Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help with sluggish computer not rendering images properly

rendering Revit GPU Dell AMD graphics

  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,944 posts
  • MVP

Go to:

https://www.dell.com...ZaZz090/drivers

 

Download and install the

Realtek High Definition Audio Driver

 

AMD Radeon R2/R3/R4/R5/R6 and AMD Radeon R5 M335 Graphics Drive

 

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

Type:

 DISM  /Online  /Cleanup-Image  /RestoreHealth

 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow



This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt


Hit Enter.  Then type::


notepad %UserProfile%\desktop\junk.txt

Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)


 


  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,944 posts
  • MVP

I'm going to take a short nap.  Will get back to you in an hour or so.


  • 0

#18
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

It was a flash drive and a bluetooth mouse dongle. They're gone now.

Attached Thumbnails

  • latmon2.jpg

  • 0

#19
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

No problem, it's 4am where I am so I'm likely to do the same!

Attached Thumbnails

  • latmon3.jpg

  • 0

#20
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Ok, when you're right, hit me with the next step :) I'll be around on and off for the next 10-12 hours.


  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,944 posts
  • MVP

I think you missed my next to last post:

http://www.geekstogo...-2#entry2646929

 

What country are you in?


  • 0

#22
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 5/04/2020 1:35:17 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 4/04/2020 12:06:30 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 4/04/2020 4:01:54 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 2/04/2020 11:36:02 AM
Type: Critical Category: 64
Event: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple Mobile Device USB Device (location 0000.0012.0000.001.003.000.000.000.000) is offline due to a user-mode driver crash.  Windows will attempt to restart the device 4 more times.  Please contact the device manufacturer for more information about this problem.

Log: 'System' Date/Time: 2/04/2020 11:36:02 AM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.

Log: 'System' Date/Time: 2/04/2020 11:34:35 AM
Type: Critical Category: 64
Event: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple Mobile Device USB Device (location 0000.0012.0000.001.003.000.000.000.000) is offline due to a user-mode driver crash.  Windows will attempt to restart the device 5 more times.  Please contact the device manufacturer for more information about this problem.

Log: 'System' Date/Time: 2/04/2020 11:34:35 AM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.

Log: 'System' Date/Time: 1/04/2020 5:06:50 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 30/03/2020 8:24:43 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 28/03/2020 7:17:11 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 24/03/2020 10:47:00 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 24/03/2020 1:04:54 PM
Type: Critical Category: 64
Event: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple Mobile Device USB Device (location 0000.0010.0000.003.000.000.000.000.000) is offline due to a user-mode driver crash.  Windows will attempt to restart the device 5 more times.  Please contact the device manufacturer for more information about this problem.

Log: 'System' Date/Time: 24/03/2020 1:04:54 PM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.

Log: 'System' Date/Time: 24/03/2020 8:57:32 AM
Type: Critical Category: 64
Event: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple Mobile Device USB Device (location 0000.0010.0000.003.000.000.000.000.000) is offline due to a user-mode driver crash.  Windows will attempt to restart the device 5 more times.  Please contact the device manufacturer for more information about this problem.

Log: 'System' Date/Time: 24/03/2020 8:57:32 AM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.

Log: 'System' Date/Time: 19/03/2020 8:12:48 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 13/03/2020 3:57:52 PM
Type: Critical Category: 64
Event: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device Apple Mobile Device USB Device (location 0000.0010.0000.003.000.000.000.000.000) is offline due to a user-mode driver crash.  Windows will attempt to restart the device 5 more times.  Please contact the device manufacturer for more information about this problem.

Log: 'System' Date/Time: 13/03/2020 3:57:52 PM
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 4/04/2020 2:06:06 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Virtual Router service failed to start due to the following error:  The system cannot find the file specified.

Log: 'System' Date/Time: 4/04/2020 2:04:45 PM
Type: Error Category: 0
Event: 15 Source: TPM
The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Log: 'System' Date/Time: 4/04/2020 2:03:14 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 4/04/2020 1:49:24 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Virtual Router service failed to start due to the following error:  The system cannot find the file specified.

Log: 'System' Date/Time: 4/04/2020 1:48:03 PM
Type: Error Category: 0
Event: 15 Source: TPM
The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Log: 'System' Date/Time: 4/04/2020 1:42:53 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Virtual Router service failed to start due to the following error:  The system cannot find the file specified.

Log: 'System' Date/Time: 4/04/2020 1:41:41 PM
Type: Error Category: 0
Event: 15 Source: TPM
The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Log: 'System' Date/Time: 4/04/2020 12:07:52 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Virtual Router service failed to start due to the following error:  The system cannot find the file specified.

Log: 'System' Date/Time: 4/04/2020 12:06:32 PM
Type: Error Category: 0
Event: 15 Source: TPM
The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Log: 'System' Date/Time: 4/04/2020 12:07:48 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 5:43:08 PM on ?4/?04/?2020 was unexpected.

Log: 'System' Date/Time: 4/04/2020 12:06:25 PM
Type: Error Category: 0
Event: 16 Source: Microsoft-Windows-Kernel-Boot
Windows failed to resume from hibernate with error status 0xC0000411.

Log: 'System' Date/Time: 4/04/2020 4:03:13 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Virtual Router service failed to start due to the following error:  The system cannot find the file specified.

Log: 'System' Date/Time: 4/04/2020 4:01:56 AM
Type: Error Category: 0
Event: 15 Source: TPM
The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Log: 'System' Date/Time: 4/04/2020 4:01:50 AM
Type: Error Category: 0
Event: 29 Source: Microsoft-Windows-Kernel-Boot
Windows failed fast startup with error status 0xC00000D4.

Log: 'System' Date/Time: 4/04/2020 4:03:08 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 4:51:11 AM on ?4/?04/?2020 was unexpected.

Log: 'System' Date/Time: 3/04/2020 5:13:25 AM
Type: Error Category: 0
Event: 15 Source: TPM
The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Log: 'System' Date/Time: 2/04/2020 3:19:21 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Log: 'System' Date/Time: 2/04/2020 3:19:21 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Log: 'System' Date/Time: 2/04/2020 3:50:23 AM
Type: Error Category: 0
Event: 15 Source: TPM
The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Log: 'System' Date/Time: 1/04/2020 5:08:12 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Virtual Router service failed to start due to the following error:  The system cannot find the file specified.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 4/04/2020 2:06:11 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 4/04/2020 2:06:11 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 4/04/2020 2:05:52 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device USB\VID_05AC&PID_12A8&MI_00\7&1dc4582&0&0000.

Log: 'System' Date/Time: 4/04/2020 2:04:48 PM
Type: Warning Category: 0
Event: 34 Source: BTHUSB
The local adapter does not support an important Low Energy controller state to support peripheral mode. The minimum required supported state mask is 0x2491f7fffff; got 0x1fffffff. Low Energy peripheral role functionality will not be available.

Log: 'System' Date/Time: 4/04/2020 2:04:48 PM
Type: Warning Category: 0
Event: 48 Source: BTHUSB
The local adapter does not support reading the encryption key size for a connected device. Insecure devices may be able to connect to this system.

Log: 'System' Date/Time: 4/04/2020 2:04:48 PM
Type: Warning Category: 0
Event: 1 Source: rt640x64
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 4/04/2020 2:04:47 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device USB\VID_05AC&PID_12A8&MI_01\7&1dc4582&0&0001.

Log: 'System' Date/Time: 4/04/2020 1:53:38 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user RIFFRAFFDELL\tracy SID (S-1-5-21-792678858-599442959-1286739730-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 4/04/2020 1:53:38 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}  and APPID  {15C20B67-12E7-4BB6-92BB-7AFF07997402}  to the user RIFFRAFFDELL\tracy SID (S-1-5-21-792678858-599442959-1286739730-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 4/04/2020 1:49:29 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 4/04/2020 1:49:29 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 4/04/2020 1:49:10 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device USB\VID_05AC&PID_12A8&MI_00\7&1dc4582&0&0000.

Log: 'System' Date/Time: 4/04/2020 1:48:06 PM
Type: Warning Category: 0
Event: 34 Source: BTHUSB
The local adapter does not support an important Low Energy controller state to support peripheral mode. The minimum required supported state mask is 0x2491f7fffff; got 0x1fffffff. Low Energy peripheral role functionality will not be available.

Log: 'System' Date/Time: 4/04/2020 1:48:06 PM
Type: Warning Category: 0
Event: 48 Source: BTHUSB
The local adapter does not support reading the encryption key size for a connected device. Insecure devices may be able to connect to this system.

Log: 'System' Date/Time: 4/04/2020 1:48:06 PM
Type: Warning Category: 0
Event: 1 Source: rt640x64
Realtek PCIe FE Family Controller is disconnected from network.

Log: 'System' Date/Time: 4/04/2020 1:48:05 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device USB\VID_05AC&PID_12A8&MI_01\7&1dc4582&0&0001.

Log: 'System' Date/Time: 4/04/2020 1:44:34 PM
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume1\Windows\System32\audiodg.exe with process id 4392 stopped the removal or ejection for the device HDAUDIO\FUNC_01&VEN_10EC&DEV_0255&SUBSYS_102806BF&REV_1000\4&2bebb0de&0&0001.

Log: 'System' Date/Time: 4/04/2020 1:42:49 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 4/04/2020 1:42:49 PM
Type: Warning Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 4/04/2020 1:42:47 PM
Type: Warning Category: 0
Event: 34 Source: BTHUSB
The local adapter does not support an important Low Energy controller state to support peripheral mode. The minimum required supported state mask is 0x2491f7fffff; got 0x1fffffff. Low Energy peripheral role functionality will not be available.


 


  • 0

#23
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 5/04/2020 1:45:50 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 4/04/2020 1:40:17 PM
Type: Error Category: 0
Event: 1000 Source: Microsoft-Windows-Perflib
Access to performance data was denied to user "SYSTEM" (value from GetUserName() for the running thread) as attempted from module "\\?\C:\Windows\system32\wbem\WMIADAP.EXE" (value from GetModuleFileName() for the binary that issued the query).

Log: 'Application' Date/Time: 4/04/2020 1:40:04 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: WizFile64.exe, version: 2.6.0.0, time stamp: 0x5beb93d3 Faulting module name: WizFile64.exe, version: 2.6.0.0, time stamp: 0x5beb93d3 Exception code: 0xc0000005 Fault offset: 0x0000000000331e1f Faulting process ID: 0x16bc Faulting application start time: 0x01d60a79ae5d6f92 Faulting application path: C:\Program Files\WizFile\WizFile64.exe Faulting module path: C:\Program Files\WizFile\WizFile64.exe Report ID: f2b4a37f-947d-4dee-96b8-880e41daa5e2 Faulting package full name:  Faulting package-relative application ID:

Log: 'Application' Date/Time: 4/04/2020 1:37:05 PM
Type: Error Category: 0
Event: 10007 Source: Microsoft-Windows-RestartManager
Application or service 'AdaptiveSleepService' could not be restarted.

Log: 'Application' Date/Time: 4/04/2020 1:37:04 PM
Type: Error Category: 0
Event: 0 Source: Adaptive Sleep Service
The event description cannot be found.

Log: 'Application' Date/Time: 4/04/2020 12:54:12 PM
Type: Error Category: 0
Event: 1020 Source: Microsoft-Windows-Perflib
The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 25232 and the required size was 32304.

Log: 'Application' Date/Time: 4/04/2020 6:44:23 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledSPRetry 18296

Log: 'Application' Date/Time: 4/04/2020 6:44:23 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: m->NextScheduledEvent 18296

Log: 'Application' Date/Time: 4/04/2020 6:44:23 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
Task Scheduling Error: Continuously busy for more than a second

Log: 'Application' Date/Time: 3/04/2020 1:39:25 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Revit.exe, version: 20.0.0.377, time stamp: 0x5c9c4a8e Faulting module name: clr.dll, version: 4.8.4121.0, time stamp: 0x5deabd50 Exception code: 0xc0000005 Fault offset: 0x00000000000ca84d Faulting process ID: 0x13d0 Faulting application start time: 0x01d609bd1fa3aa58 Faulting application path: C:\Program Files\Autodesk\Revit 2020\Revit.exe Faulting module path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll Report ID: 37725dc9-8fdd-418b-be79-185c205b154d Faulting package full name:  Faulting package-relative application ID:

Log: 'Application' Date/Time: 3/04/2020 1:39:24 PM
Type: Error Category: 0
Event: 1023 Source: .NET Runtime
Application: Revit.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 00007FFC86F6A84D (00007FFC86EA0000) with exit code 80131506.


Log: 'Application' Date/Time: 3/04/2020 5:54:16 AM
Type: Error Category: 0
Event: 1020 Source: Microsoft-Windows-Perflib
The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 21320 and the required size was 33224.

Log: 'Application' Date/Time: 2/04/2020 3:45:47 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: WhoCrashedEx.exe, version: 6.65.3.30701, time stamp: 0x5d1db7ba Faulting module name: WhoCrashed32.dll, version: 0.0.0.0, time stamp: 0x5d19de23 Exception code: 0xc0000005 Fault offset: 0x00007eae Faulting process ID: 0x8bc Faulting application start time: 0x01d609034873ca6e Faulting application path: C:\Program Files\WhoCrashed\WhoCrashedEx.exe Faulting module path: C:\Program Files\WhoCrashed\WhoCrashed32.dll Report ID: f40c47b2-461f-487c-a7f1-9c1049d31b00 Faulting package full name:  Faulting package-relative application ID:

Log: 'Application' Date/Time: 2/04/2020 3:23:43 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Revit.exe, version: 20.0.0.377, time stamp: 0x5c9c4a8e Faulting module name: mfc140u.dll, version: 14.15.26706.0, time stamp: 0x5b3f07f3 Exception code: 0xc0000005 Fault offset: 0x0000000000002e5e Faulting process ID: 0x244c Faulting application start time: 0x01d609028dd6b72a Faulting application path: C:\Program Files\Autodesk\Revit 2020\Revit.exe Faulting module path: C:\Windows\SYSTEM32\mfc140u.dll Report ID: 39e14302-4d40-4791-b614-bca86128d5ef Faulting package full name:  Faulting package-relative application ID:

Log: 'Application' Date/Time: 2/04/2020 3:23:40 PM
Type: Error Category: 0
Event: 528 Source: SQLLocalDB 12.0
Windows API call WaitForMultipleObjects returned error code: 575. Windows system error message is: {Application Error} The application was unable to start correctly (0x%lx). Click OK to close the application. Reported at line: 3728.

Log: 'Application' Date/Time: 2/04/2020 3:23:40 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: CefSharp.BrowserSubprocess.exe, version: 65.0.1.0, time stamp: 0x5b761ceb Faulting module name: KERNELBASE.dll, version: 10.0.18362.719, time stamp: 0xb31987d3 Exception code: 0xe0000008 Fault offset: 0x000000000003a859 Faulting process ID: 0x14d4 Faulting application start time: 0x01d60902af8b18ab Faulting application path: C:\Program Files\Autodesk\Revit 2020\CefSharp\CefSharp.BrowserSubprocess.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report ID: 341c9b70-bb9a-4af8-a3c8-c23192fea5f2 Faulting package full name:  Faulting package-relative application ID:

Log: 'Application' Date/Time: 2/04/2020 3:23:40 PM
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: CefSharp.BrowserSubprocess.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
   at <Module>.CefExecuteProcess(CefMainArgs*, scoped_refptr<CefApp>*, Void*)
   at CefSharp.BrowserSubprocess.SubProcess.Run()
   at CefSharp.BrowserSubprocess.Program.Main(System.String[])



Log: 'Application' Date/Time: 2/04/2020 3:23:39 PM
Type: Error Category: 0
Event: 528 Source: SQLLocalDB 12.0
Windows API call WaitForMultipleObjects returned error code: 575. Windows system error message is: {Application Error} The application was unable to start correctly (0x%lx). Click OK to close the application. Reported at line: 3728.

Log: 'Application' Date/Time: 2/04/2020 3:23:38 PM
Type: Error Category: 0
Event: 528 Source: SQLLocalDB 12.0
Windows API call WaitForMultipleObjects returned error code: 575. Windows system error message is: {Application Error} The application was unable to start correctly (0x%lx). Click OK to close the application. Reported at line: 3728.

Log: 'Application' Date/Time: 2/04/2020 3:23:36 PM
Type: Error Category: 0
Event: 528 Source: SQLLocalDB 12.0
Windows API call WaitForMultipleObjects returned error code: 575. Windows system error message is: {Application Error} The application was unable to start correctly (0x%lx). Click OK to close the application. Reported at line: 3728.

Log: 'Application' Date/Time: 2/04/2020 3:22:17 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Revit.exe, version: 20.0.0.377, time stamp: 0x5c9c4a8e Faulting module name: KERNELBASE.dll, version: 10.0.18362.719, time stamp: 0xb31987d3 Exception code: 0xc000041d Fault offset: 0x000000000003a859 Faulting process ID: 0x1cf8 Faulting application start time: 0x01d60901f14aa2bb Faulting application path: C:\Program Files\Autodesk\Revit 2020\Revit.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report ID: 81e2da39-76a7-41d3-b80d-1262a17373b1 Faulting package full name:  Faulting package-relative application ID:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 2/04/2020 3:50:30 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xcfffffff, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 28/03/2020 7:26:52 PM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0x000000ff, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 27/03/2020 5:44:17 AM
Type: Warning Category: 0
Event: 1015 Source: MsiInstaller
Failed to connect to server. Error: 0x800401F0

Log: 'Application' Date/Time: 27/03/2020 3:49:29 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xcfffffff, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 26/03/2020 1:19:05 PM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0x000000ff, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 26/03/2020 2:15:37 AM
Type: Warning Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed with error code The system cannot find the file specified.. Performance data for this service will not be available.

Log: 'Application' Date/Time: 23/03/2020 2:13:58 PM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xc00001ad, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 15/03/2020 1:13:37 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xcfffffff, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 10/03/2020 10:16:29 PM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xcfffffff, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 9/03/2020 3:10:46 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xcfffffff, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 5/03/2020 9:50:35 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xcfffffff, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 1/03/2020 12:51:58 PM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0x000000ff, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 20/02/2020 10:07:22 AM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6 with error 0x80070057.

Log: 'Application' Date/Time: 20/02/2020 9:59:17 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xc00001ad, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 18/02/2020 10:40:49 AM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0xc00001ad, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 17/02/2020 2:36:34 PM
Type: Warning Category: 0
Event: 0 Source: Dwminit
The Desktop Window Manager process has exited. (Process exit code: 0x0000042b, Restart count: 1, Primary display device ID: AMD Radeon R4)

Log: 'Application' Date/Time: 16/02/2020 11:25:22 PM
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6 with error 0x80070057.

Log: 'Application' Date/Time: 16/02/2020 1:50:57 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe' (pid 11320) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/02/2020 1:50:10 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe' (pid 8880) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/02/2020 1:41:59 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Mozilla Firefox\firefox.exe' (pid 11792) cannot be restarted - Application SID does not match Conductor SID..


 


  • 0

#24
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

sfc scan said there were no problems.

I'm in Australia. I'm guessing you're in the US?


  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,944 posts
  • MVP

Melbourne Beach Florida USA.  Apparently the town was named after your Melbourne.  We had planned to visit Australia this spring (ours not yours) but the fires and now the plague have put an end to those plans.

 

You have some major problems with some of your software.  Most important is probably the one you are complaining about being slow and clunky.  It is crashing on you.  One of the crashes seems to caused by a Microsoft Visual C++ Redistributable program version 14.15.26706.0

 

Log: 'Application' Date/Time: 2/04/2020 3:23:43 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Revit.exe, version: 20.0.0.377, time stamp: 0x5c9c4a8e Faulting module name: mfc140u.dll, version: 14.15.26706.0, time stamp: 0x5b3f07f3 Exception code: 0xc0000005 Fault offset: 0x0000000000002e5e Faulting process ID: 0x244c Faulting application start time: 0x01d609028dd6b72a Faulting application path: C:\Program Files\Autodesk\Revit 2020\Revit.exe Faulting module path: C:\Windows\SYSTEM32\mfc140u.dll Report ID: 39e14302-4d40-4791-b614-bca86128d5ef Faulting package full name:  Faulting package-relative application ID:

 

 

 

 

If you look at Control Panel (View Large Icons) Programs and Features you will usually see several Microsoft Visual C++ Redistributable or Runtime programs.  These are installed along with certain software packages.  If you uninstall the software you should always uninstall the related Microsoft Visual C++   then when you reinstall a fresh copy of the software you will also get a fresh copy of the Microsoft Visual C++ program.

 

Other Revit errors are caused by Kernelbase.dll which is a Microsoft system file.  DISM & SFC insure the file is good so that implies that Revit needs either a newer version or a noncorrupt version.
 

Event: 1000 Source: Application Error
Faulting application name: Revit.exe, version: 20.0.0.377, time stamp: 0x5c9c4a8e Faulting module name: KERNELBASE.dll, version: 10.0.18362.719, time stamp: 0xb31987d3 Exception code: 0xc000041d Fault offset: 0x000000000003a859 Faulting process ID: 0x1cf8 Faulting application start time: 0x01d60901f14aa2bb Faulting application path: C:\Program Files\Autodesk\Revit 2020\Revit.exe Faulting module path: C:\Windows\System32\KERNELBASE.dll Report ID: 81e2da39-76a7-41d3-b80d-1262a17373b1 Faulting package full name:  Faulting package-relative application ID:

Following programs are causing problems and should be uninstalled or reinstalled/repaired:

 

 

 

Other programs which are causing problems:

 

Bonjour

This is an Apple program that detect Apple products on your net.  If you uninstall it and then install iTunes you get a brand new copy.  Older version don't work with newer versions of Win 10 but Apple does not make it easy to update Bonjour.

 

WizFile

This is not working.  Don't know much about it but doesn't look like you really need it so I would uninstall it unless there is a newer version.

 

Who Crashed

Doesn't seem to be working so please uninstall.

 

 

Adaptive Sleep Service

This is a stupid program from AMD which is supposed to decide when the PC should go to sleep.  May save battery power if it worked but it doesn't so best to turn off the service:

 

Search for

services.msc

hit Enter

Scroll down to Adaptive Sleep Service (may have AMD in front of the name)  right click and select Properties then change Startup Type: to Disabled.  OK

This will keep the program from trying to start so it won't bother us any more.

 

While you are in the Services window, look for

Virtual Router service.  If you find it do the same to it.

 

 

Let's run FRST so I can see what is going on:

 

  • Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Check the Addition.txt box
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here.
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.



 


  • 0

Advertisements


#26
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

That's a shame about your planned trip. The Zombie Apocalypse has brought the world to its knees - not something I ever imagined I'd see. I've lived in Melbourne and rural Victoria all my life and I have always loved the city. The history in it is fascinating. There are still many beautiful old buildings and the stories of early Melbourne are at times quite intriguing. My family has lived here since they emigrated from Scotland three generations ago, and although their history is not particularly extraordinary, I have always found it cool that I have been able to see each house they lived in because they're all within reach of my home. I currently live about two hours from Melbourne in a beautiful little country town in the Otways forest, just a stone's throw from the Great Ocean Road, a "must-see" if you do make it here one day. But back to my bucketload of problems...

 

With the C++ files, I've noticed in the past the abundance of versions and wondered if they were removable. When you say I should remove the accompanying one when uninstalling software- how do I know which one belongs to it and whether it is a shared file? I was always under the impression that uninstalling them could be deleterious to my system and thus left them alone. Which ones can I comfortably remove right now?

 

I have the latest version of Revit (2020) but I installed it while Revit 2019 was still installed, expecting it to upgrade it, but it seems to have installed it alongside it instead. Apparently it is a somewhat insidious program to uninstall, it has spawn in all kinds of places on the hard drive. There is a method Autodesk (producer of Revit, AutoCAD, et al) instructs you to use to clean it from your system (https://knowledge.autodesk.com/support/revit-products/troubleshooting/caas/sfdcarticles/sfdcarticles/How-to-Complete-a-Clean-Uninstall-of-Revit-products.html), should I remove just 2019, or both copies and reinstall 2020. Both 2019 and 2020 came directly from the Autodesk website and were legitimately registered, not keygenned or anything shady, so I would have expected them to not be corrupt.

 

As for the other software - I hate iTunes passionately, but unfortunately Apple ensures that you must install it if you ever hope to do anything with your phone other than make calls on it until it becomes obsolete. I will reinstall it as suggested.

 

WizFile has me puzzled, as I use this on almost a daily basis because I have a memory like a sieve, and have only had it freeze on me once or twice in years of use. It works just like Windows index search function (the one at the top right corner of Windows Explorer folders) but reads the hard drive's Master File Table directly from the hard drive, producing search results almost instantly. I have found it indispensable. Its sister program WizTree is a truly brilliant piece of software that saved my sanity in the space of just 8 seconds when I found that my hard drive had almost completely filled up, from ~500gb to 900gb, overnight and I had no idea why, or where to begin looking for the culprit. It presents a colour graphic representation of the files on your hard drive, looks a bit like Lego, so you can see immediately the biggest drive-space hogs (represented by the largest blocks in the image) and address them accordingly (http://antibody-soft...ree treemap.jpg). It took 8 seconds to produce my results and immediately I could easily see the offending file. The previous day I had shown my youngest how to screen capture video of a game she was playing. I didn't expect her to produce around 30+ minutes of videos that consumed hundreds of gb. Both programs are free and well worth checking out: https://antibody-software.com/ I will un/reinstall the latest version.

 

WhoCrashed was a tool I used to read .dmp files when Firefox refused to load for me one day. It was handy, but rarely gets a run these days, so it can go.

 

Adaptive Sleep Service is useless to me because I use my laptop almost exclusively plugged in (I know, I know...) and fear "sleep" because my laptop frequently refused to wake up in the past, resulting in a hard boot and the loss of anything unsaved. I now have auto-sleep turned off or set to some ridiculous time like 5 hours. From time to time the screen will go black all by itself, but I discovered the Win+Ctrl+Shift+B function (a bit like playing Twister on your keyboard) which returns the screen functionality 80% of the time. So it can go too.

 

It's quite a list of actions to perform, so I will attack them later today (after reading your response to my C++ and Revit questions) and return with the FRST results.

 

Thank you again for your help!


  • 0

#27
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,944 posts
  • MVP

The only version of Visual etc that I would uninstall is the version 14.15.26706.0 because it appears that Revit it crashing with that in its jaws.  Since you have a set procedure for uninstalling both 19 & 20 I would do that then reboot before a reinstall.  Even fresh downloads can get corrupted.  Sometimes in the download and sometimes in the install and sometimes after the install when a hard drive bit changes or some other program accidentally writes where it shouldn't.

 

As for WizFile:

 

Log: 'Application' Date/Time: 4/04/2020 1:40:04 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: WizFile64.exe, version: 2.6.0.0, time stamp: 0x5beb93d3 Faulting module name: WizFile64.exe, version: 2.6.0.0, time stamp: 0x5beb93d3 Exception code: 0xc0000005 Fault offset: 0x0000000000331e1f Faulting process ID: 0x16bc Faulting application start time: 0x01d60a79ae5d6f92 Faulting application path: C:\Program Files\WizFile\WizFile64.exe Faulting module path: C:\Program Files\WizFile\WizFile64.exe Report ID: f2b4a37f-947d-4dee-96b8-880e41daa5e2 Faulting package full name:  Faulting package-relative application ID:

 

 

The error is an Access Violation so a reinstall may fix it.  I would suggest you right click and Run As Administrator instead of double clicking when you install it.

 

Let's look at dump files with a less intrusive program than Who crashed:

Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

 

There may not be any.  The next to last Windows update caused my own AMD PC to crash every few hours without leaving any dump files or logging any errors.  I had to uninstall it.  I waited until the next update was available and reinstalled.  So far I have only had 1 crash without dump so the new version is better.

 

As for iTunes I think you can uninstall once you get the newest Bonjour.  If not we will can it so iTunes never tries to run so it won't bother you.

 

We were calling it the zombie apocalypse too but have recently decided to rename it in honor of the person who has done the most in order to have it spread so it is now the Trump virus.  Much easier to type at least.


  • 0

#28
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Ok, so that was fun. It took well over two hours to uninstall and then locate every last (I hope) thread of Revit. It's quite an insidious program. When I reinstall, will the new installation overwrite the (potentially corrupt) Kernelbase.dll file?

I uninstalled Bonjour as well as iTunes, thinking the new iTunes installation will bring a new Bonjour with it, but it didn't. Restart didn't prompt a download/installation either, so I downloaded a fresh copy of Bonjour (apparently the latest version as at 21 March 2020 - v.1.0.6.2) and installed. The problem with not having it was it turned iTunes into little more than a jukebox, because it didn't "see" my phone when it was plugged in. This caused me an additional problem where, although I don't actively use iTunes, the program I do use to emancipate the photos and files within my phone, (iFunBox), utilises iTunes identification capability to access my phone, so without iTunes functioning properly, iFunBox wasn't working either. That said though, even after a restart, iFunBox was just crashing on opening. iTunes was seeing my phone again, but iFunBox didn't want to come to the party. After searching for a solution, I discovered a better program that does the same thing (3uTools) and it is playing nicely with iTunes, my computer and, importantly, my phone, so I'm happy with that arrangement.

iFunBox has been uninstalled.

 

WizFile was un/reinstalled and is working fine.

 

AMD sleep service has been turned off as per your instructions.

 

Virtual router service has been disabled also.

 

WhoCrashed has been uninstalled.

 

I realised too late that you probably intended for me to run FRST before uninstalling Revit, but I'm an idiot, so I have run FRST anyway, and if necessary, I'll run it again after a clean install of Revit 2020.

 

Here are the FRST reports:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2020
Ran by tracy (administrator) on RIFFRAFFDELL (Dell Inc. Inspiron 5555) (06-04-2020 18:46:30)
Running from C:\Users\tracy\Downloads
Loaded Profiles: tracy (Available Profiles: tracy)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0320000.inf_amd64_9a52392e17f36376\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1402\DSAPI.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ProdLib] => "C:\ProgramData\Autodesk\ApplicationPlugins\ProdLib.bundle\ProdLib.SystemTray.exe"
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\tracy\AppData\Local\Microsoft\Teams\Update.exe [1790704 2019-10-31] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-09-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\MountPoints2: {1d9c011f-1f49-11ea-aa21-b0c090a3360c} - "F:\AutoRun.exe"
HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\MountPoints2: {1d9c0208-1f49-11ea-aa21-b0c090a3360c} - "E:\AutoRun.exe"
HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\MountPoints2: {b03b418e-2519-11ea-aa25-b0c090a3360c} - "F:\AutoRun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Virtual Router Manager.lnk [2019-12-23]
ShortcutTarget: Virtual Router Manager.lnk -> C:\Windows\Installer\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}\_118D1A4EFFA6998C3492EB.exe () [File not signed]
Startup: C:\Users\tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2020-02-16]
ShortcutTarget: GenuineService.lnk -> C:\Users\tracy\Autodesk\Genuine Service\GenuineService.exe (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A9819B-59FF-4ADD-941E-27120797AFD7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-31] (Google Inc -> Google LLC)
Task: {0992B72E-174F-48CA-833F-F8CBDC38797E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2350176 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A7CBBFB-CE22-4DCB-BFB9-01A394E11D95} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [150272 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {20D7BAC1-F6BF-4BAB-868C-676E1AC3F740} - System32\Tasks\WizFile => C:\Program Files\WizFile\WizFile64.exe [10498360 2018-11-14] (Antibody Software Limited -> Antibody Software)
Task: {2B5E7A41-28F7-4225-B55C-2C96B220593B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167920 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3111A92D-B48E-488E-B9AD-70F583B767BE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [150272 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {417F14FE-5529-4559-97A7-B8332CE0A838} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2017-10-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {57799EA9-DD95-41FD-BEE5-61AC0482C1BB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167920 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6082365E-FAE7-4BB0-9AFB-F9D7FE381748} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-31] (Google Inc -> Google LLC)
Task: {68DCA834-5F60-4F7E-AD9C-5E84F4FA3063} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {6A43038A-9DB1-45B6-BA73-EFE7D244B727} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C2E678B-A184-4A46-A6B8-489C8DD121B7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D936876-97DC-4979-8C09-C8A6138424D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {75881C69-037E-4851-877C-8B80CA12AC12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A64E87F-213F-450D-8E1C-89196F1056F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A9614F83-434C-460B-944F-BD78C10736C2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {B15069F7-4C98-40D4-B48C-88AC7C223F94} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1553880 2020-03-12] (Dell Inc. -> Dell Inc.)
Task: {D379E68F-0028-4F21-941F-3A2DC603AA02} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {D6CABBB9-6629-4934-9B99-D3ABC2D6B537} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369752 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAA2DC38-94F1-4700-BC06-91B230022546} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [147456 2008-12-12] (Apple Inc.) [File not signed]
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{70286a1a-7108-46ed-aae9-2fd660d97285}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{ab58ebd0-bed3-4a6b-bbf0-dcac49b068a4}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c53578d0-f2f7-4140-9d8c-9c7649bb356a}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-792678858-599442959-1286739730-1001 -> {6070aaf0-4487-49b5-9583-c51f7316c6ff} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\tracy\Downloads

FireFox:
========
FF DefaultProfile: bjghe92c.default
FF ProfilePath: C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1 [2020-04-06]
FF Session Restore: Mozilla\Firefox\Profiles\ygzux85d.default-release-1 -> is enabled.
FF Extension: (Facebook Container) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\@contain-facebook.xpi [2020-03-06]
FF Extension: (YouTube Adblocker) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (AdBlocker Ultimate) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (Best Proxy Switcher) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (CatBlock) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (Enhancer for YouTube™) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-03-31]
FF Extension: (OneTab) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-14]
FF Extension: (FoxyProxy Standard) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-02-16]
FF Extension: (ProxTube) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-02-04]
FF Extension: (Video Blocker) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (download-helper) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (Mate Translate – translator, dictionary) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-03-20]
FF Extension: (Show my Password) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (Show/Hide passwords) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (Skip Redirect) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (TinEye Reverse Image Search) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-12]
FF Extension: (uBlock Origin) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-03-19]
FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\[email protected] [2020-01-31]
FF Extension: (Social Video Downloader) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{00e68183-fc7d-4a91-b5cc-f7f8272386db}.xpi [2020-02-02]
FF Extension: (Lookup in Oxford Dictionary) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{0aa583da-e323-42f2-b4d2-0bc61b493171}.xpi [2020-01-12]
FF Extension: (Search by image on Aliexpress) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{125dc5f0-45f5-429d-93a6-e865d67efbee}.xpi [2020-01-12]
FF Extension: (Definition Dictionary) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{43027219-e275-4219-acbe-4a92fce4324a}.xpi [2020-03-10]
FF Extension: (You No Cards) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{450542d6-67d0-4975-aee1-ca1464e1ff6f}.xpi [2020-01-12]
FF Extension: (BlockTube) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{58204f8b-01c2-4bbc-98f8-9a90458fd9ef}.xpi [2020-02-25]
FF Extension: (Online PDF Editor (pdf2go.com)) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{5fe0e3b1-ef04-41af-aae8-4653d2dbd0eb}.xpi [2020-01-12]
FF Extension: (Popup Blocker Ultimate) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2020-03-09]
FF Extension: (ANIMATED CAT LICKING YOUR SCREEN) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{6a21e28f-b023-41bb-aad9-7db3a398599f}.xpi [2020-01-12]
FF Extension: (Don't touch my tabs! (rel=noopener)) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{6b938c0c-fc53-4f27-805f-619778631082}.xpi [2020-03-23]
FF Extension: (English Popup Dictionary) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{74e2e3a5-6d4f-4766-b870-51b301cedb9b}.xpi [2020-01-12]
FF Extension: (Cats on the Couch by MaDonna) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{77d6617c-ad08-4413-9373-e04e0c4b937d}.xpi [2020-01-18]
FF Extension: (Google Translator with Right Click) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{92047279-0910-4abb-beb7-a7f2cd6cf04b}.xpi [2020-01-12]
FF Extension: (Channels Blocker for Youtube) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{92d2b334-60b5-4f82-8239-9fc7b542174d}.xpi [2020-01-12]
FF Extension: (Definitions.net) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{97851884-5432-4131-9f46-841755bb0e73}.xpi [2020-03-08]
FF Extension: (see-password) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{9fc6ffbd-fbc4-43ac-9376-f6d789bea76d}.xpi [2020-01-12]
FF Extension: (Adblocker for YouTube™) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{ab2186b0-8c0b-4921-a2d4-95e6e05c0e3c}.xpi [2020-01-12]
FF Extension: (Flash and Video Download) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2020-02-14]
FF Extension: (Create a new script) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{aecec67f-0d10-4fa7-b7c7-609a2db280cf}.xpi [2020-02-13]
FF Extension: (Cats shapes) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{b26c3856-d617-4503-8c5e-83af3b37c68d}.xpi [2020-01-12]
FF Extension: (Tree of Cats by MaDonna) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{b37caf98-8582-410b-943c-efa21a20ee07}.xpi [2020-01-12]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2020-01-19]
FF Extension: (Simple Night Mode for Quantum) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{c1b085de-157e-4521-a06f-c39f5c698216}.xpi [2020-01-12]
FF Extension: (ANIMATED changing eyes of black cat) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{c46898bc-7204-4398-b5a8-3ba41ff93080}.xpi [2020-01-12]
FF Extension: (Night Reader for Firefox) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{d464c6fa-2976-4e0a-a2d8-8a9a372c5dd8}.xpi [2020-01-12]
FF Extension: (Translate Menu) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{dac8a935-4775-4918-9205-5c0600087dc4}.xpi [2020-03-20]
FF Extension: (ANIMATED KITTY CAT) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{eab93f67-9aab-4a1e-923c-4000abe0e509}.xpi [2020-01-12]
FF Extension: (animated cat walking on roofs by candelora) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ygzux85d.default-release-1\Extensions\{f19ce2b0-4a67-49d0-8c09-797d294b8834}.xpi [2020-01-12]
FF ProfilePath: C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\bjghe92c.default [2020-04-04]
FF NewTab: Mozilla\Firefox\Profiles\bjghe92c.default -> hxxp://www.bing.com/?pc=COS2&ptag=D112119-N0600ABBFDD158E6&form=CONMHP&conlogo=CT3334487
FF ProfilePath: C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release [2020-04-02]
FF NewTab: Mozilla\Firefox\Profiles\ys9wk741.default-release -> hxxp://www.bing.com/?pc=COS2&ptag=D112119-N0600ABBFDD158E6&form=CONMHP&conlogo=CT3334487
FF Session Restore: Mozilla\Firefox\Profiles\ys9wk741.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\ys9wk741.default-release -> hxxps://www.facebook.com
FF Extension: (Facebook Container) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\@contain-facebook.xpi [2019-10-30]
FF Extension: (YouTube Adblocker) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2020-01-11]
FF Extension: (AdBlocker Ultimate) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2020-01-11]
FF Extension: (Best Proxy Switcher) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-12-10]
FF Extension: (CatBlock) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-10-30]
FF Extension: (Enhancer for YouTube™) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-12-14]
FF Extension: (OneTab) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-12-23]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-11-22]
FF Extension: (ProxTube) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-12-20]
FF Extension: (Video Blocker) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-10-30]
FF Extension: (download-helper) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-10-30]
FF Extension: (Show my Password) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-10-30]
FF Extension: (JavaScript-Java Bridge) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-10-30]
FF Extension: (Show/Hide passwords) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-10-30]
FF Extension: (Skip Redirect) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-11-16]
FF Extension: (TinEye Reverse Image Search) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-10-30]
FF Extension: (uBlock Origin) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-11-25]
FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\[email protected] [2019-10-30]
FF Extension: (Social Video Downloader) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{00e68183-fc7d-4a91-b5cc-f7f8272386db}.xpi [2019-12-29]
FF Extension: (Lookup in Oxford Dictionary) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{0aa583da-e323-42f2-b4d2-0bc61b493171}.xpi [2019-12-15]
FF Extension: (Search by image on Aliexpress) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{125dc5f0-45f5-429d-93a6-e865d67efbee}.xpi [2019-11-12]
FF Extension: (Easy Ad Blocker) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{407e413d-d53c-44d2-864c-e0163513f9fb}.xpi [2019-11-13]
FF Extension: (You No Cards) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{450542d6-67d0-4975-aee1-ca1464e1ff6f}.xpi [2020-01-11]
FF Extension: (BlockTube) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{58204f8b-01c2-4bbc-98f8-9a90458fd9ef}.xpi [2019-12-28]
FF Extension: (Online PDF Editor (pdf2go.com)) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{5fe0e3b1-ef04-41af-aae8-4653d2dbd0eb}.xpi [2019-12-19]
FF Extension: (Popup Blocker Ultimate) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2020-01-03]
FF Extension: (ANIMATED CAT LICKING YOUR SCREEN) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{6a21e28f-b023-41bb-aad9-7db3a398599f}.xpi [2019-10-30]
FF Extension: (Don't touch my tabs! (rel=noopener)) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{6b938c0c-fc53-4f27-805f-619778631082}.xpi [2019-12-23]
FF Extension: (English Popup Dictionary) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{74e2e3a5-6d4f-4766-b870-51b301cedb9b}.xpi [2019-10-30]
FF Extension: (Cats on the Couch by MaDonna) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{77d6617c-ad08-4413-9373-e04e0c4b937d}.xpi [2019-10-30]
FF Extension: (YouTube Converter Button) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{8f4bbf79-5514-4d04-a901-d5fabfe91d73}.xpi [2019-12-28]
FF Extension: (Google Translator with Right Click) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{92047279-0910-4abb-beb7-a7f2cd6cf04b}.xpi [2019-11-29]
FF Extension: (Channels Blocker for Youtube) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{92d2b334-60b5-4f82-8239-9fc7b542174d}.xpi [2019-12-28]
FF Extension: (see-password) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{9fc6ffbd-fbc4-43ac-9376-f6d789bea76d}.xpi [2019-10-30]
FF Extension: (Adblocker for YouTube™) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{ab2186b0-8c0b-4921-a2d4-95e6e05c0e3c}.xpi [2020-01-11]
FF Extension: (Flash and Video Download) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2020-01-06]
FF Extension: (Create a new script) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{aecec67f-0d10-4fa7-b7c7-609a2db280cf}.xpi [2019-12-24]
FF Extension: (Cats shapes) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{b26c3856-d617-4503-8c5e-83af3b37c68d}.xpi [2019-10-30]
FF Extension: (Tree of Cats by MaDonna) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{b37caf98-8582-410b-943c-efa21a20ee07}.xpi [2019-10-30]
FF Extension: (Simple Night Mode for Quantum) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{c1b085de-157e-4521-a06f-c39f5c698216}.xpi [2019-10-30]
FF Extension: (ANIMATED changing eyes of black cat) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{c46898bc-7204-4398-b5a8-3ba41ff93080}.xpi [2019-10-30]
FF Extension: (Night Reader for Firefox) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{d464c6fa-2976-4e0a-a2d8-8a9a372c5dd8}.xpi [2019-10-30]
FF Extension: (ANIMATED KITTY CAT) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{eab93f67-9aab-4a1e-923c-4000abe0e509}.xpi [2019-10-30]
FF Extension: (animated cat walking on roofs by candelora) - C:\Users\tracy\AppData\Roaming\Mozilla\Firefox\Profiles\ys9wk741.default-release\Extensions\{f19ce2b0-4a67-49d0-8c09-797d294b8834}.xpi [2019-10-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-27] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-27] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [2018-12-26] () [File not signed]
FF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [2018-12-26] () [File not signed]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default [2020-04-02]
CHR Notifications: Default -> hxxps://www.reddit.com
CHR HomePage: Default -> hxxp://www.google.com
CHR DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=ext-chrome&language=english&extVersion=1.1.0
CHR DefaultSearchKeyword: Default -> startpage.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-31]
CHR Extension: (Popup Blocker (strict)) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aefkmifgmaafnojlojpnekbpbmjiiogg [2019-12-23]
CHR Extension: (Speed Test) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeghledigokaedmpimgnfplidhdhlchg [2020-03-03]
CHR Extension: (Docs) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-31]
CHR Extension: (Google Drive) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-10-31]
CHR Extension: (Dark Night Mode) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbekkddpbpbibiknkcjamlkhoghieie [2019-10-31]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-12-23]
CHR Extension: (YouTube) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-31]
CHR Extension: (Adblock for Youtube™) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-12-23]
CHR Extension: (Proxy SwitchySharp) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2020-03-25]
CHR Extension: (Adobe Acrobat) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-02]
CHR Extension: (Sheets) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-31]
CHR Extension: (Startpage - English) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmjlmbojbkmdpofahffgcpkhkngfpef [2020-01-31]
CHR Extension: (Chrome Remote Desktop) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-10-31]
CHR Extension: (Google Docs Offline) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-02]
CHR Extension: (Etymonline) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\giehjnnlopapngdjbjjgddpaagoimmgl [2019-10-31]
CHR Extension: (uVPN - free and unlimited VPN for everyone) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpieacagdjdfbifodokiccinpbacemjf [2020-02-16]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2020-04-02]
CHR Extension: (Voice to Text) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2020-01-09]
CHR Extension: (Free VPN - the fastest VPN in the house) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkomfibbgccdjcahcpleidblgknecfhh [2020-02-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-31]
CHR Extension: (Speedtest by Ookla) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2020-02-08]
CHR Extension: (Gmail) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-02]
CHR Profile: C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-04-04]
CHR Extension: (Slides) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-02]
CHR Extension: (Docs) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-02]
CHR Extension: (Google Drive) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-02]
CHR Extension: (YouTube) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-02]
CHR Extension: (Adobe Acrobat) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-02]
CHR Extension: (Sheets) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-02]
CHR Extension: (Gmail) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\tracy\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-02]
CHR Profile: C:\Users\tracy\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdaptiveSleepService; C:\Program Files\AMD\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2017-10-26] (Advanced Micro Devices, Inc. -> )
R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0320000.inf_amd64_9a52392e17f36376\atiesrxx.exe [489888 2017-11-07] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600672 2020-03-03] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [244280 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3339824 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1402\DSAPI.exe [965104 2020-04-04] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2020-02-12] (Dell Inc -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38360 2020-03-12] (Dell Inc. -> Dell Inc.)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 Virtual Router; "L:\VirtualRouterService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [27016 2017-10-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0320000.inf_amd64_9a52392e17f36376\atikmdag.sys [40051104 2017-11-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0320000.inf_amd64_9a52392e17f36376\atikmpag.sys [553888 2017-11-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [102832 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [137104 2017-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325808 2016-07-28] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [118960 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc. )
R3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [601616 2016-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [35704 2019-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-01-10] (Apple Inc.) [File not signed]
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\Windows\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [8206848 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [412400 2015-09-11] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\System32\drivers\ew_juwwanecm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-06 18:46 - 2020-04-06 18:48 - 000048157 _____ C:\Users\tracy\Downloads\FRST.txt
2020-04-06 18:45 - 2020-04-06 18:47 - 000000000 ____D C:\FRST
2020-04-06 18:44 - 2020-04-06 18:45 - 002281472 _____ (Farbar) C:\Users\tracy\Downloads\FRST64.exe
2020-04-06 18:44 - 2020-04-06 18:44 - 000141864 _____ C:\Users\tracy\Downloads\bluescreenview_setup.exe
2020-04-06 18:06 - 2020-04-06 18:09 - 000000000 ____D C:\Program Files (x86)\3uTools
2020-04-06 18:06 - 2020-04-06 18:06 - 000001185 _____ C:\Users\Public\Desktop\3uTools.lnk
2020-04-06 18:06 - 2020-04-06 18:06 - 000001185 _____ C:\ProgramData\Desktop\3uTools.lnk
2020-04-06 18:06 - 2020-04-06 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3uTools
2020-04-06 18:04 - 2020-04-06 18:05 - 105709528 _____ C:\Users\tracy\Downloads\3uTools_v2.38.010_Setup_.exe
2020-04-06 17:48 - 2020-04-06 17:48 - 000000925 _____ C:\Users\tracy\Desktop\geekstogo.txt
2020-04-06 17:36 - 2020-04-06 17:36 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2020-04-06 17:36 - 2020-04-06 17:36 - 000000000 ____D C:\Windows\system32\Tasks\Apple
2020-04-06 17:36 - 2020-04-06 17:36 - 000000000 ____D C:\Users\tracy\AppData\Local\Apple
2020-04-06 17:36 - 2020-04-06 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour
2020-04-06 17:36 - 2020-04-06 17:36 - 000000000 ____D C:\Program Files (x86)\Bonjour
2020-04-06 17:36 - 2020-04-06 17:36 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2020-04-06 17:35 - 2020-04-06 17:35 - 002151720 _____ (Apple Inc.) C:\Users\tracy\Downloads\BonjourSetup.exe
2020-04-06 05:32 - 2020-04-06 17:56 - 000002634 _____ C:\Windows\system32\Tasks\WizFile
2020-04-06 01:35 - 2020-04-06 01:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WizFile
2020-04-06 01:35 - 2020-04-06 01:35 - 000000000 ____D C:\Program Files\WizFile
2020-04-06 01:30 - 2020-04-06 01:30 - 004319272 _____ (Antibody Software ) C:\Users\tracy\Downloads\wizfile_2_06_setup.exe
2020-04-05 00:18 - 2020-04-05 00:18 - 000061440 _____ ( ) C:\Users\tracy\Downloads\VEW.exe
2020-04-04 23:55 - 2020-04-04 23:56 - 045161395 _____ C:\Users\tracy\Downloads\Pt_Henry_Cafe_Building.rvt_2020-Apr-04_01-55-13PM.zip
2020-04-04 23:45 - 2020-04-04 23:46 - 000000000 ____D C:\Windows\system32\RTCOM
2020-04-04 23:45 - 2020-04-04 23:45 - 000000000 ____D C:\Windows\LastGood
2020-04-04 23:45 - 2020-04-04 23:45 - 000000000 ____D C:\Program Files\Waves
2020-04-04 23:44 - 2017-05-04 05:23 - 000532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2020-04-04 23:44 - 2017-05-04 05:23 - 000221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2020-04-04 23:44 - 2017-05-04 05:23 - 000209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2020-04-04 23:44 - 2017-05-04 05:23 - 000166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 003506632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 003502536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 001353272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000691672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000214824 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000164424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkXInterface64.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2020-04-04 23:44 - 2017-05-04 05:20 - 000088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2020-04-04 23:44 - 2017-05-04 05:16 - 072520712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCORES64.dat
2020-04-04 23:44 - 2017-05-04 05:16 - 005753856 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-04-04 23:44 - 2017-05-04 05:16 - 003677184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2020-04-04 23:44 - 2017-05-04 05:16 - 003205120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2020-04-04 23:44 - 2017-05-04 05:16 - 000023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2020-04-04 23:44 - 2017-05-04 05:15 - 002209792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2020-04-04 23:44 - 2017-05-04 01:33 - 012671647 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2020-04-04 23:44 - 2017-05-04 01:33 - 005804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2020-04-04 23:43 - 2020-04-04 23:43 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-04 23:43 - 2017-05-04 05:19 - 013122576 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 012988344 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 012016264 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxVoiceAPO30.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 002291304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 001422920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 000999856 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 000677664 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 000447712 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 000151776 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 000134192 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2020-04-04 23:43 - 2017-05-04 05:19 - 000084608 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2020-04-04 23:43 - 2017-05-04 05:18 - 001213656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2020-04-04 23:43 - 2017-05-04 05:18 - 001166152 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2020-04-04 23:43 - 2017-05-04 05:18 - 000678176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2020-04-04 23:43 - 2017-05-04 05:18 - 000330560 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 001780616 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 001591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 001508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 000743960 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 000727424 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 000708304 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 000504304 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 000445392 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 000441256 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 000253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 000253856 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2020-04-04 23:43 - 2017-05-04 05:17 - 000252872 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2020-04-04 23:43 - 2017-05-04 05:16 - 001965808 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2020-04-04 23:43 - 2017-05-04 05:16 - 000327448 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2020-04-04 23:43 - 2017-05-04 05:16 - 000272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2020-04-04 23:43 - 2017-05-04 05:15 - 007172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2020-04-04 23:43 - 2017-05-04 05:15 - 003786704 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
2020-04-04 23:43 - 2017-05-04 05:15 - 002050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2020-04-04 23:43 - 2017-05-04 05:15 - 000203552 _____ (Waves Audio) C:\Windows\system32\MaxxAudioVienna264.dll
2020-04-04 23:43 - 2017-05-04 05:14 - 007096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2020-04-04 23:43 - 2017-05-04 05:14 - 000122312 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2020-04-04 23:43 - 2016-09-22 13:55 - 002839520 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2020-04-04 23:39 - 2020-04-04 23:46 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-04-04 23:39 - 2020-04-04 23:39 - 000001536 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2020-04-04 23:37 - 2020-04-04 23:37 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2020-04-04 23:37 - 2020-04-04 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2020-04-04 23:37 - 2020-04-04 23:37 - 000000000 ____D C:\Program Files (x86)\AMD
2020-04-04 23:35 - 2020-04-04 23:36 - 000000000 ____D C:\Windows\LastGood.Tmp
2020-04-04 23:35 - 2020-04-04 23:35 - 000000000 ____D C:\Users\tracy\AppData\Roaming\ATI
2020-04-04 23:35 - 2020-04-04 23:35 - 000000000 ____D C:\Users\tracy\AppData\Local\ATI
2020-04-04 23:35 - 2020-04-04 23:35 - 000000000 ____D C:\ProgramData\ATI
2020-04-04 23:35 - 2020-04-04 23:35 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2020-04-04 23:34 - 2020-04-04 23:34 - 000000000 ____D C:\Users\tracy\AppData\Local\RadeonInstaller
2020-04-04 22:56 - 2020-04-04 23:12 - 559913072 _____ (Dell Inc.) C:\Users\tracy\Downloads\AMD-Radeon-R2-R3-R4-R5-R6-and-AMD-Radeon-R5-M335_0WMC2_WIN_17.100.2901_A06.EXE
2020-04-04 22:54 - 2020-04-04 22:58 - 283765456 _____ (Dell Inc.) C:\Users\tracy\Downloads\Realtek-High-Definition-Audio-Driver_51T6N_WIN_6.0.1.8142_A07_01.EXE
2020-04-04 22:53 - 2020-04-04 23:45 - 000000000 ____D C:\ProgramData\PCDr
2020-04-04 22:52 - 2020-04-04 23:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-04-04 22:52 - 2020-04-04 22:52 - 000000000 ____D C:\Dell
2020-04-04 22:52 - 2020-04-04 22:52 - 000000000 _____ C:\Windows\invcol.tmp
2020-04-04 22:50 - 2020-04-04 23:34 - 000000000 ____D C:\ProgramData\Dell
2020-04-04 22:50 - 2020-04-04 22:52 - 000000000 ____D C:\Program Files\Dell
2020-04-04 22:50 - 2020-04-04 22:50 - 000003918 _____ C:\Windows\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2020-04-04 22:50 - 2020-04-04 22:50 - 000000000 ____D C:\Users\tracy\AppData\Local\Dell Inc
2020-04-04 22:50 - 2020-04-04 22:50 - 000000000 ____D C:\ProgramData\Dell Inc
2020-04-04 22:50 - 2020-04-04 22:50 - 000000000 ____D C:\Program Files (x86)\Dell
2020-04-04 22:49 - 2020-04-04 22:50 - 000000000 ____D C:\ProgramData\SupportAssist
2020-04-04 22:49 - 2020-04-04 22:49 - 000521552 _____ (Dell Inc.) C:\Users\tracy\Downloads\SupportAssistLauncher.exe
2020-04-04 15:06 - 2020-04-04 15:06 - 007124070 _____ C:\Users\tracy\Downloads\Pt_Henry_Cafe_Building.rvt_2020-Apr-04_05-05-56AM.zip
2020-04-04 15:06 - 2020-04-04 15:06 - 005251312 _____ C:\Users\tracy\Downloads\Pt_Henry_Cafe_Building.rvt_2020-Apr-04_05-06-15AM.zip
2020-04-04 15:05 - 2020-04-04 15:05 - 005130633 _____ C:\Users\tracy\Downloads\Pt_Henry_Cafe_Building.rvt_2020-Apr-04_05-05-13AM.zip
2020-04-04 15:05 - 2020-04-04 15:05 - 004744799 _____ C:\Users\tracy\Downloads\Pt_Henry_Cafe_Building.rvt_2020-Apr-04_05-05-37AM.zip
2020-04-04 15:04 - 2020-04-04 15:05 - 005130633 _____ C:\Users\tracy\Downloads\Pt_Henry_Cafe_Building.rvt_2020-Apr-04_05-04-49AM.zip
2020-04-04 15:02 - 2020-04-04 15:02 - 021513749 _____ C:\Users\tracy\Downloads\Pt_Henry_Cafe_Building.rvt_2020-Apr-04_05-01-52AM.zip
2020-04-04 14:53 - 2020-04-04 14:53 - 004744799 _____ C:\Users\tracy\Downloads\Pt_Henry_Cafe_Building.rvt_2020-Apr-04_04-52-52AM.zip
2020-04-04 02:34 - 2020-04-04 02:37 - 000080544 _____ C:\Users\tracy\Downloads\MTB.txt
2020-04-04 02:32 - 2020-04-04 02:32 - 000892416 _____ (Farbar) C:\Users\tracy\Downloads\MiniToolBox.exe
2020-04-04 02:24 - 2020-04-04 02:24 - 000000858 _____ C:\Users\tracy\Desktop\LatencyMon.lnk
2020-04-04 02:24 - 2020-04-04 02:24 - 000000846 _____ C:\Users\tracy\Desktop\In Depth Latency Tests.lnk
2020-04-04 02:16 - 2020-04-04 02:16 - 000075455 _____ C:\Users\tracy\Desktop\DxDiag.txt
2020-04-04 01:56 - 2020-04-04 02:24 - 000000000 ____D C:\Program Files\LatencyMon
2020-04-04 01:56 - 2020-04-04 01:56 - 002323432 _____ (Resplendence Software Projects Sp. ) C:\Users\tracy\Downloads\LatencyMon.exe
2020-04-04 01:56 - 2015-07-13 10:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys
2020-04-04 01:43 - 2020-04-04 01:53 - 000139965 _____ C:\Users\tracy\Desktop\RIFFRAFFDELL.txt
2020-04-04 01:41 - 2020-04-04 01:41 - 000015068 _____ C:\junk.txt
2020-04-04 01:37 - 2020-04-04 01:37 - 000022242 _____ C:\Users\tracy\Desktop\Registry.txt
2020-04-04 01:32 - 2020-04-04 01:32 - 000036192 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2020-04-04 00:28 - 2020-04-04 00:28 - 000339968 _____ C:\Users\tracy\Downloads\john-cullen-lighting_lucca-led-uplight-downlight-and-steplight_bim_0_lucca.rfa
2020-04-03 01:59 - 2020-04-03 01:59 - 000000000 ____D C:\Windows\ShellComponents
2020-04-02 16:37 - 2020-04-02 16:37 - 006889184 _____ (Piriform Ltd) C:\Users\tracy\Downloads\spsetup132.exe
2020-04-02 16:37 - 2020-04-02 16:37 - 000000840 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-04-02 16:37 - 2020-04-02 16:37 - 000000840 _____ C:\ProgramData\Desktop\Speccy.lnk
2020-04-02 16:37 - 2020-04-02 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-04-02 16:37 - 2020-04-02 16:37 - 000000000 ____D C:\Program Files\Speccy
2020-04-02 15:46 - 2020-04-02 15:46 - 000491388 _____ C:\Users\tracy\Downloads\bookmarks.html
2020-04-01 22:32 - 2020-04-01 22:32 - 000303104 _____ C:\Users\tracy\Downloads\Helical_BUlb_7503.rfa
2020-04-01 22:32 - 2020-04-01 22:32 - 000278528 _____ C:\Users\tracy\Downloads\Bulb_Fiction_Pendant_15732.rfa
2020-04-01 16:16 - 2020-04-01 16:16 - 000327680 _____ C:\Users\tracy\Downloads\Zombie_Thug_20372.rfa
2020-04-01 16:12 - 2020-04-01 16:12 - 000327680 _____ C:\Users\tracy\Downloads\Zombie_Thug_20373.rfa
2020-03-31 21:47 - 2020-03-31 21:47 - 000137978 _____ C:\Users\tracy\Downloads\Animal-Surrender-Form.pdf
2020-03-31 21:47 - 2020-03-31 21:47 - 000105661 _____ C:\Users\tracy\Downloads\Street-Furniture-Application.pdf
2020-03-31 21:46 - 2020-03-31 21:46 - 000250537 _____ C:\Users\tracy\Downloads\Livestock-Grazing-Application-Form.pdf
2020-03-31 21:46 - 2020-03-31 21:46 - 000209183 _____ C:\Users\tracy\Downloads\Livestock-Grazing-in-Drought-Conditions-Application-Form.pdf
2020-03-31 21:46 - 2020-03-31 21:46 - 000052271 _____ C:\Users\tracy\Downloads\Excessive_Animals_Application_other_than_cats__dogs.pdf
2020-03-30 22:31 - 2020-03-30 22:35 - 1054938573 _____ C:\Users\tracy\Downloads\Dogs In Space - 1986 with Michael Hutchence [720p].mp4
2020-03-30 02:52 - 2020-03-30 02:52 - 000012281 _____ C:\Users\tracy\Downloads\Forrest-Facebook.mp4
2020-03-30 02:51 - 2020-03-30 02:51 - 000731266 _____ C:\Users\tracy\Downloads\Tracy-Wilson.mp4
2020-03-30 02:43 - 2020-03-30 02:43 - 006631103 _____ C:\Users\tracy\Downloads\Forrest Facebook.html
2020-03-30 02:43 - 2020-03-30 02:43 - 000000000 ____D C:\Users\tracy\Downloads\Forrest Facebook_files
2020-03-29 23:09 - 2020-03-29 23:09 - 000171698 _____ C:\Users\tracy\Downloads\invoice_52237175.pdf
2020-03-29 23:09 - 2020-03-29 23:09 - 000171685 _____ C:\Users\tracy\Downloads\invoice_51603010(1).pdf
2020-03-29 23:09 - 2020-03-29 23:09 - 000156126 _____ C:\Users\tracy\Downloads\invoice_52264923.pdf
2020-03-29 23:09 - 2020-03-29 23:09 - 000156126 _____ C:\Users\tracy\Downloads\invoice_52264923(1).pdf
2020-03-28 14:25 - 2020-03-28 14:25 - 000424891 _____ C:\Users\tracy\Downloads\LO-4F6767354P20A_FT.pdf
2020-03-28 03:11 - 2020-03-28 03:11 - 002070180 _____ C:\Users\tracy\Downloads\inspiron-15-5555-laptop_reference guide_en-us.pdf
2020-03-27 18:43 - 2020-03-27 18:43 - 000731266 _____ C:\Users\tracy\Downloads\(1)-Tracy-Wilson--Tracy-Wilson-shared-a-memory--with-Lukas-Michael....mp4
2020-03-27 15:38 - 2020-03-27 15:38 - 014562400 _____ (ESET spol. s r.o.) C:\Users\tracy\Downloads\esetonlinescanner_enu.exe
2020-03-27 15:38 - 2020-03-27 15:38 - 002660528 _____ (Trend Micro Inc.) C:\Users\tracy\Downloads\HousecallLauncher64.exe
2020-03-27 15:38 - 2020-03-27 15:38 - 000000772 _____ C:\Users\tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-03-27 02:00 - 2020-03-27 02:00 - 000221184 _____ C:\Users\tracy\Downloads\Fully_Parametric_Mirror_wboarder_12026.rfa
2020-03-26 19:18 - 2020-03-26 19:18 - 000007606 _____ C:\Users\tracy\AppData\Local\Resmon.ResmonCfg
2020-03-26 12:15 - 2020-03-26 12:15 - 000234304 _____ C:\Users\tracy\Downloads\CrucialScan.exe
2020-03-26 12:04 - 2020-03-26 12:04 - 000172032 _____ C:\Users\tracy\Downloads\Skylight_7801400_10187.rfa
2020-03-26 11:28 - 2020-03-26 11:28 - 000159744 _____ C:\Users\tracy\Downloads\skylight_3835.rfa
2020-03-26 11:26 - 2020-03-26 11:26 - 000132096 _____ C:\Users\tracy\Downloads\Generic_Skylight_Component_1900.rfa
2020-03-26 00:25 - 2020-03-26 00:25 - 000504110 _____ C:\Users\tracy\Downloads\NBS_VisionAGILtd_FrmdRflghts_TheOpeningRoofWindow_Electric_Revit(1).zip
2020-03-26 00:16 - 2020-03-26 00:16 - 000504110 _____ C:\Users\tracy\Downloads\NBS_VisionAGILtd_FrmdRflghts_TheOpeningRoofWindow_Electric_Revit.zip
2020-03-26 00:11 - 2020-03-26 00:11 - 003655574 _____ C:\Users\tracy\Downloads\NBS_VeluxCompanyLtd_FrmdRflghts_Longlight5-25_Revit.zip
2020-03-26 00:09 - 2020-03-26 00:09 - 000663903 _____ C:\Users\tracy\Downloads\_NBS_VisionAGILtd_FrmdRflghts_TheMultiPanelRooflightWithOpeningSections_Revit.zip
2020-03-25 23:41 - 2020-03-25 23:41 - 001450413 _____ C:\Users\tracy\Downloads\NBS_GlazingVisionLtd_FrmdRflghts_SkyhatchElectricRooflight_Revit.zip
2020-03-25 23:41 - 2020-03-25 23:41 - 000684375 _____ C:\Users\tracy\Downloads\_NBS_VisionAGILtd_FrmdRflghts_TheFramelessMultiPanelRooflight_Fixed_Revit.zip
2020-03-25 21:30 - 2020-03-25 21:30 - 001526258 _____ C:\Users\tracy\Downloads\NBS_GlazingVisionLtd_FrmdRflghts_VisionVentPoweredOperationRooflight_Revit.zip
2020-03-25 19:13 - 2020-03-25 19:13 - 001688002 _____ C:\Users\tracy\Downloads\NBS_VeluxCompanyLtd_WoodFrmRfWndwUnits_GDL_Cabrio_Revit.zip
2020-03-24 22:43 - 2020-03-24 22:43 - 000171557 _____ C:\Users\tracy\Downloads\invoice_51574902.pdf
2020-03-24 22:35 - 2020-03-24 22:35 - 000171685 _____ C:\Users\tracy\Downloads\invoice_51603010.pdf
2020-03-24 19:11 - 2020-03-24 19:11 - 000801330 _____ C:\Users\tracy\Downloads\SEW__11198743_20200324.pdf
2020-03-24 01:49 - 2020-03-24 01:49 - 000027855 _____ C:\Users\tracy\Downloads\HWEND4N0.pat
2020-03-24 01:49 - 2020-03-24 01:49 - 000024035 _____ C:\Users\tracy\Downloads\HWEND2N0.pat
2020-03-24 01:49 - 2020-03-24 01:49 - 000018536 _____ C:\Users\tracy\Downloads\HWOOD8E1.pat
2020-03-24 01:48 - 2020-03-24 01:48 - 000077464 _____ C:\Users\tracy\Downloads\HWOOD6E1.pat
2020-03-23 03:41 - 2020-03-23 03:41 - 001052672 _____ C:\Users\tracy\Downloads\Door_Barn_Cube.rfa
2020-03-22 16:59 - 2020-03-22 16:59 - 002786263 _____ C:\Users\tracy\Downloads\ScarletFever.pdf
2020-03-21 21:34 - 2020-03-21 21:34 - 003538944 _____ C:\Users\tracy\Downloads\hewi_push_pull_handle_set_162xadg06.rfa
2020-03-21 21:06 - 2020-03-21 21:06 - 000401408 _____ C:\Users\tracy\Downloads\Doors-Hardware- BRICARD-BRC010119.rfa
2020-03-21 20:45 - 2020-03-21 20:45 - 002183168 _____ C:\Users\tracy\Downloads\Doors_Sliding_Avanti_Systems_Eclipse-Sliding-Single-Glass-Barn-Doors-Dbl-Glazed.rfa
2020-03-21 20:43 - 2020-03-21 20:43 - 000004990 _____ C:\Users\tracy\Downloads\Doors_Sliding_Avanti_Systems_Eclipse-Sliding-Pair-Glass-Barn-Doors-Sgl-Glazed.txt
2020-03-21 20:43 - 2020-03-21 20:43 - 000004986 _____ C:\Users\tracy\Downloads\Doors_Sliding_Avanti_Systems_Eclipse-Sliding-Pair-Glass-Barn-Doors-Dbl-Glazed.txt
2020-03-20 18:50 - 2020-03-20 18:50 - 001126151 _____ C:\Users\tracy\Downloads\Act-1937-031(2).pdf
2020-03-20 18:50 - 2020-03-20 18:50 - 000571051 _____ C:\Users\tracy\Downloads\11AC041.pdf
2020-03-20 18:46 - 2020-03-20 18:46 - 000648126 _____ C:\Users\tracy\Downloads\act-1937-031(1).pdf
2020-03-20 18:44 - 2020-03-20 18:44 - 000648126 _____ C:\Users\tracy\Downloads\act-1937-031.pdf
2020-03-20 18:05 - 2020-03-20 18:05 - 002908426 _____ C:\Users\tracy\Downloads\act-2005-048.pdf
2020-03-19 21:32 - 2020-03-19 21:35 - 067641044 _____ (BIM&CO ) C:\Users\tracy\Downloads\BACUniversalInstaller.exe
2020-03-19 18:21 - 2020-03-19 18:21 - 000381966 _____ C:\Users\tracy\Downloads\dd_080909.pdf
2020-03-19 18:21 - 2020-03-19 18:21 - 000381966 _____ C:\Users\tracy\Downloads\dd_080909(1).pdf
2020-03-19 00:42 - 2020-03-19 00:42 - 000000000 ____D C:\Users\tracy\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
2020-03-19 00:26 - 2020-03-19 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProdLib
2020-03-19 00:08 - 2020-03-19 00:08 - 000000000 ____D C:\Program Files\Bimandco
2020-03-19 00:07 - 2020-03-19 00:08 - 066524335 _____ (BIM&CO ) C:\Users\tracy\Downloads\BACUniversalInstaller3-1_30.exe
2020-03-19 00:06 - 2020-03-19 00:07 - 098124696 _____ (ProdLib Oy ) C:\Users\tracy\Downloads\ProdLibSetup.exe
2020-03-18 23:06 - 2020-03-18 23:06 - 006270329 _____ C:\Users\tracy\Downloads\Renders.zip
2020-03-17 23:49 - 2020-03-17 23:49 - 000696320 _____ C:\Users\tracy\Downloads\BRUCK_VA_CALO_SPOTII_10484.rfa
2020-03-17 23:11 - 2020-03-17 23:12 - 000299008 _____ C:\Users\tracy\Downloads\3D_Tree_-_Acacia_8161.rfa
2020-03-17 16:47 - 2020-04-03 17:09 - 000512000 _____ C:\Users\tracy\Downloads\Cube_Pendant_10985.rfa
2020-03-17 16:47 - 2020-04-01 15:44 - 000503808 _____ C:\Users\tracy\Downloads\Cube_Pendant_10985.0004.rfa
2020-03-17 16:47 - 2020-04-01 03:00 - 000495616 _____ C:\Users\tracy\Downloads\Cube_Pendant_10985.0003.rfa
2020-03-17 16:47 - 2020-03-31 22:38 - 000491520 _____ C:\Users\tracy\Downloads\Cube_Pendant_10985.0002.rfa
2020-03-17 16:13 - 2020-03-17 16:13 - 001519616 _____ C:\Users\tracy\Downloads\Lighting-Pendant_Mount-Tech_Lighting-K-HELLO.rfa
2020-03-17 16:12 - 2020-03-17 16:12 - 000000000 ____D C:\Windows\SysWOW64\Skins
2020-03-17 16:12 - 2020-03-17 16:12 - 000000000 ____D C:\Windows\SysWOW64\Sfxs
2020-03-17 16:12 - 2020-03-17 16:12 - 000000000 ____D C:\Windows\SysWOW64\lang
2020-03-17 16:12 - 2020-03-17 16:12 - 000000000 ____D C:\Windows\SysWOW64\Icons
2020-03-17 16:12 - 2020-03-17 16:12 - 000000000 ____D C:\Windows\SysWOW64\HELP
2020-03-17 16:12 - 2020-03-17 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2020-03-17 16:12 - 2020-03-17 16:12 - 000000000 ____D C:\ProgramData\Ashampoo
2020-03-17 16:12 - 2020-03-17 16:12 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2020-03-17 16:01 - 2020-03-17 16:01 - 027248072 _____ (Ashampoo GmbH & Co. KG ) C:\Users\tracy\Downloads\ashampoo_zip_free_18811.exe
2020-03-17 15:57 - 2020-03-17 15:57 - 000000000 ____D C:\Users\tracy\Desktop\Scene 1x4 Recessed - [SCE_SCEM]
2020-03-17 15:56 - 2020-03-17 15:56 - 000287635 _____ C:\Users\tracy\Downloads\Scene 1x4 Recessed - [SCE_SCEM].zip
2020-03-17 15:52 - 2020-03-17 15:52 - 000000000 ____D C:\Users\tracy\Desktop\Lumaris LED Linear Lighting(1)
2020-03-17 01:31 - 2020-03-17 01:31 - 000574347 _____ C:\Users\tracy\Downloads\Lumaris LED Linear Lighting(1).zip
2020-03-17 01:30 - 2020-03-17 01:30 - 000574347 _____ C:\Users\tracy\Downloads\Lumaris LED Linear Lighting.zip
2020-03-17 01:26 - 2020-03-17 01:26 - 000515437 _____ C:\Users\tracy\Downloads\G2 Linear Cove Light.zip
2020-03-17 01:20 - 2020-03-17 01:20 - 000487424 _____ C:\Users\tracy\Downloads\Decorative_Pendant_Light_15411.rfa
2020-03-17 00:43 - 2020-03-17 00:43 - 000618496 _____ C:\Users\tracy\Downloads\Chandelier_-_Rectangular_-_Murray_Feiss_18408.rfa
2020-03-17 00:42 - 2020-03-17 00:43 - 000458752 _____ C:\Users\tracy\Downloads\Chandelier_17198.rfa
2020-03-16 21:10 - 2020-03-16 21:12 - 486050279 _____ C:\Users\tracy\Downloads\3D-Revit-files.zip
2020-03-16 20:44 - 2020-03-16 20:44 - 000315392 _____ C:\Users\tracy\Downloads\Double_Hung_Window_with_Optional_Trim_5367.rfa
2020-03-16 17:10 - 2020-03-23 05:40 - 000368640 _____ C:\Users\tracy\Downloads\fixed_trapezoidal_window_11265.rfa
2020-03-16 17:10 - 2020-03-16 21:14 - 000323584 _____ C:\Users\tracy\Downloads\fixed_trapezoidal_window_11265.0002.rfa
2020-03-16 17:10 - 2020-03-16 17:10 - 000266240 _____ C:\Users\tracy\Downloads\fixed_trapezoidal_window_11265.0001.rfa
2020-03-16 17:10 - 2020-03-16 17:10 - 000117248 _____ C:\Users\tracy\Downloads\Fixed_Round_Top_921.rfa
2020-03-16 17:09 - 2020-03-16 17:09 - 000108544 _____ C:\Users\tracy\Downloads\Double_Quarter_Round_Top_918.rfa
2020-03-16 17:05 - 2020-03-16 17:05 - 000278528 _____ C:\Users\tracy\Downloads\Strip_Roof_Lighting_6174.rfa
2020-03-16 17:04 - 2020-03-26 12:03 - 000212992 _____ C:\Users\tracy\Downloads\Simple_adjustable_skylight_8300.rfa
2020-03-16 17:04 - 2020-03-16 17:04 - 000200704 _____ C:\Users\tracy\Downloads\SkyLite_2861.rfa
2020-03-16 17:03 - 2020-03-16 17:03 - 000184320 _____ C:\Users\tracy\Downloads\Roof_window_VELUX_C04_3663.rfa
2020-03-16 17:02 - 2020-03-26 11:22 - 000090112 _____ C:\Users\tracy\Downloads\Operable_Skylight_911.rfa
2020-03-16 17:02 - 2020-03-16 17:02 - 000000000 _____ C:\Users\tracy\Downloads\Multiple_Pyramid_Skylights_in_a_Common_Frame_1x_any_amount_of_units_14444.rfa
2020-03-16 17:01 - 2020-03-16 17:01 - 000737280 _____ C:\Users\tracy\Downloads\Adjustable_Skylights_in_a_Common_Frame-_4x4_Unit-_Updated_15221.rfa
2020-03-16 16:59 - 2020-03-16 16:59 - 007246656 _____ C:\Users\tracy\Downloads\woven_image_mura_dune_9997_revit_modlar.zip
2020-03-16 16:58 - 2020-03-16 16:58 - 002462756 _____ C:\Users\tracy\Downloads\woven_image_echopanel_10020_revit_modlar.zip
2020-03-16 16:57 - 2020-03-16 16:57 - 003293583 _____ C:\Users\tracy\Downloads\woven_image_echopanel_10319_revit_modlar.zip
2020-03-16 00:46 - 2020-03-16 00:46 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-03-16 00:46 - 2020-03-16 00:46 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-16 00:46 - 2020-03-16 00:46 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-03-16 00:46 - 2020-03-16 00:46 - 006520776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-16 00:46 - 2020-03-16 00:46 - 004563416 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-03-16 00:46 - 2020-03-16 00:46 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-03-16 00:46 - 2020-03-16 00:46 - 001398584 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-03-16 00:46 - 2020-03-16 00:46 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-03-16 00:46 - 2020-03-16 00:46 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-16 00:46 - 2020-03-16 00:46 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-03-16 00:46 - 2020-03-16 00:46 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-15 17:16 - 2020-03-15 17:16 - 000132837 _____ C:\Users\tracy\Downloads\coronavirus-covid-19-isolation-guidance(2).pdf
2020-03-15 13:47 - 2020-03-15 13:47 - 000401408 _____ C:\Users\tracy\Downloads\Outdoor_Dining_Chair_-_Seaside_Casual_quotCharleston_Side_Chairquot_20663.rfa
2020-03-15 13:33 - 2020-03-15 13:33 - 000462848 _____ C:\Users\tracy\Downloads\Outdoor_Bar_Chair_-_Seaside_Casual_quotCharleston_Bar_Chairquot_20664.rfa
2020-03-15 13:28 - 2020-04-06 00:49 - 000372736 _____ C:\Users\tracy\Downloads\Square_Dining_Table_17923.rfa
2020-03-15 13:28 - 2020-03-15 13:28 - 000372736 _____ C:\Users\tracy\Downloads\Square_Dining_Table_17923.0001.rfa
2020-03-14 23:47 - 2020-03-15 01:46 - 000417792 _____ C:\Users\tracy\Downloads\Couch_-_Soft_Bench_Berto_Salotti_9473.rfa
2020-03-14 23:47 - 2020-03-14 23:47 - 000266240 _____ C:\Users\tracy\Downloads\Couch_-_Soft_Bench_Berto_Salotti_9473.0001.rfa
2020-03-14 22:47 - 2020-03-14 22:47 - 000507904 _____ C:\Users\tracy\Downloads\Metal_Shelves_4135.rfa
2020-03-14 21:07 - 2020-03-14 21:07 - 000311296 _____ C:\Users\tracy\Downloads\Bar_StoolCocktail_19349.rfa
2020-03-14 20:33 - 2020-03-14 20:33 - 000311296 _____ C:\Users\tracy\Downloads\ADA_Handrail_20313.rfa
2020-03-14 19:41 - 2020-03-14 19:41 - 000315392 _____ C:\Users\tracy\Downloads\Cabinet_handle_12374.rfa
2020-03-14 19:07 - 2020-04-01 23:25 - 000471040 _____ C:\Users\tracy\Downloads\Pocket_Slider_Door_5851.rfa
2020-03-14 19:07 - 2020-03-21 21:42 - 000471040 _____ C:\Users\tracy\Downloads\Pocket_Slider_Door_5851.0004.rfa
2020-03-14 19:07 - 2020-03-16 23:17 - 000471040 _____ C:\Users\tracy\Downloads\Pocket_Slider_Door_5851.0003.rfa
2020-03-14 19:07 - 2020-03-14 20:38 - 000442368 _____ C:\Users\tracy\Downloads\Pocket_Slider_Door_5851.0002.rfa
2020-03-14 19:05 - 2020-03-14 19:05 - 000585728 _____ C:\Users\tracy\Downloads\Pocket_Door_20151.rfa
2020-03-14 18:42 - 2020-03-14 18:42 - 000282624 _____ C:\Users\tracy\Downloads\Booth_Standard_Corner_9036.rfa
2020-03-14 18:41 - 2020-03-14 18:41 - 000249856 _____ C:\Users\tracy\Downloads\Corner_Booth_w_Pad_4427.rfa
2020-03-14 18:29 - 2020-03-14 18:29 - 000466944 _____ C:\Users\tracy\Downloads\Booth_with_Curved_Top_single.rfa
2020-03-14 18:28 - 2020-03-14 18:28 - 002531328 _____ C:\Users\tracy\Downloads\Bar_restaurant_16073.rfa
2020-03-14 18:28 - 2020-03-14 18:28 - 000458752 _____ C:\Users\tracy\Downloads\4_Top_Round_3039_Diameter_Fast_Food_Restaurant_Table_amp_Chairs_15017.rfa
2020-03-14 18:26 - 2020-03-14 18:26 - 000233472 _____ C:\Users\tracy\Downloads\Booth_w_Pad_4428.rfa
2020-03-14 18:16 - 2020-03-14 18:16 - 000303104 _____ C:\Users\tracy\Downloads\Wall_mounted_shelves__shelf_16692.rfa
2020-03-14 13:18 - 2020-03-14 13:18 - 000801330 _____ C:\Users\tracy\Downloads\SEW__11198743_20200314(1).pdf
2020-03-14 01:16 - 2020-03-14 01:16 - 000606208 _____ C:\Users\tracy\Downloads\Sofa_6855.rfa
2020-03-14 00:32 - 2020-03-14 00:32 - 000909312 _____ C:\Users\tracy\Downloads\Ambulant_Disabled_WC_4001.rfa
2020-03-13 23:46 - 2020-03-13 23:46 - 000801330 _____ C:\Users\tracy\Downloads\SEW__11198743_20200314.pdf
2020-03-13 22:54 - 2020-03-13 22:54 - 000801330 _____ C:\Users\tracy\Downloads\SEW__11198743_20200313(1).pdf
2020-03-13 22:53 - 2020-03-13 22:53 - 000801330 _____ C:\Users\tracy\Downloads\SEW__11198743_20200313.pdf
2020-03-13 22:44 - 2020-03-13 22:44 - 001425408 _____ C:\Users\tracy\Downloads\Boat_-_Wake_board_ski_boat_13420.rfa
2020-03-13 22:43 - 2020-03-13 22:43 - 000290816 _____ C:\Users\tracy\Downloads\Boat_Lift_Assembly_18343.rfa
2020-03-13 20:09 - 2020-03-15 20:39 - 000557056 _____ C:\Users\tracy\Downloads\COALESSE_Metro_BIX_-_OccWrk_Booth_Table_Rect_7375.rfa
2020-03-13 20:09 - 2020-03-13 20:09 - 000450560 _____ C:\Users\tracy\Downloads\COALESSE_Metro_BIX_-_OccWrk_Booth_Table_Rect_7375.0001.rfa
2020-03-13 20:08 - 2020-03-13 20:08 - 000430080 _____ C:\Users\tracy\Downloads\Single_Booth_17921.rfa
2020-03-13 20:07 - 2020-03-13 20:07 - 000421888 _____ C:\Users\tracy\Downloads\Double_Booth_17922.rfa
2020-03-13 19:46 - 2020-04-01 22:34 - 000401408 _____ C:\Users\tracy\Downloads\Shelf_cubes_15524.rfa
2020-03-13 19:46 - 2020-03-13 19:46 - 000327680 _____ C:\Users\tracy\Downloads\Shelf_cubes_15524.0001.rfa
2020-03-13 19:29 - 2020-03-13 19:29 - 000454656 _____ C:\Users\tracy\Downloads\Modern_Garage_Door_19739.rfa
2020-03-13 19:28 - 2020-03-13 19:28 - 000266240 _____ C:\Users\tracy\Downloads\garage_door_8590.rfa
2020-03-13 19:27 - 2020-03-13 19:27 - 000954368 _____ C:\Users\tracy\Downloads\Garage_Door_12x14_with_windows_12763.rfa
2020-03-13 18:29 - 2020-03-13 18:29 - 000749568 _____ C:\Users\tracy\Downloads\Book_Display_9119.rfa
2020-03-13 17:46 - 2020-04-06 01:15 - 001200128 _____ C:\Users\tracy\Downloads\Cake_Display_Unit_-_Stivi_6181.rfa
2020-03-13 17:46 - 2020-04-05 16:32 - 001212416 _____ C:\Users\tracy\Downloads\Cake_Display_Unit_-_Stivi_6181.0004.rfa
2020-03-13 17:46 - 2020-04-04 00:17 - 001208320 _____ C:\Users\tracy\Downloads\Cake_Display_Unit_-_Stivi_6181.0003.rfa
2020-03-13 17:46 - 2020-03-19 03:30 - 001183744 _____ C:\Users\tracy\Downloads\Cake_Display_Unit_-_Stivi_6181.0002.rfa
2020-03-13 17:44 - 2020-03-13 17:44 - 001028096 _____ C:\Users\tracy\Downloads\Chilled_Multideck_Display_with_Chilled_Well_17434.rfa
2020-03-13 17:43 - 2020-03-13 17:43 - 000368640 _____ C:\Users\tracy\Downloads\Chilled_Multideck_Display_17378.rfa
2020-03-13 14:11 - 2020-03-13 14:11 - 000234594 _____ C:\Users\tracy\Downloads\10-64671-2-A_Specification_Sheet1.pdf
2020-03-13 14:10 - 2020-03-13 14:10 - 000203481 _____ C:\Users\tracy\Downloads\10-64672-2_SSheet.pdf
2020-03-13 13:15 - 2020-03-13 13:15 - 004078942 _____ C:\Users\tracy\Downloads\http___www.aphref.aph.gov.au_house_committee_laca_disabilitystandards_exhibits_exhibit09.pdf
2020-03-13 13:08 - 2020-03-13 13:08 - 000074523 _____ C:\Users\tracy\Downloads\http___www.aphref.aph.gov.au_house_committee_laca_disabilitystandards_exhibits_exhibit02.pdf
2020-03-13 10:47 - 2020-03-13 10:48 - 000003032 _____ C:\Users\tracy\Downloads\HWOOD7E1.pat
2020-03-13 01:03 - 2020-03-13 01:04 - 000208896 _____ C:\Users\tracy\Downloads\Coffee_Table_-_Mulit-Level_Colored_Glass_9320.rfa
2020-03-13 01:03 - 2020-03-13 01:03 - 002011136 _____ C:\Users\tracy\Downloads\Colored_Tetris_Shelves_4446.rvt
2020-03-12 01:44 - 2020-03-12 01:46 - 000266240 _____ C:\Users\tracy\Downloads\Deli_Display_Case_4147.rfa
2020-03-12 01:44 - 2020-03-12 01:44 - 000111104 _____ C:\Users\tracy\Downloads\Display_Case_462.rfa
2020-03-12 01:41 - 2020-03-12 01:41 - 000372736 _____ C:\Users\tracy\Downloads\Display_Case_10925.rfa
2020-03-12 01:15 - 2020-03-12 01:15 - 001093632 _____ C:\Users\tracy\Downloads\Kitchen_Counter_with_Base_Cabinets_16596.rfa
2020-03-12 01:13 - 2020-03-12 01:51 - 000360448 _____ C:\Users\tracy\Downloads\Bar_Counter_14938.rfa
2020-03-12 01:13 - 2020-03-12 01:14 - 000454656 _____ C:\Users\tracy\Downloads\Reception_Counter_15497.rfa
2020-03-12 01:13 - 2020-03-12 01:13 - 000290816 _____ C:\Users\tracy\Downloads\Bar_Counter_14938.0001.rfa
2020-03-11 20:35 - 2020-03-11 20:35 - 025900544 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 022635008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 019812352 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 018027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 011607552 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 007755776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 007259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 006285312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 005911040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 004855808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 004580352 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 004348408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 004129648 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 003819520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 003488768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 003243296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 002956688 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-03-11 20:35 - 2020-03-11 20:35 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-03-11 20:35 - 2020-03-11 20:35 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 002315680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 002224952 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 002072664 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001867816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001770552 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001490640 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001283600 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2020-03-11 20:35 - 2020-03-11 20:35 - 001282944 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001273856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001218632 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-03-11 20:35 - 2020-03-11 20:35 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001108040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001012792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 001000960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000757632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000510768 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2020-03-11 20:35 - 2020-03-11 20:35 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-03-11 20:35 - 2020-03-11 20:35 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-03-11 20:35 - 2020-03-11 20:35 - 000097080 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000042296 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2020-03-11 20:35 - 2020-03-11 20:35 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-03-11 20:35 - 2020-03-11 20:35 - 000032056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2020-03-11 20:35 - 2020-03-11 20:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-11 20:35 - 2020-03-11 20:35 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
2020-03-11 20:35 - 2020-03-11 20:35 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-03-11 20:35 - 2020-03-11 20:35 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-03-11 20:35 - 2020-03-11 20:35 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-03-11 20:34 - 2020-03-11 20:34 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 006436352 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 006084344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 005112832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 004140544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 004048896 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 003971808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 003799552 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 003728896 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 003552768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 003371720 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 002875904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 002773568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002768440 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002740736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directml.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002698040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 002584008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002307584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002259872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002087376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 002021888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001999952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001985104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001972536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001823232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001757304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-11 20:34 - 2020-03-11 20:34 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001688064 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001684992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001665416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001657120 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001609216 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001513040 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 001484600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001482040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001412096 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001396152 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001394168 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-03-11 20:34 - 2020-03-11 20:34 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001264128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001260544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpsharercom.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001260480 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001190912 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001071184 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 001054376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001031680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 001007672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000983896 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000974848 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000935040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000929144 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000921088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000892696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000877232 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000845312 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000838144 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000796904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000776488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000769552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000748032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000741392 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000734720 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000678912 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000668296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000638464 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000627216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000605896 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000599552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000551824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000526848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000522384 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000478792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-11 20:34 - 2020-03-11 20:34 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000457016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2020-03-11 20:34 - 2020-03-11 20:34 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000353960 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000320312 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000263168 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000260920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000248064 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000234984 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000221200 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000213984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000210744 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000201744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000181248 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000165504 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000164776 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000137216 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000136328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\omadmapi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000133944 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000133256 _____ (Microsoft Corporation) C:\Windows\system32\profapi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000120560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000120048 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Taskbar.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000107832 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GraphicsCapture.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000105832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000102760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000098104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000089616 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000089568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000068408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000063288 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000042336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afunix.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afunix.sys
2020-03-11 20:34 - 2020-03-11 20:34 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\wci.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\msauserext.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msauserext.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\LaunchTM.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchTM.exe
2020-03-11 20:34 - 2020-03-11 20:34 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCertResources.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tier2punctuations.dll
2020-03-11 20:34 - 2020-03-11 20:34 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-03-11 20:34 - 2020-03-11 20:34 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-03-11 20:34 - 2020-03-11 20:34 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-03-11 20:34 - 2020-03-11 20:34 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-03-11 20:34 - 2020-03-11 20:34 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-03-11 20:34 - 2020-03-11 20:34 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-03-11 20:34 - 2020-03-11 20:34 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-03-11 20:34 - 2020-03-11 20:34 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-03-11 20:34 - 2020-03-11 20:34 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-03-11 20:33 - 2020-03-11 20:33 - 007905784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 004622280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 004471296 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 003587896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 003260928 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 003143168 _____ (Microsoft Corporation) C:\Windows\system32\directml.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 002870272 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 002808832 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 002715648 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 002522112 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 002474496 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 002157056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001762304 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001581056 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001481216 _____ (Microsoft Corporation) C:\Windows\system32\rdpsharercom.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001428992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 001092096 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 001027000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000945384 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000914944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000908504 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000833616 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000649728 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000642216 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2020-03-11 20:33 - 2020-03-11 20:33 - 000531768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2020-03-11 20:33 - 2020-03-11 20:33 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000429880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000355000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000337920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Acx01000.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000306696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountCloudAP.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000250896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2dp.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000224056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000222520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000208696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000199992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000183608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000180232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000174592 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000174392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000151568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000146712 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\GraphicsCapture.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000141840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUser.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000128312 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2020-03-11 20:33 - 2020-03-11 20:33 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000067112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000066336 _____ (Microsoft Corporation) C:\Windows\system32\wlrmdr.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000056632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\MSAProfileNotificationHandler.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000048256 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthMini.SYS
2020-03-11 20:33 - 2020-03-11 20:33 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000030008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000029712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tbs.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000028936 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\autopilotdiag.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000019984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\mpnotify.exe
2020-03-11 20:33 - 2020-03-11 20:33 - 000016912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2020-03-11 20:33 - 2020-03-11 20:33 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000003584 _____ (Microsoft Corporation) C:\Windows\system32\TpmCertResources.dll
2020-03-11 20:33 - 2020-03-11 20:33 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUserRes.dll
2020-03-11 20:16 - 2020-02-11 14:48 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-03-11 20:16 - 2020-02-11 14:37 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-03-11 17:12 - 2020-03-11 17:12 - 000123006 _____ C:\Users\tracy\Downloads\44cfba3e4a2f907e43830c5221960d5a.jfif
2020-03-11 02:50 - 2020-03-11 02:50 - 000880640 _____ C:\Users\tracy\Downloads\Parametric_Porcelain_bathroom_sink_20774.rfa
2020-03-10 16:25 - 2020-03-10 17:38 - 000651264 _____ C:\Users\tracy\Downloads\Window_Paradigm_Eyebrow.rfa
2020-03-10 16:25 - 2020-03-10 16:25 - 000700416 _____ C:\Users\tracy\Downloads\Window_Paradigm_Eyebrow.0001.rfa
2020-03-10 16:15 - 2020-03-10 16:15 - 000778240 _____ C:\Users\tracy\Downloads\Sanitary_Accessories_Cosmic_ARCHITECT-Hinged-Grab-Bar.rfa
2020-03-10 15:41 - 2020-03-10 15:42 - 008414897 _____ C:\Users\tracy\Downloads\46.pdf
2020-03-10 15:41 - 2020-03-10 15:41 - 001118123 _____ C:\Users\tracy\Downloads\1326.pdf
2020-03-10 15:41 - 2020-03-10 15:41 - 001118123 _____ C:\Users\tracy\Downloads\1326(2).pdf
2020-03-10 15:41 - 2020-03-10 15:41 - 001118123 _____ C:\Users\tracy\Downloads\1326(1).pdf
2020-03-10 12:23 - 2020-03-10 13:31 - 000495616 _____ C:\Users\tracy\Downloads\kirkhe_2673.rfa
2020-03-10 12:23 - 2020-03-10 12:46 - 000495616 _____ C:\Users\tracy\Downloads\kirkhe_2673.0003.rfa
2020-03-10 12:23 - 2020-03-10 12:40 - 000491520 _____ C:\Users\tracy\Downloads\kirkhe_2673.0002.rfa
2020-03-10 12:23 - 2020-03-10 12:23 - 000282624 _____ C:\Users\tracy\Downloads\kirkhe_2673.0001.rfa
2020-03-10 11:31 - 2020-03-10 11:31 - 000372736 _____ C:\Users\tracy\Downloads\Arched_Pocket_Door_14171.rfa
2020-03-10 11:30 - 2020-03-10 11:30 - 000225280 _____ C:\Users\tracy\Downloads\arched_door_4449.rfa
2020-03-10 11:26 - 2020-03-10 11:26 - 000294912 _____ C:\Users\tracy\Downloads\Door_Double_Arch_Glass_16775.rfa
2020-03-09 21:42 - 2020-03-09 21:42 - 000087166 _____ C:\Users\tracy\Downloads\email-account-10117051.pdf
2020-03-09 04:37 - 2020-03-09 04:37 - 002692135 _____ C:\Users\tracy\Downloads\OBJ_Birthday_Cupcake.zip
2020-03-09 04:30 - 2020-03-09 04:30 - 000179724 _____ C:\Users\tracy\Downloads\donut.zip
2020-03-09 04:16 - 2020-03-09 04:16 - 000763313 _____ C:\Users\tracy\Downloads\Chocolate_Cake_OBJ.zip
2020-03-09 04:15 - 2020-03-09 04:15 - 001033199 _____ C:\Users\tracy\Downloads\Chocolate_Cake_DAE.zip
2020-03-09 04:15 - 2020-03-09 04:15 - 000671187 _____ C:\Users\tracy\Downloads\Chocolate_Cake_3DS.zip
2020-03-09 01:19 - 2020-03-09 01:19 - 009380699 _____ C:\Users\tracy\Downloads\964f84807113a7e29c0530d863b5e88e.zip
2020-03-09 01:18 - 2020-03-09 01:18 - 014058579 _____ C:\Users\tracy\Downloads\66851cc21964fff04d72eef362977bd6.zip
2020-03-09 01:17 - 2020-03-09 01:18 - 000345898 _____ C:\Users\tracy\Downloads\55a1f56507d5f1d9b2543a49e9ff4410.zip
2020-03-09 01:17 - 2020-03-09 01:17 - 005411307 _____ C:\Users\tracy\Downloads\10f75565fc706c5f483f787ce47b28b1.zip
2020-03-09 01:15 - 2020-03-09 01:15 - 001043793 _____ C:\Users\tracy\Downloads\63858418e8966efff6e0614827fd3edd.zip
2020-03-09 01:12 - 2020-03-09 01:13 - 000387640 _____ C:\Users\tracy\Downloads\c4ce7e143698f031c851e8c0942841bb.zip
2020-03-09 01:12 - 2020-03-09 01:12 - 020116057 _____ C:\Users\tracy\Downloads\4c876ae20f9f76a31e6a900b07005ef0.zip
2020-03-09 01:11 - 2020-03-09 01:12 - 016337167 _____ C:\Users\tracy\Downloads\e5b81c1fe9804b049c73aadc0b78043a.zip
2020-03-08 23:58 - 2020-03-08 23:58 - 001088953 _____ C:\Users\tracy\Downloads\be67a06a983209a26fe047611a8ecc26.zip
2020-03-08 23:57 - 2020-03-08 23:57 - 000362976 _____ C:\Users\tracy\Downloads\7965a77fe091253b5261cd6e2fc538fa.zip
2020-03-08 23:56 - 2020-03-08 23:56 - 000367513 _____ C:\Users\tracy\Downloads\5b717341295c7be10473ccc4923711d9.zip
2020-03-08 23:54 - 2020-03-08 23:54 - 002176257 _____ C:\Users\tracy\Downloads\47dfe2e5f4977fb6b01c017ba33e873a.zip
2020-03-08 23:52 - 2020-03-08 23:52 - 013731081 _____ C:\Users\tracy\Downloads\7255f9b5230ff1ce9322442b94815758.zip
2020-03-08 22:52 - 2020-03-08 22:52 - 000019502 _____ C:\Users\tracy\Downloads\5f1f81bb5be1ee99d2b301d68563d9b9.zip
2020-03-08 22:51 - 2020-03-08 22:51 - 001483958 _____ C:\Users\tracy\Downloads\6dc1b649769a2b138821f3cb102acbc8.zip
2020-03-08 22:50 - 2020-03-08 22:50 - 000120407 _____ C:\Users\tracy\Downloads\1165a2fd7c701383588ade6976bf5463.zip
2020-03-08 22:48 - 2020-03-08 22:48 - 001433201 _____ C:\Users\tracy\Downloads\88e948cf4c16734f74b52a130c9f0d9f.zip
2020-03-08 22:47 - 2020-03-08 22:47 - 002129941 _____ C:\Users\tracy\Downloads\6f478ee2b8a75a400916fa44a990d785.zip
2020-03-08 22:47 - 2020-03-08 22:47 - 000816520 _____ C:\Users\tracy\Downloads\3e26a969afd9d0824657388a5d03aa71.zip
2020-03-08 21:48 - 2020-03-08 21:48 - 006749102 _____ C:\Users\tracy\Downloads\C1dfCE7KEeS.pdf
2020-03-08 16:50 - 2020-03-08 16:50 - 000002146 _____ C:\Users\tracy\Desktop\Songify.lnk
2020-03-08 15:09 - 2020-03-08 15:09 - 002692794 _____ C:\Users\tracy\Downloads\caa2009_user_guide.pdf
2020-03-08 15:03 - 2020-03-08 15:03 - 000247306 _____ C:\Users\tracy\Downloads\20_Project 3A__assessment.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-06 18:28 - 2019-03-19 14:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-06 18:13 - 2019-10-30 02:47 - 000000000 ____D C:\Users\tracy\AppData\Roaming\iFunbox_UserCache
2020-04-06 18:00 - 2019-10-30 00:13 - 000840852 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-06 18:00 - 2019-03-19 14:50 - 000000000 ____D C:\Windows\INF
2020-04-06 17:58 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\Registration
2020-04-06 17:56 - 2019-10-30 01:08 - 000000000 ____D C:\Users\tracy\AppData\LocalLow\Mozilla
2020-04-06 17:55 - 2019-10-30 11:09 - 000000000 ____D C:\Windows\minidump
2020-04-06 17:55 - 2019-10-30 10:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-06 17:55 - 2019-10-30 10:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-04-06 17:55 - 2019-07-01 22:37 - 000540497 ____N C:\Windows\Minidump\040620-81921-01.dmp
2020-04-06 17:31 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\AppReadiness
2020-04-06 17:17 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-04-06 17:16 - 2019-11-02 06:09 - 000000000 ____D C:\Program Files\Common Files\Apple
2020-04-06 16:57 - 2019-10-30 10:55 - 000445144 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-06 16:56 - 2019-10-30 00:23 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-04-06 16:56 - 2019-03-19 14:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-04-06 15:58 - 2019-11-02 06:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2020-04-06 15:48 - 2019-11-02 07:03 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2020-04-06 15:48 - 2019-11-02 07:03 - 000000000 ____D C:\ProgramData\Documents\Autodesk
2020-04-06 15:36 - 2019-07-07 10:22 - 000001786 _____ C:\Users\tracy\Desktop\New ramblings.txt
2020-04-06 06:34 - 2020-02-29 21:35 - 000000000 ____D C:\ProgramData\Zipware
2020-04-06 05:56 - 2019-06-11 23:36 - 000000000 ____D C:\Autodesk
2020-04-06 05:24 - 2019-11-02 07:09 - 000000000 ____D C:\Users\tracy\AppData\Roaming\Autodesk
2020-04-06 05:23 - 2019-11-02 06:57 - 000000000 ____D C:\Users\tracy\AppData\Local\Autodesk
2020-04-06 05:22 - 2019-11-02 06:14 - 000000000 ____D C:\ProgramData\Autodesk
2020-04-06 05:21 - 2019-11-02 06:23 - 000000000 ____D C:\Program Files\Autodesk
2020-04-06 03:02 - 2019-11-02 06:51 - 000000000 ____D C:\Program Files (x86)\Autodesk
2020-04-06 03:01 - 2020-02-16 23:59 - 000000000 ____D C:\Users\tracy\Autodesk
2020-04-06 02:26 - 2019-10-30 00:17 - 000000000 ____D C:\Users\tracy\AppData\Local\Packages
2020-04-06 01:16 - 2019-11-02 01:45 - 000000000 ____D C:\Users\tracy\Desktop\Tempix
2020-04-06 01:15 - 2019-10-30 00:24 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-05 17:44 - 2019-10-30 17:29 - 000000000 ____D C:\Users\tracy\AppData\LocalLow\AMD
2020-04-05 03:08 - 2019-11-02 07:14 - 000098240 _____ C:\Users\tracy\AppData\Local\GDIPFONTCACHEV1.DAT
2020-04-05 01:49 - 2019-03-19 14:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-05 00:30 - 2019-10-30 00:17 - 000000000 ____D C:\Users\tracy\AppData\Local\VirtualStore
2020-04-04 23:58 - 2019-03-19 14:37 - 000000000 ____D C:\Windows\CbsTemp
2020-04-04 23:46 - 2019-10-30 00:31 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2020-04-04 23:37 - 2020-01-04 12:04 - 000000000 ____D C:\ProgramData\AMD
2020-04-04 23:37 - 2019-10-30 00:23 - 000000000 ____D C:\Program Files\AMD
2020-04-04 23:37 - 2019-07-01 06:00 - 000000000 ____D C:\AMD
2020-04-04 22:53 - 2019-10-30 00:28 - 000000000 ____D C:\ProgramData\Packages
2020-04-04 22:07 - 2019-10-30 00:14 - 000000000 ____D C:\Users\tracy
2020-04-01 01:59 - 2019-11-13 18:40 - 000000000 ____D C:\Users\tracy\AppData\Roaming\vlc
2020-03-28 17:18 - 2019-07-01 22:37 - 000441908 ____N C:\Windows\Minidump\032820-77609-01.dmp
2020-03-28 09:43 - 2019-03-19 14:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-03-27 22:26 - 2019-10-30 00:18 - 000000000 ____D C:\Users\tracy\AppData\Local\Publishers
2020-03-27 15:44 - 2019-12-27 02:14 - 000000010 _____ C:\Users\tracy\AppData\Local\sponge.last.runtime.cache
2020-03-26 12:21 - 2019-10-30 22:15 - 000000000 ____D C:\Program Files\Paint Shop Pro 5
2020-03-25 18:18 - 2020-01-11 01:08 - 000002044 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2020-03-25 18:18 - 2020-01-11 01:08 - 000002044 _____ C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk
2020-03-24 17:06 - 2019-10-30 00:21 - 000000000 ____D C:\Users\tracy\AppData\Local\PlaceholderTileLogoFolder
2020-03-24 16:45 - 2019-11-01 18:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-03-24 16:45 - 2019-10-30 01:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-23 01:56 - 2019-10-31 04:14 - 000000000 ___RD C:\Users\tracy\OneDrive - The Gordon
2020-03-23 01:56 - 2019-10-30 00:22 - 000003370 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-792678858-599442959-1286739730-1001
2020-03-23 01:56 - 2019-10-30 00:22 - 000000000 ___RD C:\Users\tracy\OneDrive
2020-03-23 01:56 - 2019-10-30 00:14 - 000002366 _____ C:\Users\tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-21 18:02 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-21 18:00 - 2019-10-30 21:16 - 000000000 ____D C:\Program Files\Microsoft Office
2020-03-21 11:23 - 2019-10-31 03:28 - 000003420 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 11:23 - 2019-10-31 03:28 - 000003296 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 17:23 - 2019-11-02 04:36 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-20 17:23 - 2019-11-02 04:36 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-19 22:29 - 2019-11-14 00:12 - 000000000 ____D C:\Users\tracy\AppData\Local\Autodesk,_Inc
2020-03-19 18:16 - 2019-10-30 01:08 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-03-19 08:47 - 2019-10-31 03:29 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 00:27 - 2019-10-30 17:31 - 000000000 ____D C:\Users\tracy\AppData\Local\D3DSCache
2020-03-18 01:53 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-03-18 01:53 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\bcastdvr
2020-03-16 00:46 - 2015-07-10 23:20 - 000410830 __RSH C:\bootmgr
2020-03-14 13:16 - 2019-10-30 00:17 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-14 13:16 - 2019-10-30 00:17 - 000000000 ___RD C:\Users\tracy\3D Objects
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\SystemResources
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\system32\setup
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\system32\oobe
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ____D C:\Windows\system32\Dism
2020-03-14 01:59 - 2019-03-19 14:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-14 01:59 - 2019-03-19 14:37 - 000000000 ____D C:\Windows\servicing
2020-03-14 01:57 - 2019-09-27 00:39 - 000000000 ___HD C:\OneDriveTemp
2020-03-14 01:56 - 2020-03-04 20:14 - 000000000 ____D C:\Users\tracy\Desktop\Holden
2020-03-12 00:08 - 2019-11-11 14:54 - 000000000 ____D C:\Users\tracy\AppData\Local\ElevatedDiagnostics
2020-03-11 20:49 - 2019-10-30 17:33 - 000000000 ____D C:\Windows\system32\MRT
2020-03-11 20:43 - 2019-10-30 17:33 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-10 06:39 - 2019-07-01 22:37 - 000542770 ____N C:\Windows\Minidump\031020-84390-01.dmp

==================== Files in the root of some directories ========

2019-12-27 04:25 - 2019-12-27 04:25 - 000439380 _____ () C:\Users\tracy\AppData\Local\ars.cache
2019-12-27 04:26 - 2019-12-27 04:26 - 001124599 _____ () C:\Users\tracy\AppData\Local\census.cache
2020-03-26 19:18 - 2020-03-26 19:18 - 000007606 _____ () C:\Users\tracy\AppData\Local\Resmon.ResmonCfg
2019-12-27 02:14 - 2020-03-27 15:44 - 000000010 _____ () C:\Users\tracy\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


  • 0

#29
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

And FRST Addition report:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2020
Ran by tracy (06-04-2020 18:49:47)
Running from C:\Users\tracy\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-10-30 01:09:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-792678858-599442959-1286739730-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-792678858-599442959-1286739730-503 - Limited - Disabled)
Guest (S-1-5-21-792678858-599442959-1286739730-501 - Limited - Disabled)
tracy (S-1-5-21-792678858-599442959-1286739730-1001 - Administrator - Enabled) => C:\Users\tracy
WDAGUtilityAccount (S-1-5-21-792678858-599442959-1286739730-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3uTools (HKLM-x32\...\3uTools) (Version: 2.38.010 - ShangHai ZhangZheng Network Technology Co., Ltd.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_7) (Version: 20.0.7 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Ashampoo ZIP Free (HKLM-x32\...\{0A11EA01-5173-F4C2-0973-35C932D5C674}_is1) (Version: 1.0.7 - Ashampoo GmbH & Co. KG)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.150.11.1001 - BlueStack Systems, Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CloneSpy 3.43 - 64 bit (HKLM\...\CloneSpy) (Version: 3.43 - The CloneSpy Team)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\CopyTrans Suite) (Version: 4.100 - WindSolutions)
Dell SupportAssist (HKLM\...\{17F0E5C2-638A-4645-A341-03E9C2FDCFF4}) (Version: 3.4.5.366 - Dell Inc.)
DevID Agent (HKLM-x32\...\DevID_Agent) (Version: 4.48 - DevID)
Duplicate Cleaner Free 4.1.2 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 4.1.2 - DigitalVolcano Software Ltd) <==== ATTENTION
eTransmit for Autodesk Revit 2020 (HKLM\...\{4477F08B-2001-0010-0000-9A09D834DFF5}) (Version: 20.0.0.377 - Autodesk) Hidden
Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 6.28 - NCH Software)
Fast Duplicate File Finder 3.7.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 3.7.0.1 - MindGems, Inc.)
Font Viewer 2.0 (HKLM-x32\...\Font Viewer_is1) (Version:  - Thinking BIG Information Technology Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
LatencyMon 6.71 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Macgo iPhone Explorer (HKLM-x32\...\{4DA57BEC-D8C1-4A23-9C4E-0285857B6A58}_is1) (Version: 1.4.0.1886 - Macgo Inc.)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11929.20648 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 en-US) (HKLM\...\Mozilla Firefox 74.0 (x64 en-US)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
NetSurveillance (HKLM-x32\...\NetSurveillance) (Version:  - )
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20648 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20648 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11929.20648 - Microsoft Corporation) Hidden
OpenShot Video Editor version 2.4.4 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.4 - OpenShot Studios, LLC)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 5.28 - NCH Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
Shotcut (HKLM-x32\...\Shotcut) (Version: 19.10.20 - Meltytech, LLC)
SnapBackup (HKLM\...\{9F1035F5-C4B1-4618-BFB8-2826E68210ED}) (Version: 1.0 - Snap Backup)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Sweet Home 3D version 6.2 (HKLM\...\Sweet Home 3D_is1) (Version: 6.2 - eTeks)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Virtual Router v1.0 (HKLM-x32\...\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}) (Version: 1.0 - Chris Pietschmann)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSDC Free Video Editor version 6.4.1.69 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.4.1.69 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wave Editor 3.1.0.0 (HKLM-x32\...\Wave Editor_is1) (Version: 3.1.0.0 - AbyssMedia.com)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 9.61 - NCH Software)
WhySoSlow 1.51 (HKLM\...\WhySoSlowHome_is1) (Version:  - Resplendence Software Projects Sp.)
WizFile v2.06 (HKLM\...\WizFile_is1) (Version: 2.06 - Antibody Software)
WizTree v3.29 (HKLM\...\WizTree_is1) (Version: 3.29 - Antibody Software)
Worksharing Monitor for Autodesk Revit 2019 (HKLM\...\{5063E738-1901-0010-0000-7B7B9AB0B696}) (Version: 19.0.1.1 - Autodesk) Hidden
Worksharing Monitor for Autodesk Revit 2020 (HKLM\...\{5063E738-2001-0010-0000-7B7B9AB0B696}) (Version: 20.0.0.377 - Autodesk) Hidden

Packages:
=========
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.5.4.0_x64__htrsf667h5kn2 [2020-04-04] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.671.0_x64__v10z8vjag6ke6 [2020-02-06] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa [2020-03-27] (Apple Inc.) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_440.9.118.0_x64__8xx8rvfyw5nnt [2020-04-03] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-30] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-31] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-03-13] (Adobe Systems Incorporated)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.9.53.0_x64__43tkc6nmykmb6 [2020-02-01] (Ookla)
WinDbg Preview -> C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2001.2001.0_neutral__8wekyb3d8bbwe [2020-01-05] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-792678858-599442959-1286739730-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-792678858-599442959-1286739730-1001_Classes\CLSID\{04271989-C4D2-DEB0-A5D7-91328C290E46} -> [OneDrive - The Gordon] => C:\Users\tracy\OneDrive - The Gordon [2019-10-31 04:14]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1-x32: [ASZipF] -> {e03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\ASZSHLEXT.DLL [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers1: [ASZipF64] -> {e03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\ASZSHLEXT64.DLL [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2019-12-16] () [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-10-26] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6-x32: [ASZipF] -> {e03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\ASZSHLEXT.DLL [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers6: [ASZipF64] -> {e03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\Ashampoo\Ashampoo ZIP Free\ASZSHLEXT64.DLL [2017-10-10] (Ashampoo GmbH & Co. KG -> Ashampoo GmbH)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2019-12-16] () [File not signed]
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetSurveillance\reg.lnk -> C:\Program Files (x86)\NetSurveillance\CMS\reg.bat ()
ShortcutWithArgument: C:\Users\tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-12-16 14:40 - 2019-12-16 14:40 - 000105984 _____ () [File not signed] C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2017-10-26 18:23 - 2017-10-26 18:23 - 000017408 _____ () [File not signed] C:\Program Files\AMD\ATI.ACE\a4\AS4.NativeProxy.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-06-05 03:33 - 2017-06-05 03:33 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-08-16 10:37 - 2019-08-16 10:37 - 000158208 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\system32\amdihk64.dll
2020-02-27 13:51 - 2020-02-27 13:51 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000237568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 001336832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2017-06-05 03:32 - 2017-06-05 03:32 - 001136128 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2017-10-26 18:20 - 2017-10-26 18:20 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-06-05 03:32 - 2017-06-05 03:32 - 006045696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-06-05 03:32 - 2017-06-05 03:32 - 001204736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-06-05 03:32 - 2017-06-05 03:32 - 003234304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000283136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000139264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-06-05 03:33 - 2017-06-05 03:33 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:Easy$Duplicate$Finder [125]
AlternateDataStreams: C:\Users\All Users:Easy$Duplicate$Finder [125]
AlternateDataStreams: C:\ProgramData\Application Data:Easy$Duplicate$Finder [125]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\sharepoint.com -> hxxps://thegordon-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 14:49 - 2019-03-19 14:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2020-02-04 16:32 - 2020-02-04 16:41 - 000000440 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-792678858-599442959-1286739730-1001\Control Panel\Desktop\\Wallpaper -> c:\users\tracy\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\flippyflippedflippier.png
DNS Servers: 172.20.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Virtual Router Manager.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ProdLib"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\StartupApproved\StartupFolder: => "GenuineService.lnk"
HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-792678858-599442959-1286739730-1001\...\StartupApproved\Run: => "Web Companion"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{50437D83-25E8-4343-9F50-35BB047B3E38}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0D64B562-CD56-4332-B9F5-8480EA275FC0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E48935A-3C85-4164-BC8A-5655E287C279}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5423C79-5C41-4D75-A5B9-DEAE366EE420}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1347ED35-2901-459D-B1A2-AC11337A67F8}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{DA77E04B-B364-44AD-B392-B4AD022D0B1F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{7AF921ED-B861-4F4F-8BE8-78239F3B888F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{46885675-2554-4032-BBE6-A8CF608C8044}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Flash-Integro LLC) [File not signed]
FirewallRules: [{AFA2EDCE-3EAE-41AF-95E9-172297F63BC2}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Flash-Integro LLC) [File not signed]
FirewallRules: [{16F345E6-5AD7-4299-B5D1-B0E25C15455B}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Flash-Integro LLC) [File not signed]
FirewallRules: [{A9FB7220-773D-49FB-9A2A-0F883F472B6E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Flash-Integro LLC) [File not signed]
FirewallRules: [{FCB4AA98-BB95-41DB-B61F-9768C9720691}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Flash-Integro LLC) [File not signed]
FirewallRules: [{B0162D49-E99F-435E-8D22-24533A213FB4}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Flash-Integro LLC) [File not signed]
FirewallRules: [{52BB412B-D298-4265-B27B-98B7A10C1E82}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{913857BF-7579-41D1-A324-9344B7E4696E}] => (Allow) C:\Users\tracy\AppData\Local\Temp\HouseCall\tmase\nmap\nmap.exe No File
FirewallRules: [{10F52F68-BAC4-47B3-869D-83CB1B232B08}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D3637E7-CFB8-4BFF-B232-9EDA98FBAABC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF844437-3405-409A-9E69-3EA0A91E54CC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8E294DC-B550-4C0A-B054-037BC77453AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0AB9B55B-1376-459B-9C6D-DF37C9E9D87E}] => (Allow) C:\Users\tracy\AppData\Local\Temp\HouseCall\tmase\nmap\nmap.exe No File
FirewallRules: [{0BABCE91-9977-4C85-8526-C9F42BE0AAA7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BD907F2F-D04D-4131-9BF6-4E94B517B052}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9CAE1192-E64A-418E-B253-C1AA0D164039}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E821DE98-2B12-4F64-98A5-A44DA5852C81}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F89141B-797C-4C77-9AEE-32A994E5C42A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFB7C923-EBD1-42D6-BF10-E74EDC5D1CA2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{18770CA2-AB39-4444-A1D9-5393BC401894}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{46FEF00F-041B-48BB-B83F-5E1152CEF142}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2B50214C-58AC-4861-8137-58F8C32366AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{43CBA98A-D8A8-40D6-BDA2-9222F802F0E0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C80A6631-B202-49FC-ADC0-F60C783032F0}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{61B032CB-2617-430F-A716-95AE75AA9A4A}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{8523A1D1-7BC9-4929-A460-3FC060DD28E7}] => (Allow) LPort=80

==================== Restore Points =========================

16-03-2020 00:31:24 Windows Update
26-03-2020 00:34:32 Scheduled Checkpoint
28-03-2020 09:45:07 Removed Autodesk Workflows 2019
04-04-2020 22:18:56 Scheduled Checkpoint
06-04-2020 01:26:06 Removed Bonjour
06-04-2020 05:30:25 Revit Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/06/2020 05:47:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iFunBox.exe version 4.1.4338.2105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 10bc

Start Time: 01d60be61fdca63d

Termination Time: 23

Application Path: C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe

Report Id: 3b2a98dc-7bba-441a-b64a-8df7e78c76c8

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (04/06/2020 04:16:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Psp.exe, version: 5.0.0.0, time stamp: 0x35200680
Faulting module name: Psp.exe, version: 5.0.0.0, time stamp: 0x35200680
Exception code: 0xc000041d
Fault offset: 0x0011cf3b
Faulting process ID: 0x1818
Faulting application start time: 0x01d60b60265de137
Faulting application path: C:\PROGRA~1\PAINTS~1\Psp.exe
Faulting module path: C:\PROGRA~1\PAINTS~1\Psp.exe
Report ID: 35dc3bd8-725e-44ca-a7eb-02389451d94f
Faulting package full name:
Faulting package-relative application ID:

Error: (04/06/2020 04:16:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Psp.exe, version: 5.0.0.0, time stamp: 0x35200680
Faulting module name: Psp.exe, version: 5.0.0.0, time stamp: 0x35200680
Exception code: 0xc0000005
Fault offset: 0x0011cf3b
Faulting process ID: 0x1818
Faulting application start time: 0x01d60b60265de137
Faulting application path: C:\PROGRA~1\PAINTS~1\Psp.exe
Faulting module path: C:\PROGRA~1\PAINTS~1\Psp.exe
Report ID: bbd7580f-9e4e-4beb-8391-51ca80aaae41
Faulting package full name:
Faulting package-relative application ID:

Error: (04/06/2020 03:58:38 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 29536 and the required size was 32672.

Error: (04/06/2020 01:22:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (04/06/2020 01:22:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (04/06/2020 01:22:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (04/06/2020 01:22:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21


System errors:
=============
Error: (04/06/2020 05:56:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Virtual Router service failed to start due to the following error:
The system cannot find the file specified.

Error: (04/06/2020 05:55:56 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xffff940a4c4df040, 0xfffff805228678e0). A dump was saved in: C:\Windows\Minidump\040620-81921-01.dmp. Report Id: 5a133a2f-e3a8-40a8-aa15-b104a129674d.

Error: (04/06/2020 05:54:39 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (04/06/2020 05:49:02 PM) (Source: DCOM) (EventID: 10010) (User: RIFFRAFFDELL)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.

Error: (04/06/2020 04:57:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Virtual Router service failed to start due to the following error:
The system cannot find the file specified.

Error: (04/06/2020 04:56:27 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (04/06/2020 04:55:58 PM) (Source: DCOM) (EventID: 10010) (User: RIFFRAFFDELL)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.

Error: (04/06/2020 03:35:47 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.


Windows Defender:
===================================
Date: 2019-12-31 19:06:00.253
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {297074AB-0B3D-44E4-8383-831D0B7F1653}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-31 18:00:40.814
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {78FC7195-0334-4901-A03B-08CCFCE35D09}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-31 16:54:52.169
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DD55B26F-DE1E-46EA-BDBC-6243FE16FBA0}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-25 21:50:47.146
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft...81&enterprise=0
Name: Trojan:Win32/Spursint.F!cl
ID: 2147717281
Severity: Severe
Category: Trojan
Path: file:_C:\Users\tracy\Downloads\pinner[3.4.3.0][3-12-2019].exe; webfile:_C:\Users\tracy\Downloads\pinner[3.4.3.0][3-12-2019].exe|https://handyapplica...217231261131379
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Security intelligence Version: AV: 1.307.1089.0, AS: 1.307.1089.0, NIS: 1.307.1089.0
Engine Version: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2019-12-23 13:20:49.660
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9D2FC18E-8B93-403A-8D29-1CF3A291FCC1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-22 19:24:02.988
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.932.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2020-04-06 17:59:45.957
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-04-06 17:56:27.867
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\netaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-04-06 17:16:18.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-04-06 17:16:17.263
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-04-06 17:16:03.339
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-04-06 17:15:59.786
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-04-06 06:36:49.739
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-04-06 06:36:48.720
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. A12 08/30/2016
Motherboard: Dell Inc. 0FXF2C
Processor: AMD A6-7310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 37%
Total physical RAM: 11200.24 MB
Available physical RAM: 6997.63 MB
Total Virtual: 12100.24 MB
Available Virtual: 6928.52 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:238.47 GB) (Free:131.66 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (ORIGINAL HDD) (Fixed) (Total:929.66 GB) (Free:428.17 GB) NTFS

\\?\Volume{9923554b-9ad2-4d8d-8cca-4b22cb27de71}\ (WinRETOOLS) (Fixed) (Total:0.78 GB) (Free:0.76 GB) NTFS
\\?\Volume{140233df-a3b6-46d6-89db-13be3461f8ea}\ () (Fixed) (Total:0.85 GB) (Free:0.4 GB) NTFS
\\?\Volume{a9409e46-0860-4422-8d7a-e52801f9c2c5}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 34706B48)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: A739D2F0)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0

#30
RiffRaffMama

RiffRaffMama

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

...aaaand BSOD file:

 

==================================================
Dump File         : 040620-81921-01.dmp
Crash Time        : 6/04/2020 5:54:05 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000004
Parameter 2       : 00000000`0000012c
Parameter 3       : ffff940a`4c4df040
Parameter 4       : fffff805`228678e0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+1c2380
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : x64
Crash Address     : ntoskrnl.exe+1c2380
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\040620-81921-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 18362
Dump File Size    : 540,497
Dump File Time    : 6/04/2020 5:55:46 PM
==================================================

==================================================
Dump File         : 032820-77609-01.dmp
Crash Time        : 28/03/2020 5:16:35 PM
Bug Check String  : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code    : 0x00000050
Parameter 1       : ffff8583`bf4e6030
Parameter 2       : 00000000`00000000
Parameter 3       : ffff8583`bf50f7a4
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+1c2380
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : x64
Crash Address     : ntoskrnl.exe+1c2380
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\032820-77609-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 18362
Dump File Size    : 441,908
Dump File Time    : 28/03/2020 5:18:19 PM
==================================================

==================================================
Dump File         : 031020-84390-01.dmp
Crash Time        : 10/03/2020 1:22:18 AM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000004
Parameter 2       : 00000000`0000012c
Parameter 3       : ffffae09`b6ee0040
Parameter 4       : fffff504`ff4458e0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+1c1510
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : x64
Crash Address     : ntoskrnl.exe+1c1510
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\031020-84390-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 18362
Dump File Size    : 542,770
Dump File Time    : 10/03/2020 6:39:28 AM
==================================================

==================================================
Dump File         : 021620-82000-01.dmp
Crash Time        : 16/02/2020 1:22:00 PM
Bug Check String  :
Bug Check Code    : 0x00000154
Parameter 1       : ffff8e8c`28d31000
Parameter 2       : ffffb187`07dc5000
Parameter 3       : 00000000`00000002
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+1c1510
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : x64
Crash Address     : ntoskrnl.exe+1c1510
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\021620-82000-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 18362
Dump File Size    : 445,662
Dump File Time    : 16/02/2020 1:24:11 PM
==================================================

==================================================
Dump File         : 021520-86187-01.dmp
Crash Time        : 15/02/2020 6:39:03 PM
Bug Check String  : DRIVER_POWER_STATE_FAILURE
Bug Check Code    : 0x0000009f
Parameter 1       : 00000000`00000004
Parameter 2       : 00000000`0000012c
Parameter 3       : ffffc387`f16d6040
Parameter 4       : ffff8c8a`326378e0
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+1c14e0
File Description  :
Product Name      :
Company           :
File Version      :
Processor         : x64
Crash Address     : ntoskrnl.exe+1c14e0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\021520-86187-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 18362
Dump File Size    : 544,370
Dump File Time    : 15/02/2020 8:13:31 PM
==================================================


 


  • 0






Similar Topics


Also tagged with one or more of these keywords: rendering, Revit, GPU, Dell, AMD, graphics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP