN) [File not signed]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default [2019-10-23]
CHR Extension: (Docs) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-05]
CHR Extension: (YouTube) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-05]
CHR Extension: (Google Search) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-01-05]
CHR Extension: (Mendeley Web Importer) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2019-10-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-01]
CHR Extension: (Google Docs Offline) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Grammarly for Chrome) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-10-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Hazel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
U2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe [716824 2019-09-22] (Intel® Software Development Products -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [415992 2019-01-30] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642472 2019-10-14] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel® Software -> Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent Inc -> WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [360312 2019-10-14] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-15] (Canon Inc. -> )
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-09-19] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-31] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc. -> McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe [102400 2006-02-02] () [File not signed]
S3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe [57616 2006-02-02] (Oracle Corporation) [File not signed]
R2 OracleServiceXE; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE [59064320 2006-02-02] (Oracle Corporation) [File not signed]
S3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe [45056 2006-02-02] () [File not signed]
R2 OracleXETNSListener; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [204800 2006-02-02] () [File not signed]
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [49704 2016-03-15] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2017-01-05] (McAfee, Inc. -> McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-01-05] (McAfee, Inc. -> McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-01-05] (McAfee, Inc. -> McAfee, Inc.)
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\register-service.exe [90176 2019-07-29] (Chaos Software Ltd. -> ) [File not signed]
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-09-30] (Intel® Software -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [141304 2015-12-19] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-17] (Intel® Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel® Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel® Software -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-29] (Intel® Software -> Intel Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (TITAN ARC CORP. TAIWAN BRANCH (SAMOA) -> Titan ARC Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [17003280 2017-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46688 2019-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [350136 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-10-23 22:29 - 2019-10-23 22:31 - 000041449 _____ C:\Users\Hazel\Downloads\FRST.txt
2019-10-23 22:21 - 2019-10-23 22:23 - 000006485 _____ C:\Users\Hazel\Downloads\Fixlog.txt
2019-10-23 22:18 - 2019-10-23 22:19 - 001617920 _____ (Farbar) C:\Users\Hazel\Downloads\FRST64.exe
2019-10-23 19:13 - 2019-10-23 19:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignabd36505a7e7fe25
2019-10-23 19:13 - 2019-10-23 19:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign5e7d28440f7b2890
2019-10-23 19:13 - 2019-10-23 19:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign5508c3f3b55087af
2019-10-23 18:24 - 2019-10-23 22:30 - 000000000 ____D C:\FRST
2019-10-23 08:30 - 2019-10-23 08:30 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign84b06f6ca5f7d62d
2019-10-23 08:27 - 2019-10-23 08:27 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign91e05e95cd4f29ee
2019-10-23 08:27 - 2019-10-23 08:27 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign4d7ad7e0f78d5d34
2019-10-23 08:27 - 2019-10-23 08:27 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign067aee8feb38ad17
2019-10-22 22:13 - 2019-10-22 22:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsigne940ae0e03e4212d
2019-10-22 22:13 - 2019-10-22 22:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign4150225ff3685e43
2019-10-22 22:13 - 2019-10-22 22:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign111bf7b5aa4c97e2
2019-10-22 01:57 - 2019-10-22 01:57 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign939616daa2d2b96b
2019-10-21 18:03 - 2019-10-21 02:32 - 000000000 ____D C:\Windows.old
2019-10-21 17:30 - 2019-10-21 18:03 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-10-21 17:29 - 2019-10-21 17:30 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-10-21 17:29 - 2019-10-21 17:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-10-21 17:27 - 2019-10-21 17:27 - 000000000 ____D C:\ProgramData\USOShared
2019-10-21 17:24 - 2019-10-21 17:24 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 022628352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 019811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 005764872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-10-21 17:24 - 2019-10-21 17:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-10-21 17:24 - 2019-10-21 17:24 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-21 17:24 - 2019-10-21 17:24 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 002258856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 002236144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-21 17:24 - 2019-10-21 17:24 - 002132280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001788728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-10-21 17:24 - 2019-10-21 17:24 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000487576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-10-21 17:24 - 2019-10-21 17:24 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-21 17:24 - 2019-10-21 17:24 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-21 17:24 - 2019-10-21 17:24 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-10-21 17:24 - 2019-10-21 17:24 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000100664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2019-10-21 17:24 - 2019-10-21 17:24 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-10-21 17:24 - 2019-10-21 17:24 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-10-21 17:24 - 2019-10-21 17:24 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-21 17:24 - 2019-10-21 17:24 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2019-10-21 17:24 - 2019-10-21 17:24 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-10-21 17:23 - 2019-10-21 17:24 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 007848192 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 006425600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 006227624 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 006164480 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 006084048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 005105152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 004612520 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 004046336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003964056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003742032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003386880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 003105280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 002772032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002160640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002120272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002069504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001913296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-10-21 17:23 - 2019-10-21 17:23 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001664928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001664376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001512320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-10-21 17:23 - 2019-10-21 17:23 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001261800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001054872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001036800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000944664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-21 17:23 - 2019-10-21 17:23 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000833312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000732176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000551952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000334936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000119840 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-10-21 17:23 - 2019-10-21 17:23 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-10-21 17:23 - 2019-10-21 17:23 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-10-21 17:23 - 2019-10-21 17:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-21 17:14 - 2019-10-21 18:03 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-10-21 17:14 - 2019-10-21 17:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-10-21 17:14 - 2019-10-21 17:14 - 000000000 ____D C:\Program Files\MSBuild
2019-10-21 17:14 - 2019-03-19 11:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-10-21 17:14 - 2019-03-19 11:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-10-21 17:14 - 2019-03-19 11:16 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-10-21 17:14 - 2019-03-19 10:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-10-21 17:14 - 2019-03-19 10:09 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-10-21 17:14 - 2019-03-02 09:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-10-21 17:14 - 2019-03-02 09:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-10-21 17:14 - 2019-03-02 09:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-10-21 17:14 - 2019-03-02 09:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-10-21 17:14 - 2019-02-06 10:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-10-21 17:14 - 2019-02-06 10:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-10-21 17:14 - 2019-02-06 10:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-10-21 17:14 - 2018-08-10 06:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-10-21 17:10 - 2019-10-21 17:10 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-21 17:10 - 2019-10-21 17:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-10-21 09:45 - 2019-10-21 09:45 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-10-21 09:43 - 2019-10-21 09:43 - 000000020 ___SH C:\Users\Hazel\ntuser.ini
2019-10-21 02:31 - 2019-10-23 22:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-21 02:31 - 2019-10-23 18:23 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{CAF69248-8177-41D6-BEC7-65AA54FAF32B}
2019-10-21 02:31 - 2019-10-23 11:32 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-21 02:31 - 2019-10-21 02:32 - 000003500 _____ C:\WINDOWS\system32\Tasks\EPSON L3110 Series Update {32F8E2AA-9652-4E56-BC1A-D64CA7C7F66F}
2019-10-21 02:31 - 2019-10-21 02:32 - 000003462 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2019-10-21 02:31 - 2019-10-21 02:32 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-21 02:31 - 2019-10-21 02:32 - 000003004 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_Administrator
2019-10-21 02:31 - 2019-10-21 02:32 - 000003004 _____ C:\WINDOWS\system32\Tasks\WpsNotifyTask_Administrator
2019-10-21 02:31 - 2019-10-21 02:32 - 000002924 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3
2019-10-21 02:31 - 2019-10-21 02:32 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3160961081-3692599767-903795011-1001
2019-10-21 02:31 - 2019-10-21 02:32 - 000002800 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForHazel
2019-10-21 02:31 - 2019-10-21 02:32 - 000002706 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Deskjet 2510 series
2019-10-21 02:31 - 2019-10-21 02:32 - 000002214 _____ C:\WINDOWS\system32\Tasks\ATK Package A22126881260
2019-10-21 02:31 - 2019-10-21 02:31 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-10-21 02:31 - 2019-10-21 02:31 - 000003238 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2019-10-21 02:31 - 2019-10-21 02:31 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-21 02:31 - 2019-10-21 02:31 - 000002862 _____ C:\WINDOWS\system32\Tasks\ASUS Smart Gesture Launcher
2019-10-21 02:31 - 2019-10-21 02:31 - 000002772 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-TUO0BQN-Hazel
2019-10-21 02:31 - 2019-10-21 02:31 - 000002516 _____ C:\WINDOWS\system32\Tasks\ROG Gaming Center
2019-10-21 02:31 - 2019-10-21 02:31 - 000002340 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2019-10-21 02:31 - 2019-10-21 02:31 - 000002262 _____ C:\WINDOWS\system32\Tasks\DropboxOEM
2019-10-21 02:31 - 2019-10-21 02:31 - 000002214 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUSTek Computer Inc
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2019-10-21 02:31 - 2019-10-21 02:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2019-10-21 02:30 - 2019-10-21 02:31 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-10-21 02:30 - 2019-10-21 02:31 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-10-21 02:25 - 2019-10-21 10:01 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-21 02:12 - 2019-10-21 09:43 - 000000000 ____D C:\Users\Hazel
2019-10-21 02:12 - 2019-03-19 12:46 - 000001105 _____ C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-21 02:09 - 2016-11-30 07:36 - 000113672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2019-10-21 02:09 - 2016-11-30 07:36 - 000104456 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2019-10-21 02:08 - 2019-09-10 01:44 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-10-21 02:04 - 2019-10-23 21:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-21 02:04 - 2019-10-21 02:17 - 001131264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-10-20 22:14 - 2019-10-21 09:43 - 000000000 ___DC C:\WINDOWS\Panther
2019-10-20 21:15 - 2019-10-20 21:15 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignd0c1cd4ce8a75abc
2019-10-20 21:15 - 2019-10-20 21:15 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignb26ba32f5ea2cdca
2019-10-20 21:15 - 2019-10-20 21:15 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign6346d934ca01986e
2019-10-20 20:48 - 2019-10-20 20:48 - 000000000 ____D C:\Users\Hazel\AppData\Local\HP_Inc
2019-10-20 12:47 - 2019-10-23 08:42 - 000000000 ____D C:\ESD
2019-10-20 12:41 - 2019-10-20 12:41 - 006261296 _____ (Microsoft Corporation) C:\Users\Hazel\Downloads\Windows10Upgrade9252.exe
2019-10-20 12:40 - 2019-10-20 12:41 - 019255000 _____ (Microsoft Corporation) C:\Users\Hazel\Downloads\MediaCreationTool1903.exe
2019-10-20 12:35 - 2019-10-20 12:35 - 000214174 _____ C:\Users\Hazel\Downloads\WindowsFirewall.diagcab
2019-10-19 21:00 - 2019-10-19 21:00 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignc18c3376ba03e8ab
2019-10-19 17:59 - 2019-10-19 17:59 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignafc41aa1392aa08c
2019-10-19 17:59 - 2019-10-19 17:59 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign85ecb1a765da1e67
2019-10-19 17:59 - 2019-10-19 17:59 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign6bbebc6cc286751c
2019-10-19 16:47 - 2019-10-19 16:47 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign99eb7c70b2e73145
2019-10-19 16:47 - 2019-10-19 16:47 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign47a299b6deb256dc
2019-10-19 16:47 - 2019-10-19 16:47 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign059f674b26f6fc90
2019-10-19 12:40 - 2019-10-19 12:40 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignedd89bd852e1b6a5
2019-10-19 00:05 - 2019-10-19 00:05 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignaaffe0a786f0bcd2
2019-10-18 19:25 - 2019-10-18 19:25 - 001322394 _____ C:\Users\Hazel\Downloads\Achievers.pptx
2019-10-18 17:26 - 2019-10-18 17:26 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignfdb9aa70943423a3
2019-10-18 17:24 - 2019-10-18 17:24 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignbc405655f1756655
2019-10-18 17:24 - 2019-10-18 17:24 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignb0a99b904ea9cd55
2019-10-18 16:58 - 2019-10-18 16:58 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsigndb8860c98109260d
2019-10-18 16:58 - 2019-10-18 16:58 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign2a99a71949aec3e8
2019-10-18 16:58 - 2019-10-18 16:58 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign08b8c06b89c21190
2019-10-17 14:57 - 2019-10-17 14:57 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign8e8b4f6162e04eda
2019-10-17 13:13 - 2019-10-17 13:13 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign221cf983cab04c2d
2019-10-16 16:00 - 2019-10-16 15:54 - 186204407 _____ C:\Users\Hazel\Documents\Men's Hoodie Mockup.zip
2019-10-16 16:00 - 2019-06-18 05:51 - 000000000 ____D C:\Users\Hazel\Documents\Men's Hoodie Mockup
2019-10-16 15:59 - 2019-06-18 05:51 - 000000000 ____D C:\Users\Hazel\Downloads\Men's Hoodie Mockup
2019-10-16 15:44 - 2019-10-16 15:54 - 186204407 _____ C:\Users\Hazel\Downloads\Men's Hoodie Mockup.zip
2019-10-16 15:43 - 2019-10-16 15:43 - 073937972 _____ C:\Users\Hazel\Downloads\Men's Hoodie Mockup Free Download.zip
2019-10-16 15:43 - 2019-10-16 15:43 - 000000000 ____D C:\Users\Hazel\Downloads\Men's Hoodie Mockup Free Download
2019-10-16 13:58 - 2019-10-16 13:58 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign4ba96dfff2a6b7f7
2019-10-16 13:56 - 2019-10-16 13:56 - 084697228 _____ C:\Users\Hazel\Downloads\saki.psd
2019-10-16 13:56 - 2019-10-16 13:56 - 082164148 _____ C:\Users\Hazel\Downloads\hoodie (1).psd
2019-10-16 13:51 - 2019-10-16 13:51 - 009598618 _____ C:\Users\Hazel\Downloads\arki hoodie.pptx
2019-10-13 01:56 - 2019-10-16 09:33 - 000000000 ____D C:\Users\Hazel\Documents\RC
2019-10-13 01:15 - 2019-10-13 01:15 - 001931264 _____ (Microsoft Corporation) C:\WINDOWS\system32\winscomrssrv.dll
2019-10-13 01:15 - 2019-10-13 01:15 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-10-13 01:15 - 2019-10-13 01:15 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2019-10-11 22:51 - 2019-10-11 22:51 - 011881188 _____ C:\Users\Hazel\Downloads\MOCK-DEFENSE.pptx
2019-10-11 15:03 - 2019-10-11 15:03 - 020000000 _____ C:\Users\Hazel\Downloads\Lumion_9_5_Trial_LUM9TRIAL-1a.bin
2019-10-11 15:00 - 2019-10-11 15:03 - 000000000 ____D C:\Users\Hazel\AppData\Local\Lumion_9_5_Trial
2019-10-11 14:59 - 2019-10-11 14:59 - 001746600 _____ C:\Users\Hazel\Downloads\Lumion_9_5_Trial_Download.exe
2019-10-11 14:41 - 2019-10-11 14:50 - 000000000 ____D C:\Users\Hazel\Documents\Lumion 9.0
2019-10-11 14:41 - 2019-10-11 14:42 - 000000000 ____D C:\Users\Hazel\AppData\Local\Lumion 9.0
2019-10-11 14:39 - 2019-10-11 14:39 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\Quest3D
2019-10-11 14:02 - 2019-04-24 09:38 - 828125634 _____ C:\Users\Hazel\Downloads\Lumion 9.zip
2019-10-11 08:39 - 2019-10-11 08:39 - 000092634 _____ C:\Users\Hazel\Downloads\CMProject-GanttChart.pdf
2019-10-10 23:53 - 2019-10-10 23:53 - 003870627 _____ C:\Users\Hazel\Downloads\Project3.dwg
2019-10-08 02:01 - 2019-10-08 02:01 - 000176653 _____ C:\Users\Hazel\Downloads\CMProject-PERT-CPM.pdf
2019-10-08 02:01 - 2019-10-08 02:01 - 000163719 _____ C:\Users\Hazel\Downloads\CMProject-WorksSpecs.pdf
2019-10-07 22:41 - 2019-10-07 22:42 - 000326994 _____ C:\Users\Hazel\Downloads\CMProject-Estimates.pdf
2019-10-07 22:32 - 2019-10-07 22:32 - 001182041 _____ C:\Users\Hazel\Downloads\Postal-ID-Form.pdf
2019-10-07 02:05 - 2019-10-07 02:05 - 020437744 _____ C:\Users\Hazel\Downloads\BD-2-Prelim-Exam-DELMO-Kris-Lois-C..skb
2019-10-07 00:59 - 2019-10-07 01:04 - 199673832 _____ (InstallShield Software Corporation) C:\Users\Hazel\Downloads\Install_IRender_2019_SI26.exe
2019-10-06 18:46 - 2019-10-06 18:46 - 000101226 _____ C:\Users\Hazel\Downloads\CM-PERT-CPM-Layout1.pdf
2019-10-06 18:45 - 2019-10-06 18:45 - 000313285 _____ C:\Users\Hazel\Downloads\CM-PERT-CPM.dwg
2019-10-06 18:45 - 2019-10-06 18:45 - 000192630 _____ C:\Users\Hazel\Downloads\CM-GANTT-1-Model.pdf
2019-10-06 18:45 - 2019-10-06 18:45 - 000052323 _____ C:\Users\Hazel\Downloads\GANTT-CHART.xlsx
2019-10-06 18:44 - 2019-10-06 18:45 - 000232133 _____ C:\Users\Hazel\Downloads\CM-GANTT-2-Model (1).pdf
2019-10-06 18:43 - 2019-10-06 18:43 - 000232133 _____ C:\Users\Hazel\Downloads\CM-GANTT-2-Model.pdf
2019-10-06 03:02 - 2019-10-16 10:33 - 000000000 ____D C:\Users\Hazel\Documents\CM
2019-10-05 22:14 - 2019-10-05 22:14 - 020266718 _____ C:\Users\Hazel\Downloads\AutoSave_BD-2-Prelim-Exam-DELMO-Kris-Lois-C..skp
2019-10-05 20:43 - 2019-10-11 14:03 - 020439615 _____ C:\Users\Hazel\Downloads\BD-2-Prelim-Exam-DELMO-Kris-Lois-C..skp
2019-10-05 20:43 - 2019-10-05 20:43 - 004712269 _____ C:\Users\Hazel\Downloads\BD-2-Prelim-Exam-DELMO-Kris-Lois-C..dwg
2019-10-05 14:17 - 2019-10-23 19:10 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-10-05 14:17 - 2019-10-23 19:10 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-10-04 23:18 - 2019-10-04 23:18 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignffd917d1c4282dfe
2019-10-04 23:18 - 2019-10-04 23:18 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsigna6c930eb79272e32
2019-10-04 23:18 - 2019-10-04 23:18 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign624b52f0d1558448
2019-10-04 21:43 - 2019-10-05 12:04 - 000376682 _____ C:\Users\Hazel\Documents\LogoTimber.ai
2019-10-04 21:33 - 2019-10-04 21:33 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign41e381ec3e18f881
2019-10-04 21:32 - 2019-10-04 21:32 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign7a284619fea3f2b1
2019-10-04 21:32 - 2019-10-04 21:32 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign6abaa5b7ad0cd5df
2019-10-04 21:32 - 2019-10-04 21:32 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign30905fba7ba7fc72
2019-10-04 21:32 - 2019-10-04 21:32 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign1f3636b024e05547
2019-10-04 20:39 - 2019-09-24 22:48 - 002128104 _____ C:\Users\Hazel\Downloads\tianbugayong.bak
2019-10-04 15:09 - 2019-10-04 15:11 - 000065103 _____ C:\Users\Hazel\Downloads\Unconfirmed 23173.crdownload
2019-10-04 14:13 - 2019-10-16 09:32 - 000000000 ____D C:\Users\Hazel\Documents\TIMBER FINAL
2019-10-04 13:21 - 2019-10-04 13:21 - 000000181 _____ C:\Users\Hazel\Documents\acad.err
2019-10-04 08:26 - 2019-10-04 08:26 - 000198859 _____ C:\Users\Hazel\Downloads\New Recording.m4a
2019-10-03 23:43 - 2019-10-03 23:44 - 002260148 _____ C:\Users\Hazel\Downloads\Immersion.m4a
2019-10-03 16:16 - 2019-10-03 16:16 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign33952d4c05f98dc7
2019-10-03 10:53 - 2019-10-04 09:51 - 000000000 ____D C:\Users\Hazel\Downloads\Adobe Premiere Pro Auto-Save
2019-10-03 10:25 - 2019-10-03 10:25 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2019-10-03 10:25 - 2019-10-03 10:25 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2019-10-02 17:24 - 2019-10-03 14:09 - 000042564 _____ C:\Users\Hazel\Downloads\Theo 141.prproj
2019-10-02 16:38 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2019-10-02 16:38 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\system32\id-ID
2019-10-02 16:37 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2019-10-02 16:37 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2019-10-02 16:34 - 2019-10-21 17:31 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2019-10-01 23:35 - 2019-10-01 23:35 - 016402758 _____ C:\Users\Hazel\Downloads\Proposal-Defense-FINAL-NA-JUD.pptx
2019-09-28 21:36 - 2019-09-28 21:36 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignb297ca5d248d7db6
2019-09-28 15:35 - 2019-09-28 15:35 - 000380967 _____ C:\Users\Hazel\Downloads\Concrete Construction Article PDF_ Four-by-Eight Test Cylinders Are Big Enough.pdf
2019-09-28 15:35 - 2019-09-28 15:35 - 000380967 _____ C:\Users\Hazel\Downloads\Concrete Construction Article PDF_ Four-by-Eight Test Cylinders Are Big Enough (1).pdf
2019-09-26 08:55 - 2019-09-26 08:55 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignd86c9df9e44b224b
2019-09-25 22:49 - 2019-09-25 22:52 - 082164148 _____ C:\Users\Hazel\Downloads\hoodie.psd
2019-09-25 19:35 - 2019-09-25 19:35 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignad171e947626c7c2
2019-09-25 19:34 - 2019-09-25 19:34 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign495c0a77e6e999be
2019-09-25 19:33 - 2019-09-25 19:33 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign7a8725066c975fe6
2019-09-25 19:33 - 2019-09-25 19:33 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign660e6d9e937de0cf
2019-09-25 19:33 - 2019-09-25 19:33 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign00e5ebcc38bb8c76
2019-09-25 19:19 - 2019-09-25 19:19 - 007050941 _____ C:\Users\Hazel\Downloads\2019_Event_Planning_Kit.pdf
2019-09-25 19:07 - 2019-09-25 19:07 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign895b7ed768ec7f9d
2019-09-24 22:48 - 2019-10-04 20:39 - 002003310 _____ C:\Users\Hazel\Downloads\tianbugayong.dwg
2019-09-24 16:23 - 2019-09-24 16:25 - 004466784 _____ C:\Users\Hazel\Downloads\solera.dwg
2019-09-24 14:14 - 2019-09-24 14:14 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign7d6426c0f4875e7b
2019-09-24 13:43 - 2019-09-24 13:43 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign6fea06bb2c9eb317
2019-09-24 13:43 - 2019-09-24 13:43 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign1567c017351b789f
2019-09-24 13:43 - 2019-09-24 13:43 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign09183bdd5e079d9d
2019-09-24 13:42 - 2019-09-24 13:42 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsigndea7047f61f4ea11
2019-09-24 13:42 - 2019-09-24 13:42 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignbe364355fe4d06bf
2019-09-24 13:42 - 2019-09-24 13:42 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsign4f2be9a0df053e87
2019-09-23 23:28 - 2019-09-24 22:32 - 000000036 _____ C:\WINDOWS\progress.ini
2019-09-23 22:02 - 2019-09-24 22:32 - 000000000 ___HD C:\$GetCurrent
2019-09-23 22:02 - 2019-09-24 22:23 - 000000000 ____D C:\Windows10Upgrade
2019-09-23 21:52 - 2019-09-23 21:52 - 000000000 ____D C:\Users\Hazel\AppData\Local\Tempzxpsignccaedc3c67d52439
2019-09-23 17:22 - 2019-09-23 21:50 - 000000000 ____D C:\WINDOWS\UpdateAssistant
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-10-23 22:32 - 2017-01-05 07:54 - 000000184 _____ C:\Users\Hazel\AppData\Roaming\sp_data.sys
2019-10-23 22:27 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-23 22:26 - 2017-01-05 07:54 - 000000000 __SHD C:\Users\Hazel\IntelGraphicsProfiles
2019-10-23 22:25 - 2017-02-17 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-23 22:24 - 2019-03-19 12:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-23 22:00 - 2019-03-15 13:39 - 000000000 ____D C:\Users\Hazel\Documents\EASEC
2019-10-23 21:59 - 2018-08-25 21:45 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-10-23 19:10 - 2017-09-09 23:45 - 000000033 _____ C:\Users\Hazel\AppData\Roaming\AdobeWLCMCache.dat
2019-10-23 18:51 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-10-23 18:34 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF
2019-10-23 11:12 - 2017-12-06 22:31 - 000000000 ____D C:\Users\Hazel\AppData\Local\Packages
2019-10-23 10:50 - 2019-07-13 16:24 - 000000000 ____D C:\Users\Hazel\Documents\Henry
2019-10-23 08:38 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-23 01:42 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-23 00:35 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-23 00:28 - 2017-01-10 14:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-23 00:12 - 2017-01-10 14:05 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-22 21:39 - 2019-07-29 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2019-10-22 21:39 - 2019-07-29 00:30 - 000000000 ____D C:\Program Files\Common Files\ChaosGroup
2019-10-22 21:04 - 2017-01-17 22:07 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\BitTorrent
2019-10-22 20:50 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-10-21 18:03 - 2019-09-06 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mendeley Desktop
2019-10-21 18:03 - 2019-08-23 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle - Primavera P6
2019-10-21 18:03 - 2019-08-23 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle Database 10g Express Edition
2019-10-21 18:03 - 2019-05-20 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-10-21 18:03 - 2019-05-08 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Subassembly Composer 2018
2019-10-21 18:03 - 2019-05-08 09:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Storm and Sanitary Analysis 2018
2019-10-21 18:03 - 2019-05-08 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk AutoCAD Civil 3D 2018 - English
2019-10-21 18:03 - 2019-04-24 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETABS 2016
2019-10-21 18:03 - 2019-04-15 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGIS 2.18
2019-10-21 18:03 - 2019-03-19 14:18 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-10-21 18:03 - 2019-03-19 14:18 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-10-21 18:03 - 2019-03-19 12:56 - 000000000 ____D C:\WINDOWS\Setup
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Registration
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\IME
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Help
2019-10-21 18:03 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-10-21 18:03 - 2019-03-19 12:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\3082
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1055
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1049
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1046
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1045
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1040
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1036
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1029
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\3082
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1055
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1049
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1046
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1045
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1040
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1036
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1033
2019-10-21 18:03 - 2019-03-14 21:41 - 000000000 ____D C:\WINDOWS\system32\1029
2019-10-21 18:03 - 2018-10-05 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-21 18:03 - 2018-08-26 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2018
2019-10-21 18:03 - 2018-08-25 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IronPython 2.7
2019-10-21 18:03 - 2018-08-25 21:41 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2019-10-21 18:03 - 2018-08-25 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP2700 series Manual
2019-10-21 18:03 - 2018-08-25 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP2700 series
2019-10-21 18:03 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-10-21 18:03 - 2017-09-26 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2019-10-21 18:03 - 2017-05-18 12:29 - 000000000 ____D C:\Program Files\UNP
2019-10-21 18:03 - 2017-04-01 12:05 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-10-21 18:03 - 2017-02-17 18:32 - 000000000 ____D C:\Program Files\Intel
2019-10-21 18:03 - 2017-02-17 18:32 - 000000000 ____D C:\Program Files\CONEXANT
2019-10-21 18:03 - 2017-02-17 18:31 - 000000000 ____D C:\Program Files (x86)\Intel
2019-10-21 18:03 - 2017-01-28 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-10-21 18:03 - 2017-01-28 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-10-21 18:03 - 2017-01-10 14:17 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2019-10-21 18:03 - 2017-01-10 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 360
2019-10-21 18:03 - 2017-01-10 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2017 - English
2019-10-21 18:03 - 2017-01-10 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2019-10-21 18:03 - 2017-01-05 08:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-21 18:03 - 2017-01-05 08:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-10-21 18:03 - 2016-10-16 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2019-10-21 18:03 - 2016-10-16 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameFirst IV
2019-10-21 18:03 - 2016-10-16 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2019-10-21 18:03 - 2016-10-16 17:34 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-10-21 18:03 - 2016-03-31 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2019-10-21 18:03 - 2016-03-31 11:50 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-10-21 18:03 - 2016-03-31 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2019-10-21 18:03 - 2016-03-31 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2019-10-21 18:03 - 2016-03-31 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-10-21 17:31 - 2019-06-27 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bentley Engineering
2019-10-21 17:31 - 2019-03-19 14:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-10-21 17:31 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Resources
2019-10-21 17:31 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-10-21 17:31 - 2019-01-07 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2019-10-21 17:31 - 2018-08-25 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2019-10-21 17:31 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2019-10-21 17:31 - 2017-01-10 14:17 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-10-21 17:31 - 2016-10-16 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2019-10-21 17:31 - 2016-10-16 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2019-10-21 17:31 - 2016-03-31 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KKBOX
2019-10-21 17:30 - 2019-03-19 14:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-21 17:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-10-21 17:14 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-10-21 10:23 - 2019-03-19 12:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-10-21 09:59 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-10-21 09:58 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-21 09:43 - 2017-12-06 22:50 - 000000000 ___RD C:\Users\Hazel\3D Objects
2019-10-21 09:43 - 2016-11-21 07:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-21 02:31 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-10-21 02:25 - 2019-03-19 12:52 - 000000000 __RSD C:\WINDOWS\Media
2019-10-21 02:15 - 2019-09-07 00:13 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly
2019-10-21 02:15 - 2017-01-05 08:04 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-10-21 02:09 - 2017-02-17 18:32 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-10-21 02:09 - 2017-02-17 18:32 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-10-20 12:35 - 2017-03-21 22:56 - 000000000 ____D C:\Users\Hazel\AppData\Local\ElevatedDiagnostics
2019-10-19 23:51 - 2017-01-06 12:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-19 15:01 - 2016-03-31 11:51 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-10-18 16:56 - 2016-03-31 11:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-17 15:06 - 2017-01-05 13:11 - 000000000 ____D C:\Users\Hazel\AppData\Local\Adobe
2019-10-16 23:27 - 2017-02-10 20:55 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-16 23:27 - 2017-02-10 20:55 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-16 23:27 - 2017-02-10 20:55 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-10-16 12:38 - 2019-07-06 12:41 - 000000000 ____D C:\Users\Hazel\Documents\Academic
2019-10-16 09:33 - 2018-11-26 22:27 - 000000000 ____D C:\Users\Hazel\Documents\Important Document
2019-10-15 00:50 - 2019-08-29 19:02 - 000000000 ____D C:\Users\Hazel\Documents\RC STAAD
2019-10-11 14:39 - 2016-03-31 11:49 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-10 08:33 - 2017-01-05 07:56 - 000000000 ___RD C:\Users\Hazel\OneDrive
2019-10-08 22:52 - 2017-01-05 08:02 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-06 00:37 - 2018-07-19 03:21 - 000000000 ____D C:\ProgramData\Packages
2019-10-05 12:18 - 2019-08-29 15:01 - 005804226 _____ C:\Users\Hazel\Documents\Timber Struc.dwg
2019-10-05 12:18 - 2019-08-29 15:01 - 001705748 _____ C:\Users\Hazel\Documents\Timber Archi.dwg
2019-10-04 23:17 - 2019-08-30 08:31 - 000000000 ____D C:\Users\Hazel\Documents\TIMBER
2019-10-04 13:21 - 2019-08-29 15:01 - 001566588 _____ C:\Users\Hazel\Documents\Timber Archi_recover.dwg
2019-10-04 13:21 - 2018-07-06 16:23 - 000000000 ____D C:\Users\Hazel\AppData\Local\D3DSCache
2019-10-04 08:21 - 2018-02-25 00:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-03 16:03 - 2017-01-21 22:55 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\vlc
2019-10-02 17:38 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-10-02 17:22 - 2017-01-05 07:54 - 000000000 ____D C:\Users\Hazel\AppData\Roaming\Adobe
2019-10-02 14:41 - 2017-10-03 23:14 - 000000000 ____D C:\Program Files\rempl
2019-10-02 02:08 - 2017-02-17 19:06 - 000000000 ____D C:\Users\Hazel\AppData\Local\ConnectedDevicesPlatform
 
==================== Files in the root of some directories ================
 
2017-02-09 23:54 - 2017-02-09 23:54 - 007680000 _____ () C:\Program Files (x86)\GUTD843.tmp
2017-09-09 23:45 - 2019-10-23 19:10 - 000000033 _____ () C:\Users\Hazel\AppData\Roaming\AdobeWLCMCache.dat
2019-04-24 09:08 - 2019-04-24 15:57 - 000001269 _____ () C:\Users\Hazel\AppData\Roaming\ETABS 2016.settings
2017-01-05 07:54 - 2019-10-23 22:32 - 000000184 _____ () C:\Users\Hazel\AppData\Roaming\sp_data.sys
2018-07-01 20:41 - 2019-06-22 15:40 - 000001456 _____ () C:\Users\Hazel\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-09-28 13:53 - 2018-09-28 13:53 - 000000000 _____ () C:\Users\Hazel\AppData\Local\oobelibMkey.log
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================

  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,914 posts
  • MVP

How is it running now?


  • 0

#9
heyzeler

heyzeler

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

It worked! Thank you so much! No more error prompt and a lot of things are running a lot smoother.


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,914 posts
  • MVP

Besides the tasks that were causing your error I removed a bunch of dead tasks which might slow the boot.  I also patched a fault caused by an older version of Adobe Acrobat.  Instead of writing temp print files to a Temp folder they left out a \ which results in a lot of these files: C:\Users\Hazel\AppData\Local\Tempzxpsignc18c3376ba03e8ab.  These don't get removed when they should and fill up the hard drive so I also removed all of them. 

 

 

System errors:
=============
Error: (10/23/2019 10:30:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® SGX AESM service hung on starting.
 
Error: (10/23/2019 10:25:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kingsoft_WPS_UpdateService service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/23/2019 10:25:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Kingsoft_WPS_UpdateService service to connect.

 

 
 

 

WPS Office for ASUS probably needs either a new version or a reinstall or just uninstall it and use Open Office or Libre Office. 

 

The Intel SGX AESM error is something new.  See: 

https://www.tenforum...hoose-bios.html

There may be a BIOS setup option that will stop the error.  I think it's mostly used in corporate systems.  May be related to Intel® Security Assist

You can  probably turn it off in services.  Search for

services.msc

hit Enter

That should bring up the Services Menu.  Find AESM service and right click and select Properties then change the Startup Type: to Disabled.  OK.

You can also try Intel® Driver & Support Assistant

https://www.intel.co...ort/detect.html

See if it finds any updates you need.  (If it works).  I'd uninstall it afterwards.

 

Both

 

Intel Security True Key

 

McAfee Security Scan Plus are downloaded  when you update Adobe products and don't uncheck the optional software.  You can uninstall both.


  • 0






Similar Topics


Also tagged with one or more of these keywords: RunDLL

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP