Hi Dr M,
Here are the logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2020
Ran by steven (administrator) on DESKTOP-T3QOQ8M (Acer Aspire XC-885) (10-01-2020 19:59:25)
Running from C:\Users\steve\Desktop
Loaded Profiles: steven (Available Profiles: steven & Hannah & Gillian)
Platform: Windows 10 Home Version 1909 18363.535 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(Genesys Logic, Inc. -> Genesys Logic) C:\Windows\System32\DriverStore\FileRepository\genestor.inf_amd64_312a8313e431fea0\GLCRIconSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\BackItUp.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Numecent, Inc. -> Numecent, Inc.) C:\Program Files\Numecent\Application Jukebox Player\CoreHelper.exe
(Numecent, Inc. -> Numecent, Inc.) C:\Program Files\Numecent\Application Jukebox Player\JukeboxPlayer.exe
(Numecent, Inc. -> Numecent, Inc.) C:\Program Files\Numecent\Application Jukebox Player\StreamingCore.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [833824 2019-01-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Endeavors Technologies JukeboxPlayer] => C:\Program Files\Numecent\Application Jukebox Player\JukeboxPlayer.exe [9502048 2018-01-05] (Numecent, Inc. -> Numecent, Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [240512 2019-10-01] (Mixbyte Inc -> )
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-10] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {047897D2-0360-490B-89BB-878BC9423040} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {08D9BE40-BB0A-403B-9B9B-8DF56CFDFEBA} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer)
Task: {11B6C694-1150-44F3-B15B-A1C079DD728E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {11FCE56F-B175-4196-AA30-03BB2A0E2BB7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E93BBB1-05A8-4B28-928B-AA4D117B8E19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6072640 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {36AE74CE-BD1E-43A6-9A88-92EB73F5C0D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-10] (Google Inc -> Google Inc.)
Task: {47C00096-32F7-494C-A133-CCA98FFC2435} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {5226BDA0-2594-4B9F-A176-7BC3C41AEC0A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {561146FA-04F5-4530-ADC1-48FBA98F6514} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {74C892B5-18A8-4E50-8C75-BE40397E021F} - System32\Tasks\CareCenter\Nero BackItUp_Reg_HKLMWow6432Run => C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1163128 2017-06-20] (Nero AG -> Nero AG)
Task: {8AE35E82-86B2-43A1-80B5-F3E464A1155C} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7018264 2018-07-18] (Nero AG -> Nero AG)
Task: {90F2304A-3E30-46CC-B1A9-CDA9E41B86DC} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {9743CBBB-7CE1-4AEE-A56E-B7DFEC0277D6} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {99623E9F-1E61-4B4C-B0CD-67B8BA5B9560} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-10-30] (Acer Incorporated -> )
Task: {9C315710-0C24-47F7-927E-0AAE08F72DC2} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41264 2017-10-30] (Acer Incorporated -> )
Task: {A0F7A91E-3E93-4DEA-96D7-B1E9A3B6D43F} - System32\Tasks\CareCenter\SecurityHealth_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe
Task: {A452D356-0C8D-441C-9D38-1882E43A46EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA17C4EE-F13B-47F8-9012-0373286429A0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF9D590B-8B7E-4437-9F30-E8A336DD0967} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-10] (Google Inc -> Google Inc.)
Task: {B3879CA8-817E-48A8-A00E-1BD925E9B8BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDA06BAF-CB4C-4664-BBE7-49E967E1CFD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6072640 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF342BB0-ADA7-44F2-925B-A375009F6CEA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368 2018-08-03] (Acer Incorporated -> Acer Incorporated)
Task: {E254F695-21D1-4CB4-A94D-F66A063F0A75} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {EAB7A5E4-8512-4B60-A2A4-95F1DA20556E} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-09-13] (Acer Incorporated -> TODO: <Company name>)
Task: {F600DCA5-31C6-4BFA-BF87-A7FB03584C8F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447280 2019-09-27] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{47a49dfe-5532-4bd4-b40a-03730b7d6cd7}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Internet Explorer:
==================
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\steve\Downloads
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-03-06] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://google.co.uk/"
CHR Notifications: Default -> hxxps://www.epson.co.uk; hxxps://www.facebook.com; hxxps://www.tui.co.uk
CHR Profile: C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default [2020-01-10]
CHR Extension: (Slides) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-10]
CHR Extension: (Docs) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-10]
CHR Extension: (Google Drive) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-10]
CHR Extension: (YouTube) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-10]
CHR Extension: (Sheets) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-10]
CHR Extension: (Google Docs Offline) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10]
CHR Extension: (Gmail) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-10-01] (Mixbyte Inc -> Freemake)
R2 GeneStorSvc; C:\WINDOWS\System32\DriverStore\FileRepository\genestor.inf_amd64_312a8313e431fea0\GLCRIconSvc.exe [149592 2017-12-24] (Genesys Logic, Inc. -> Genesys Logic)
S4 HfcDisableService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\HfcDisableService.exe [1710736 2018-12-06] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2788496 2018-12-06] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542872 2018-02-15] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\Intel\iCLS Client\lib\SocketHeciServer.exe [765112 2018-04-25] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\WINDOWS\System32\Intel\iCLS Client\lib\TPMProvisioningService.exe [731832 2018-04-25] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe [647568 2019-04-30] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2018-02-07] (Intel® Wireless Connectivity Solutions -> )
R2 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-06-20] (Nero AG -> Nero AG)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [523568 2019-09-27] (Acer Incorporated -> Acer Incorporated)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe [1969288 2018-12-06] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [833824 2019-01-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 StreamingCore; C:\Program Files\Numecent\Application Jukebox Player\StreamingCore.exe [6788416 2018-01-05] (Numecent, Inc. -> Numecent, Inc.)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-09-13] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3851432 2018-02-07] (Intel® Wireless Connectivity Solutions -> Intel® Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-01-10] (Malwarebytes Corporation -> Malwarebytes)
R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [200064 2017-12-24] (Genesys Logic, Inc. -> Genesys Logic)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094800 2018-12-06] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [73360 2018-12-06] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136680 2018-02-15] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2020-01-10] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2020-01-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-01-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2020-01-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2020-01-10] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw08; C:\WINDOWS\System32\drivers\Netwtw08.sys [9122296 2019-04-29] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010624 2017-12-20] (Realtek Semiconductor Corp. -> Realtek )
R2 StreamingFSD; C:\WINDOWS\System32\DRIVERS\StreamingFSD.sys [791288 2018-01-08] (Numecent, Inc. -> Numecent, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-10 19:59 - 2020-01-10 20:00 - 000026023 _____ C:\Users\steve\Desktop\FRST.txt
2020-01-10 19:57 - 2020-01-10 19:57 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-01-10 19:55 - 2020-01-10 19:55 - 000000020 ___SH C:\Users\steve\ntuser.ini
2020-01-10 19:55 - 2020-01-10 19:55 - 000000000 ____D C:\Users\steve\AppData\Local\PackageStaging
2020-01-10 18:43 - 2020-01-10 19:57 - 000003534 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2020-01-10 18:43 - 2020-01-10 18:44 - 000004302 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2020-01-10 18:43 - 2020-01-10 18:44 - 000003852 _____ C:\WINDOWS\system32\Tasks\ACCAgent
2020-01-10 18:43 - 2020-01-10 18:44 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-10 18:43 - 2020-01-10 18:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1741543102-3776721137-2454621359-1003
2020-01-10 18:43 - 2020-01-10 18:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1741543102-3776721137-2454621359-1002
2020-01-10 18:43 - 2020-01-10 18:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1741543102-3776721137-2454621359-1001
2020-01-10 18:43 - 2020-01-10 18:44 - 000002770 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task v2
2020-01-10 18:43 - 2020-01-10 18:44 - 000002766 _____ C:\WINDOWS\system32\Tasks\UbtFrameworkService
2020-01-10 18:43 - 2020-01-10 18:44 - 000002222 _____ C:\WINDOWS\system32\Tasks\Quick Access
2020-01-10 18:43 - 2020-01-10 18:43 - 000003692 _____ C:\WINDOWS\system32\Tasks\AcerCMUpdateTask2.1.16258
2020-01-10 18:43 - 2020-01-10 18:43 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-10 18:43 - 2020-01-10 18:43 - 000002820 _____ C:\WINDOWS\system32\Tasks\ACC
2020-01-10 18:43 - 2020-01-10 18:43 - 000002630 _____ C:\WINDOWS\system32\Tasks\Acer Collection Monitor Application
2020-01-10 18:43 - 2020-01-10 18:43 - 000002596 _____ C:\WINDOWS\system32\Tasks\Acer Collection Application
2020-01-10 18:43 - 2020-01-10 18:43 - 000002328 _____ C:\WINDOWS\system32\Tasks\ACCBackgroundApplication
2020-01-10 18:43 - 2020-01-10 18:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-10 18:43 - 2020-01-10 18:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Oem
2020-01-10 18:43 - 2020-01-10 18:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Nero
2020-01-10 18:43 - 2020-01-10 18:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2020-01-10 18:43 - 2020-01-10 18:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\CareCenter
2020-01-10 18:43 - 2020-01-10 18:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-10 18:42 - 2020-01-10 18:43 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2020-01-10 18:42 - 2020-01-10 18:43 - 000015243 _____ C:\WINDOWS\diagerr.xml
2020-01-10 18:34 - 2020-01-10 18:34 - 000842708 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-10 18:31 - 2020-01-10 18:31 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-01-10 18:31 - 2020-01-10 18:31 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-01-10 18:31 - 2020-01-10 18:31 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-01-10 18:28 - 2020-01-10 18:28 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-10 18:23 - 2020-01-10 19:55 - 000000000 ____D C:\Users\steve
2020-01-10 18:23 - 2020-01-10 18:34 - 000000000 ____D C:\Users\Gillian
2020-01-10 18:23 - 2020-01-10 18:32 - 000000000 ____D C:\Users\Hannah
2020-01-10 18:23 - 2019-03-19 04:46 - 000001105 _____ C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-10 18:23 - 2019-03-19 04:46 - 000001105 _____ C:\Users\Hannah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-10 18:23 - 2019-03-19 04:46 - 000001105 _____ C:\Users\Gillian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-10 18:19 - 2019-10-07 02:57 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-01-10 18:19 - 2018-03-02 06:11 - 000144832 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2020-01-10 18:19 - 2018-03-02 06:11 - 000119744 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2020-01-10 18:16 - 2020-01-10 18:17 - 000000000 __SHD C:\IntelOptaneData
2020-01-10 18:15 - 2020-01-10 19:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-10 18:15 - 2020-01-10 18:27 - 000588232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-10 18:14 - 2020-01-10 18:45 - 000000000 ____D C:\Windows.old
2020-01-10 18:01 - 2020-01-10 18:14 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-01-10 18:00 - 2020-01-10 18:01 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-01-10 18:00 - 2020-01-10 18:00 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-01-10 17:55 - 2020-01-10 17:55 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 008011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 005501952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 004307968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 003967920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-10 17:55 - 2020-01-10 17:55 - 002586816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 002562048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 002258848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001916984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001691648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001017680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2020-01-10 17:55 - 2020-01-10 17:55 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-10 17:55 - 2020-01-10 17:55 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-01-10 17:55 - 2020-01-10 17:55 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-01-10 17:55 - 2020-01-10 17:55 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2020-01-10 17:55 - 2020-01-10 17:55 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2020-01-10 17:55 - 2020-01-10 17:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2020-01-10 17:55 - 2020-01-10 17:55 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-01-10 17:55 - 2020-01-10 17:55 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-01-10 17:55 - 2020-01-10 17:55 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-01-10 17:55 - 2020-01-10 17:55 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-01-10 17:55 - 2020-01-10 17:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-01-10 17:55 - 2020-01-10 17:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-01-10 17:55 - 2020-01-10 17:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2020-01-10 17:55 - 2020-01-10 17:55 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2020-01-10 17:55 - 2020-01-10 17:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-01-10 17:55 - 2020-01-10 17:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 006166016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 004615616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 004047360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 003591208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 003371928 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 003105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 002772272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 002126112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001974824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-01-10 17:54 - 2020-01-10 17:54 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-01-10 17:54 - 2020-01-10 17:54 - 001327064 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000911824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000874536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-01-10 17:54 - 2020-01-10 17:54 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-01-10 17:54 - 2020-01-10 17:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000088568 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-01-10 17:54 - 2020-01-10 17:54 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-01-10 17:54 - 2020-01-10 17:54 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2020-01-10 17:54 - 2020-01-10 17:54 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-01-10 17:54 - 2020-01-10 17:54 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-01-10 17:46 - 2020-01-10 17:46 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-01-10 17:46 - 2020-01-10 17:46 - 000000000 ____D C:\Program Files\MSBuild
2020-01-10 17:46 - 2020-01-10 17:46 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-01-10 17:46 - 2019-03-18 19:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2020-01-10 17:46 - 2019-03-18 19:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-01-10 17:46 - 2019-03-18 19:16 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2020-01-10 17:46 - 2019-03-18 18:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2020-01-10 17:46 - 2019-03-18 18:09 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2020-01-10 17:46 - 2019-03-01 17:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2020-01-10 17:46 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-01-10 17:46 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-01-10 17:46 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2020-01-10 17:46 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2020-01-10 17:46 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-01-10 17:46 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2020-01-10 17:46 - 2018-08-09 14:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2020-01-10 17:43 - 2020-01-10 17:43 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-10 17:43 - 2020-01-10 17:43 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-10 17:16 - 2020-01-10 19:55 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-10 17:13 - 2020-01-10 17:16 - 000000036 _____ C:\WINDOWS\progress.ini
2020-01-10 17:05 - 2020-01-10 17:13 - 000000000 ___HD C:\$GetCurrent
2020-01-10 17:05 - 2020-01-10 17:13 - 000000000 ____D C:\Windows10Upgrade
2020-01-10 17:05 - 2020-01-10 17:05 - 006261368 _____ (Microsoft Corporation) C:\Users\steve\Downloads\Windows10Upgrade9252.exe
2020-01-10 17:05 - 2020-01-10 17:05 - 000000735 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2020-01-10 17:05 - 2020-01-10 17:05 - 000000723 _____ C:\Users\steve\Desktop\Windows 10 Update Assistant.lnk
2020-01-10 12:05 - 2020-01-10 12:05 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-09 21:41 - 2020-01-09 21:42 - 000001234 _____ C:\Users\steve\Desktop\New Text Document.txt
2020-01-09 21:27 - 2020-01-09 21:27 - 000000000 ____D C:\Users\steve\AppData\Local\mbamtray
2020-01-09 21:27 - 2020-01-09 21:27 - 000000000 ____D C:\Users\steve\AppData\Local\mbam
2020-01-09 21:26 - 2020-01-10 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-09 21:26 - 2020-01-10 12:05 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-01-09 21:26 - 2020-01-09 21:26 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-09 21:26 - 2020-01-09 21:26 - 000001916 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-09 21:26 - 2020-01-09 21:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-09 21:26 - 2020-01-09 21:26 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-09 21:26 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-01-09 21:25 - 2020-01-09 21:25 - 064333800 _____ (Malwarebytes ) C:\Users\steve\Desktop\mb3-setup-1878.1878-3.8.3.2965.exe
2020-01-09 08:16 - 2020-01-10 19:59 - 000000000 ____D C:\FRST
2020-01-09 08:15 - 2020-01-09 08:15 - 002573312 _____ (Farbar) C:\Users\steve\Desktop\FRST64.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-10 19:59 - 2019-03-19 04:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-10 19:57 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-10 19:55 - 2019-03-19 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-10 19:55 - 2018-10-10 17:55 - 000000000 ___RD C:\Users\steve\3D Objects
2020-01-10 19:55 - 2018-10-10 17:55 - 000000000 ____D C:\Users\steve\AppData\Local\Packages
2020-01-10 19:55 - 2018-07-12 17:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-10 18:45 - 2019-03-19 04:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-01-10 18:44 - 2019-03-19 04:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-10 18:43 - 2019-03-19 04:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-01-10 18:41 - 2019-03-19 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-10 18:32 - 2018-10-10 19:55 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-10 18:32 - 2018-10-10 19:55 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-10 18:32 - 2018-10-10 19:55 - 000002264 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-10 18:26 - 2019-03-19 04:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-01-10 18:25 - 2018-10-10 19:49 - 000000000 ____D C:\Users\Gillian\AppData\Local\Packages
2020-01-10 18:24 - 2019-12-02 08:11 - 000000000 ____D C:\Users\steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2020-01-10 18:23 - 2018-10-10 19:33 - 000000000 ____D C:\Users\Hannah\AppData\Local\Packages
2020-01-10 18:14 - 2019-12-02 08:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-01-10 18:14 - 2019-11-14 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cloudpaging Player
2020-01-10 18:14 - 2019-11-14 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
2020-01-10 18:14 - 2019-09-11 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2020-01-10 18:14 - 2019-06-29 10:20 - 000000000 ____D C:\Program Files\UNP
2020-01-10 18:14 - 2019-04-18 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2020-01-10 18:14 - 2019-04-10 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 __RHD C:\Users\Public\Libraries
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\spool
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\Registration
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-10 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-10 18:14 - 2019-03-19 04:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-01-10 18:14 - 2018-10-10 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2020-01-10 18:14 - 2018-10-10 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2018
2020-01-10 18:14 - 2018-10-10 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2020-01-10 18:14 - 2018-10-10 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer
2020-01-10 18:14 - 2018-10-10 16:43 - 000000000 ____D C:\WINDOWS\oem
2020-01-10 18:14 - 2018-09-15 07:33 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-01-10 18:14 - 2018-09-15 07:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-01-10 18:14 - 2018-07-12 18:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14
2020-01-10 18:14 - 2018-07-12 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2020-01-10 18:14 - 2018-07-12 17:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2020-01-10 18:14 - 2018-07-12 17:38 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2020-01-10 18:14 - 2018-07-12 17:26 - 000000000 ____D C:\Program Files\Intel
2020-01-10 18:02 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\Resources
2020-01-10 18:02 - 2018-11-10 07:46 - 000000000 ____D C:\WINDOWS\system32\Intel
2020-01-10 18:01 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\Help
2020-01-10 18:01 - 2018-10-23 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2020-01-10 17:58 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-01-10 17:58 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-10 17:58 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-10 17:58 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-01-10 17:58 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-10 17:58 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-01-10 17:58 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-01-10 17:58 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-01-10 17:58 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-10 17:58 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-10 17:47 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2020-01-10 17:47 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2020-01-10 17:47 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2020-01-10 17:47 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2020-01-10 17:47 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2020-01-10 17:47 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2020-01-10 17:47 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2020-01-10 17:47 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-01-10 17:45 - 2019-03-19 04:56 - 000000000 ____D C:\WINDOWS\Setup
2020-01-09 08:11 - 2018-10-10 20:44 - 000000000 ____D C:\Users\steve\Desktop\Stevies Music
2020-01-07 15:41 - 2018-10-10 19:49 - 000000000 __SHD C:\Users\Gillian\IntelGraphicsProfiles
2019-12-17 18:02 - 2018-10-10 19:59 - 000000000 ____D C:\Users\Gillian\Desktop\ARF General
2019-12-17 17:57 - 2018-10-10 20:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-17 17:53 - 2018-10-10 20:45 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-17 17:31 - 2018-10-10 18:30 - 000000000 ____D C:\Program Files\Microsoft Office
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
And
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by steven (10-01-2020 20:00:55)
Running from C:\Users\steve\Desktop
Windows 10 Home Version 1909 18363.535 (X64) (2020-01-10 18:45:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1741543102-3776721137-2454621359-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1741543102-3776721137-2454621359-503 - Limited - Disabled)
Gillian (S-1-5-21-1741543102-3776721137-2454621359-1003 - Limited - Enabled) => C:\Users\Gillian
Guest (S-1-5-21-1741543102-3776721137-2454621359-501 - Limited - Disabled)
Hannah (S-1-5-21-1741543102-3776721137-2454621359-1002 - Limited - Enabled) => C:\Users\Hannah
steven (S-1-5-21-1741543102-3776721137-2454621359-1001 - Administrator - Enabled) => C:\Users\steve
WDAGUtilityAccount (S-1-5-21-1741543102-3776721137-2454621359-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{353B4583-ED04-4DF2-A1D6-A5A3EF5C4EBF}) (Version: 3.2.18270.20 - Acer)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.03.3005 - Acer Incorporated)
calibre (HKLM-x32\...\{FD6B4DA3-5E7B-499E-841D-B797BED0CC47}) (Version: 3.48.0 - Kovid Goyal)
Cloudpaging Player (HKLM\...\{23F6FB7C-C1E2-491B-91A1-0441D5191BC7}) (Version: 9.0.4.21424 - Numecent, Inc.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.8216.01 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.2 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Freemake Video Converter version 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
IBM SPSS Statistics 26 (HKLM\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1808.12.0.1102 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000040-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.40.0 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{2D79E334-B178-45B9-A2A6-7A60A084C268}) (Version: 16.8.0.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{18ec79fd-8f83-4e12-bfa5-80c9872cc56b}) (Version: 20.40.0 - Intel Corporation)
iPod Support (HKLM\...\{57D75376-1F31-4182-8EC8-31A6785ABF29}) (Version: 120.7.3.55 - Apple Inc.)
MAGIX Fastcut (Editing templates 1) (HKLM\...\{397087AF-DB1A-4B60-84A7-436DC262CEC2}) (Version: 1.1.0.0 - MAGIX Software GmbH) Hidden
MAGIX Fastcut (Editing templates 1) (HKLM\...\MX.{397087AF-DB1A-4B60-84A7-436DC262CEC2}) (Version: 1.1.0.0 - MAGIX Software GmbH)
MAGIX Fastcut (Editing templates 2) (HKLM\...\{B4E4BC18-102D-46D0-9A40-C42F9E7D6337}) (Version: 1.1.0.0 - MAGIX Software GmbH) Hidden
MAGIX Fastcut (Editing templates 2) (HKLM\...\MX.{B4E4BC18-102D-46D0-9A40-C42F9E7D6337}) (Version: 1.1.0.0 - MAGIX Software GmbH)
MAGIX Fastcut (HKLM\...\{79BB86DF-723E-416A-81F2-E4F88FB71936}) (Version: 1.0.0.85 - MAGIX Software GmbH) Hidden
MAGIX Fastcut (HKLM\...\MX.{79BB86DF-723E-416A-81F2-E4F88FB71936}) (Version: 1.0.0.85 - MAGIX Software GmbH)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Music Recorder (HKLM-x32\...\{F3949798-3544-433B-B5AB-A61F32F0386F}) (Version: 18.001.2 - Nero AG) Hidden
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
Nero 2018 (HKLM-x32\...\{CFA36B53-7209-4A84-88D3-68CDFFB3C59B}) (Version: 19.0.03500 - Nero AG)
Nero 2018 Content Pack 1 (HKLM-x32\...\{7165E866-AD18-4780-8578-EBBAFA0408B0}) (Version: 19.0.00700 - Nero AG)
Nero 2018 Content Pack 2 (HKLM-x32\...\{4ADCBD86-F84B-4D5F-9D8E-3DF21EB83811}) (Version: 19.0.01000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0003 - Nero AG) Hidden
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3009 - Acer Incorporated)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8383 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Packages:
=========
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-21] (Acer Incorporated)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.22.8816.0_x86__q4d96b2w5wcc2 [2020-01-07] (Evernote)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-11] (Facebook Inc)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-17] (Apple Inc.) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2019-05-16] (Facebook Inc)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2018-10-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2018-10-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2019-06-29] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2018-07-12] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3001.0_x64__48frkmn4z8aw4 [2018-10-10] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.169.0_x64__dt26b99r8h8gj [2019-07-07] (Realtek Semiconductor Corp)
Samsung Gallery -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.PCGallery_4.1.7.0_x64__3c1yjt4zspk6g [2019-12-19] (Samsung Electronics Co. Ltd.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-06-29] (Random Salad Games LLC) [MS Ad]
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_5.2.24.0_x64__kx24dqmazqk8j [2018-07-12] (Random Salad Games LLC) [MS Ad]
Zip Extractor Pro -> C:\Program Files\WindowsApps\38526MediaLife.ZipPlus_1.1.6.0_x86__1crh1k73ty8mg [2019-11-14] (Media Life)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3156b3035fd88b4d\igfxDTCM.dll [2018-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2018-12-03 21:19 - 2018-12-03 21:19 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2019-03-06 21:45 - 2007-09-18 16:44 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2019-03-06 21:45 - 2007-09-10 15:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2019-03-06 21:45 - 2006-12-26 14:58 - 000233544 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2019-03-06 21:45 - 2004-11-17 16:56 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2019-03-06 21:45 - 2007-09-10 15:32 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2019-03-06 21:45 - 2006-08-30 01:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2019-02-22 17:01 - 2019-02-22 17:01 - 000704512 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll
2019-02-22 15:09 - 2019-02-22 15:09 - 000475136 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Online Manual_00000013\MepFAQ.dll
2019-03-06 21:27 - 2012-11-12 15:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2019-03-06 21:27 - 2012-10-22 17:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 13:46 - 2017-09-29 13:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000002"
HKU\S-1-5-21-1741543102-3776721137-2454621359-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8251AD1A-DD62-4330-9B8E-7575158B4937}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{25F2061C-BB02-4A73-9676-71C854DC77E3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{326AC1FC-53C0-4969-B8F4-A712B661ED16}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A943F6D2-56F7-4955-937F-4267CF4C9C42}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8246BC88-4069-4038-A59F-AF64B15F5F43}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1A428BDC-1F88-4673-B35F-3655BE2D5FBB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3D5EFFFA-6F4A-4044-86E7-6E9B961E8511}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{199A4508-1E14-4F00-AE38-A60D93F67D7E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7EA9DDF8-F191-43B7-A76C-BB11E3A6BC28}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{38919211-491A-4399-942E-8B30C4EA6645}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{A16E47A8-211F-4C36-8DA0-694CCD4A95CB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{95236E62-7ACB-4C8D-8E14-7BAE7CD20548}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{F01C3573-9E22-458A-91CE-5DB8F87466B3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{972566EC-13CB-4389-975F-449D3598E771}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{762E09DF-D209-4C13-A0E4-3B1D507301E2}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{C1039280-49B6-4832-98CC-D463F2889E8D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4C5CAB28-7A10-4992-B0C9-70236A8C60A9}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{17D38086-9743-4EDF-A691-D604CA563BF2}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{8512E3DC-37D3-49EE-B00D-A3EEF04AD6F4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82A5AD19-DA39-4D7A-AD87-F36E470DECF0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E19D774-3AD9-40E7-8A57-3EC857B324B6}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{D8CD1526-D62D-4560-B9BE-5C7DD465AF66}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{1FF9056C-18B8-4C4C-9D20-C003728090EE}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{A784AB41-9E8F-46F0-9E57-AF1311F23631}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container64.exe (Open Labs, LLC -> )
FirewallRules: [{923C6F2D-B29D-4895-BFA1-48EB43990A10}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{B0AB877D-0BC9-4591-95DF-99105791A82B}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{C4B06792-EBC8-4B07-9AED-66B147D119DC}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{8EBD3890-585B-4E72-A392-F0248E6A25D5}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight Container32.exe (Open Labs, LLC -> )
FirewallRules: [{F7769D7A-AE6B-45E3-B473-81F59F1CF973}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{D43775B1-7D82-4961-B564-BAD29245AD03}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{D4AA9B30-D49F-40AB-B4D0-6972C69BA846}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{71B9035B-6E96-481F-B4D0-8879D188A65E}] => (Allow) C:\Program Files\WindowsApps\OpenLabsLLC.58714A8CB3A31_4.0.7326.0_x64__xgwf4v8gps778\Stagelight.exe (Open Labs, LLC -> )
FirewallRules: [{2C5578D0-6D29-494E-B3A2-EBD34B6980FC}] => (Allow) C:\Users\steve\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{19E30E0A-0651-495C-A131-EBF39A65F1BD}] => (Allow) C:\Users\steve\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{7C5949E0-929E-4D54-A026-E04F2F4BE8C4}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{E2924F25-34C0-4626-A9C9-19DA4B24F666}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{3A5D0AC9-B794-4203-9E59-FBFE5B54489D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{880BC1A5-BE3A-4458-8036-821E59639861}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{7281B20E-EDC8-4CCB-8E0A-F2F49469F7D4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{342937BD-E016-4532-A04F-FBEBD049AAF4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{DF20B925-1023-4762-81E7-98EC3A4B2A1F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{9ADEFCFF-9482-44EA-A424-A120B8199C5A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{FD7A0653-41F4-4E71-B8C5-AF429A19D91C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3D202D25-7419-4351-AB12-F47701FDF589}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09EC6237-0455-4632-A697-D4D68AA27CC1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{7197BF68-838D-4363-8861-6BF58CA46EAB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe No File
FirewallRules: [{76160FCB-23E9-44C7-B7B4-267B19F98FDC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe No File
FirewallRules: [{FCBA071B-62BB-4133-A9A7-D361BFA1A0BB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{77259A9F-07D7-4765-AE66-E8863DFAB8A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
FirewallRules: [{9722F32B-89D4-46D9-8C3B-E2337F9B9FA0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
FirewallRules: [{5EEB7081-F60A-45BE-ADF0-2E30DBC8AD5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10827.20150.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7803DB8D-20DC-4719-8CC9-80C7D9050672}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D9EF68A9-874C-45C3-87A2-DFBD76523449}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{89F9BE8B-7F6C-4FA2-A671-7C6C33D86257}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{45CCA6A0-26E7-4386-8124-A066D364B243}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64E67CCB-690C-4DE7-AA37-73D3B1CECCA0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF5FD869-0C66-4216-BAA9-23E48D8BE971}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3353EE94-63C6-40A8-96F1-6D76C8729B69}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{96366D79-7BD9-4D32-898E-F41FA739D322}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:465.19 GB) (Free:340.04 GB) (73%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/10/2020 06:35:42 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelQosEvent" whose target class "CIntelQosEvent" in //./ROOT/default namespace does not exist. The query will be ignored.
Error: (01/10/2020 06:35:42 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelDot1xEvent" whose target class "CIntelDot1xEvent" in //./ROOT/default namespace does not exist. The query will be ignored.
Error: (01/10/2020 06:35:42 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider IntelWLANEventProvider attempted to register query "select * from CIntelWLANEvent" whose target class "CIntelWLANEvent" in //./ROOT/default namespace does not exist. The query will be ignored.
Error: (01/10/2020 06:35:42 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from CIntelQosEvent" whose target class "CIntelQosEvent" in //./ROOT/default namespace does not exist. The query will be ignored.
Error: (01/10/2020 06:35:42 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from CIntelDot1xEvent" whose target class "CIntelDot1xEvent" in //./ROOT/default namespace does not exist. The query will be ignored.
Error: (01/10/2020 06:35:42 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider attempted to register query "select * from CIntelWLANEvent" whose target class "CIntelWLANEvent" in //./ROOT/default namespace does not exist. The query will be ignored.
Error: (01/10/2020 06:20:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GLCRIconSvc.exe, version: 1.0.0.0, time stamp: 0x5a25299e
Faulting module name: CFGMGR32.dll, version: 10.0.18362.387, time stamp: 0xe4afe536
Exception code: 0xc0000005
Fault offset: 0x0000b79d
Faulting process ID: 0x1190
Faulting application start time: 0x01d5c7e29d94b553
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\genestor.inf_amd64_312a8313e431fea0\GLCRIconSvc.exe
Faulting module path: C:\WINDOWS\System32\CFGMGR32.dll
Report ID: 3cec5672-3625-4b0e-a8d9-0f6e240598d6
Faulting package full name:
Faulting package-relative application ID:
Error: (01/10/2020 06:19:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: The Cryptographic Services service failed to initialise the Catalogue Database. The error was: -2147418113 (0x8000ffff) : Catastrophic failure
.
System errors:
=============
Error: (01/10/2020 06:28:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The ZeroConfigService service terminated with the following error:
%%2147770990
Error: (01/10/2020 06:25:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.
Error: (01/10/2020 06:25:10 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.
Error: (01/10/2020 06:23:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.
Error: (01/10/2020 06:23:10 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.
Error: (01/10/2020 06:21:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Network List Service service terminated with the following error:
The device is not ready.
Error: (01/10/2020 06:21:10 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.
Error: (01/10/2020 06:20:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Genesys Logic Service service terminated unexpectedly. It has done this 1 time(s).
CodeIntegrity:
===================================
Date: 2020-01-10 19:58:57.908
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-10 19:58:23.672
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-10 19:58:23.647
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-10 19:58:23.630
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-10 19:58:21.162
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-10 19:57:53.828
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-10 19:57:53.281
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-10 19:57:51.960
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc R01-A2 05/08/2018
Motherboard: Acer Aspire XC-885
Processor: Intel® Core i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 43%
Total physical RAM: 8066.76 MB
Available physical RAM: 4546.09 MB
Total Virtual: 9986.76 MB
Available Virtual: 6606.46 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:465.19 GB) (Free:340.04 GB) NTFS
Drive d: (Data) (Fixed) (Total:465.2 GB) (Free:458.33 GB) NTFS
Drive f: (WD Unlocker) (CDROM) (Total:0.02 GB) (Free:0 GB) UDF
\\?\Volume{af1a4e76-2cab-42a1-b627-2319125239c2}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.52 GB) NTFS
\\?\Volume{e98a5c0c-fd67-4cc4-8a80-21ad4146b416}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2034C532)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================