Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 10 security will not finish full scan


  • Please log in to reply

#1
sl962

sl962

    Member

  • Member
  • PipPip
  • 65 posts

I have tried repeatably to run a full scan and it will not finish. Runs anywhere between 20 minuets and an hour before shutting down and restarting. When I go back to windows security there doesn't seem to be any evidence that the scan ran at all. I would really appreciate any help and or advice you could offer. FRST logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2020
Ran by Scott (administrator) on NEWPC (ASUS All Series) (16-08-2020 12:22:51)
Running from C:\Users\Scott\Desktop
Loaded Profiles: Scott
Platform: Windows 10 Pro Version 2004 19041.450 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0355311.inf_amd64_183b8d63847c90cf\B355199\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0355311.inf_amd64_183b8d63847c90cf\B355199\atiesrxx.exe
(Amazon.com Services LLC -> Amazon.com Inc.) C:\Users\Scott\AppData\Local\Amazon Drive\AmazonPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(Cisco Video Technologies Israel Ltd. -> Cisco) C:\Users\Scott\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
(DTS, Inc. -> DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\HPNetworkCommunicatorCom.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(Intel® Software -> Intel® Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-21] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7509728 2020-08-05] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-29] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => E:\Programs\iTunes\iTunesHelper.exe [331064 2020-07-24] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [VideoGuardMonitor] => C:\Users\Scott\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe [4155656 2017-06-20] (Cisco Video Technologies Israel Ltd. -> Cisco)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [HP OfficeJet 4650 series (NET)] => C:\Program Files\HP\HP OfficeJet 4650 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [Amazon Photos] => C:\Users\Scott\AppData\Local\Amazon Drive\AmazonPhotos.exe [9940144 2020-08-05] (Amazon.com Services LLC -> Amazon.com Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [79E7102FE81497D621F06500A298B59D3A61040B._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\MountPoints2: {b2cb9229-a988-11e5-944c-f07959de46f0} - "I:\LaunchU3.exe" -a
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Print\Monitors\HP D911 Status Monitor: C:\WINDOWS\system32\hpinkstsD911LM.dll [393352 2017-03-26] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP OfficeJet 4650 series): C:\WINDOWS\system32\HPDiscoPMD911.dll [840328 2017-04-06] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\WINDOWS\system32\hpf3l02t.dll [138752 2010-05-14] (Hewlett-Packard Company) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ASUS\Bluetooth Software\\BtwCP.dll [2012-12-06] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2019-03-27]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [File not signed]
Startup: C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Cartridge Alerts - HP OfficeJet 4650 series (Network).lnk [2020-08-16]
ShortcutAndArgument: Monitor Cartridge Alerts - HP OfficeJet 4650 series (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP OfficeJet 4650 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH7334J12P0662;CONNECTION=NW;MONITOR=1;
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B42A096-6B31-46C7-9717-A452D549FDEB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0D69B0F8-74B7-4DEA-AE17-949074F875E7} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
Task: {0EFB50D6-E369-4A7E-B6BB-A16BE998618A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {138B907F-13CC-420B-8E50-0E0A6E509A21} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {149E8D92-7DC6-44E6-B6F8-F0E695440BCE} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {14B5A1AB-A2E6-496E-B255-946FE24CCC8D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1568032 2015-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {16911A04-744E-4DF3-99B1-3A6CF6041500} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {1A085D6E-C073-4F61-B98B-ED1EBE7B27AF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BF445B2-CC75-498D-B3F2-328B3ADFE0E5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1DABD321-FF18-40CC-8954-F11E03B4D95D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1EA2FDAF-1108-46D0-8B14-F26A6E296DA5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F101E6F-0566-47C7-9233-FEEDEBC4B26D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {210A10C8-10D2-477B-A0DE-42188ED4BF2B} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {24289682-F891-4295-AF70-38A646A52891} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {260C5366-6297-4F57-A3FD-FFA578FA8007} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {2A66BCBA-59B0-4272-8A11-EFF9618120F9} - System32\Tasks\{1FCD0362-97DB-40D9-BE78-CDCB74A29CCC} => C:\Windows\system32\pcalua.exe -a F:\atisetup.exe -d F:\
Task: {2B87EFFD-56C7-48F1-B9B2-4A4A2E8B2DA3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E26EDEE-EAF4-4888-AB00-8A35FFF347A9} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1124536 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {34BEEBBB-8684-42D7-BB57-17BC53397CF0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3B20A6E8-B54E-4555-8705-630D67F81973} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\MpCmdRun.exe [525048 2020-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3CF44AFA-0113-4452-915E-B62F6F4B48B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {427471B7-D80B-4DB0-9018-F40A117AE3EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {448183EE-CA84-43F3-A8FA-641E2D0B7055} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2017-11-24] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {4685DE19-E945-4CB0-A8AB-6B6E2B57AF50} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4CA9D354-A0F3-493F-B39F-7175E21A0269} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51FD8988-D71E-478B-892F-910B841DD4CD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {58C5CB87-A363-46C0-8D5D-D529D6EBE93A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [123600 2020-07-28] (Mozilla Corporation -> Mozilla Foundation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D9B54BB-97F7-4512-8862-18CA6402E818} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\MpCmdRun.exe [525048 2020-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E465378-6334-4A02-B2EE-755965C1328C} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1285928 2015-03-11] (Intel® Software -> Intel Corporation)
Task: {5EBC9972-48B9-4F4D-9B40-87BF8201BD7D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {60E0CE78-8FE0-4208-A509-2C9A5EA614E8} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1448408 2018-01-12] (ASUSTeK Computer Inc. -> )
Task: {65430F74-44C6-4C6A-92CB-46CCAB54C54C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\MpCmdRun.exe [525048 2020-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {696A958D-DA99-492E-84A8-FF8A682186FF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B9FA49F-89B6-400A-849B-E26CAD1F25A0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6E502137-FF8B-463C-BF21-2A8D73ABC88A} - System32\Tasks\ASUS\i-Setup153753 => C:\Windows\Install\AsusSetup.exe [1203032 2013-08-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {7051B193-254D-47E4-A84E-6D141A9901D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\MpCmdRun.exe [525048 2020-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {72047993-B8EA-41BD-B3CC-D3112B0397A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B44991D-17E1-47EB-BC28-8336912D8121} - System32\Tasks\Macrium-Backup-{573E5E4C-9817-43B6-B629-E979BA683418} => C:\Program Files\Macrium\Reflect\Reflect.exe [1393232 2020-08-05] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
Task: {8C78A14A-A7A1-468C-ACA3-7F297823F422} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {8D79A141-B98A-4C10-9D1A-CA683A33374E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-11] (Adobe Inc. -> Adobe)
Task: {9002838E-BEEB-4472-A2BA-9AA0BE675564} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {92F88386-AD1E-4ADC-8362-580E1B785E85} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {947D939B-6EBF-43E5-AED1-0C6C77161244} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D04838C-58C1-4F2C-8406-83CFE3236D2C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {9D848DC9-EEFB-4A99-9B84-020A07D1E9D8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {9EBA0A49-0EA7-466C-A7DD-67BA1A4B4B13} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2201376 2015-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0B8DD59-08AF-4860-8EC2-5CC3531754D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.)
Task: {A5382B25-20EF-4C68-BE63-B61178341AB5} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2096088 2018-01-04] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {A6FB22ED-A36E-4C9E-9B29-DB438CE157E6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {A7F9093B-884C-434D-9E3D-D6CA2970D25F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {AD5216BC-F13A-44B9-8112-FB8F0098BF4E} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B4467CAC-C6CD-4D57-9DAD-19AEF8F21561} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {B917FB32-3F86-49CA-8B5A-BC47FAD57CDD} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [File not signed]
Task: {B97BF0D8-041F-4B55-B3E0-6DD0498B87CB} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BEE77A5D-4820-4FD1-9104-54B6E9CD597A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3C0FAC2-99DD-409E-BC96-CCB5C4F2620B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C85F03A7-1DC2-4573-B6B0-66148AC44110} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCDECCFE-B5CB-43E9-B5A8-67550D1E4B9C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CDFCCA71-2BCE-4AA5-A2AA-82FB521C7036} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_Plugin.exe [1475640 2020-08-11] (Adobe Inc. -> Adobe)
Task: {D034EFD6-15E1-4274-A4F8-43561DC93161} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D39A33DB-D39E-4F69-A729-913B460F1A11} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1430328 2014-10-09] (ASUSTeK Computer Inc. -> )
Task: {DB879182-D425-451F-BC4D-22342AC632B0} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [File not signed]
Task: {DC18D2B1-7964-4958-9CDA-3697AFAF803F} - System32\Tasks\Macrium-Backup-{ED193E1E-6A64-4A8A-B3E1-313E08A1F26E} => C:\Program Files\Macrium\Reflect\Reflect.exe [1393232 2020-08-05] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
Task: {DEBDE314-C5E1-4425-823F-BB7FF704B498} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EC5616A0-669E-4934-8BA8-1D7DAFDD17BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F6A3F280-7D7D-44D4-8F09-7FB759805D8D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {F77E2A2F-EAA6-48CC-AFB8-393277BBDA09} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{031f4e88-3c1d-410a-a4c7-c244a1a60260}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0464B5B9-42ED-46A7-A18C-3753B81B3180}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1B202425-2F36-4F80-A102-7644224925D6}: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{982B1E08-A51C-464E-A3A2-9C4B81743F54}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> DefaultScope {4FDAFEB7-E07E-416C-8F72-229C49FE6025} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> {4FDAFEB7-E07E-416C-8F72-229C49FE6025} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> {54EBE68D-9D6E-4FF7-99B4-79C1325C7B59} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)

Edge:
======
DownloadDir: E:\MyDownloads
Edge HomeButtonPage: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> hxxp://www.google.com/
Edge Profile: C:\Users\Scott\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-15]
Edge HomePage: Default -> hxxp://www.google.com/

FireFox:
========
FF DefaultProfile: 4jnm1ed3.default-1595193498914
FF ProfilePath: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914 [2020-08-16]
FF Homepage: Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914 -> hxxps://www.google.com/
FF Extension: (Amazon Assistant) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\[email protected] [2020-08-11]
FF Extension: (Privacy Badger) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\[email protected] [2020-07-22]
FF Extension: (Pinterest Save Button) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\[email protected] [2020-08-03]
FF Extension: (Logitech SetPoint) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2020-07-19]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-08-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2020-01-22] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_414.dll [2020-08-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_414.dll [2020-08-11] (Adobe Inc. -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-07-30] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-11] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-04-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc. -> DTS, Inc)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [7409472 2020-08-05] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 MSSQL$ASUSHOMECLOUD; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [43130032 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RunSwUSB; C:\Windows\runSW.exe [48856 2015-11-05] (Realtek Semiconductor Corp -> )
S3 SandraAgentSrv; E:\Programs\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe [73200 2015-07-06] (SiSoftware SPC -> SiSoftware) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5097344 2020-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$ASUSHOMECLOUD; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [381104 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\NisSrv.exe [2343128 2020-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\MsMpEng.exe [128376 2020-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [17720 2015-03-25] (Intel® Software -> Intel® Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation -> MCCI Corporation)
S3 ASUSstpt; C:\WINDOWS\System32\drivers\ASUSstpt.sys [27392 2013-03-28] (MCCI Corporation -> MCCI Corporation)
S3 ASUSumsc; C:\WINDOWS\System32\drivers\ASUSumsc.sys [151808 2013-03-28] (MCCI Corporation -> MCCI Corporation)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] (PassMark Software Pty Ltd -> )
S3 hnswfpdriver; C:\WINDOWS\System32\drivers\hnswfpdriver.sys [21304 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel® Software -> Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (ZTE CORPORATION -> HandSet Incorporated)
R1 MpKsl84edf33a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3858AC27-8CAD-4138-99C7-68C5C0657C0D}\MpKsl84edf33a.sys [78056 2020-08-16] (Microsoft Windows -> Microsoft Corporation)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3858AC27-8CAD-4138-99C7-68C5C0657C0D}\MpKslDrv.sys [78056 2020-08-16] (Microsoft Windows -> Microsoft Corporation)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows ® Win 7 DDK provider)
S3 psvolacc; C:\WINDOWS\system32\drivers\psvolacc.sys [34520 2018-12-06] (Paramount Software UK Ltd -> Windows ® Win 7 DDK provider)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [4776240 2017-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SANDRA; E:\Programs\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware Ltd -> SiSoftware)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-08-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428272 2020-08-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69872 2020-08-12] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-16 12:22 - 2020-08-16 12:23 - 000035381 _____ C:\Users\Scott\Desktop\FRST.txt
2020-08-16 12:20 - 2020-08-16 12:21 - 002296320 _____ (Farbar) C:\Users\Scott\Desktop\FRST64.exe
2020-08-16 12:18 - 2020-08-16 12:18 - 001483204 _____ C:\WINDOWS\Minidump\081620-11359-01.dmp
2020-08-16 12:18 - 2020-08-16 12:18 - 000008192 ___SH C:\DumpStack.log.tmp
2020-08-16 12:18 - 2020-08-16 12:18 - 000003106 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-08-16 12:18 - 2020-08-16 12:18 - 000003092 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-08-16 11:35 - 2020-08-16 12:18 - 2270047705 _____ C:\WINDOWS\MEMORY.DMP
2020-08-16 11:35 - 2020-08-16 11:35 - 001351756 _____ C:\WINDOWS\Minidump\081620-10968-01.dmp
2020-08-13 12:14 - 2020-08-13 13:11 - 000000000 ____D C:\Users\Scott\Desktop\Woolput Order
2020-08-12 16:30 - 2020-08-12 16:30 - 024264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 023434752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 018071040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 010925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 010336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 008894656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 006709248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 005858136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 005820416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 005420648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 004783328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 004629312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 003867136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003859968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003846144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003810816 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 003806720 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003779400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 003750400 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\HostNetSvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002994504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 002744832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 002587464 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 002520056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002486584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 002450944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002254544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 002245632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002113032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001879488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001641472 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001557832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001352248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001337168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001323520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 001255424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 001221632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001209624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 001117328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001090560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001041920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001014888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000994616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Facilitator.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000945152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000930304 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000920904 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000900936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000825864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000801544 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000759784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000725608 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000707024 _____ C:\WINDOWS\system32\TextShaping.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000665256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 000660584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000647992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000602184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000583608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000581576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000548544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000538440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000502600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-12 16:30 - 2020-08-12 16:30 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000454984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000442680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000367416 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000362064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000249672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000217912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000180040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000134984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000132744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000116040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000099640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000092960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000061752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagnosticdataquery.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000042312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000009281 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-08-12 16:30 - 2020-08-12 16:30 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-12 16:28 - 2020-07-17 19:22 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-12 16:28 - 2020-07-17 19:01 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-12 10:59 - 2020-08-12 10:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-08-12 10:59 - 2020-08-12 10:59 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-11 08:58 - 2020-08-11 08:58 - 001385446 _____ C:\Users\Scott\Desktop\SalemStatesmanJournal_20200811_B07_1.pdf
2020-08-10 16:39 - 2020-08-10 16:39 - 000002223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2020-08-10 16:39 - 2020-08-10 16:39 - 000002211 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2020-08-10 16:39 - 2020-08-10 16:39 - 000002211 _____ C:\ProgramData\Desktop\Google Earth Pro.lnk
2020-08-10 16:39 - 2020-08-10 16:39 - 000000000 ____D C:\Program Files\Google
2020-08-09 15:24 - 2020-08-09 15:25 - 001733476 _____ C:\WINDOWS\Minidump\080920-14921-01.dmp
2020-08-09 14:10 - 2020-08-16 10:52 - 113770496 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-08-07 16:25 - 2020-08-07 16:25 - 001314268 _____ C:\WINDOWS\Minidump\080720-13937-01.dmp
2020-08-07 13:03 - 2020-08-07 13:03 - 000001266 _____ C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Photos.lnk
2020-08-07 13:03 - 2020-08-07 13:03 - 000000000 ____D C:\Users\Scott\AppData\Local\Amazon Drive
2020-08-06 12:19 - 2020-08-06 12:19 - 000001580 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-08-06 12:19 - 2020-08-06 12:19 - 000001580 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-08-06 12:19 - 2020-08-06 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-08-06 12:19 - 2020-08-06 12:19 - 000000000 ____D C:\Program Files\iPod
2020-08-06 12:07 - 2020-08-06 12:08 - 000000000 ____D C:\ProgramData\Avast Software
2020-08-06 12:02 - 2020-08-06 12:02 - 001232348 _____ C:\WINDOWS\Minidump\080620-11078-01.dmp
2020-08-06 10:12 - 2020-08-13 10:24 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-06 10:12 - 2020-08-06 20:18 - 000003478 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-06 10:12 - 2020-08-06 20:18 - 000003354 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-05 10:38 - 2020-08-06 20:25 - 000000000 ____D C:\Users\Scott\AppData\Local\CrashDumps
2020-08-05 09:28 - 2020-08-05 08:11 - 000101528 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\MRCBT.sys
2020-08-03 14:14 - 2020-08-16 12:23 - 000000000 ____D C:\FRST
2020-08-03 13:46 - 2020-08-03 13:46 - 001619412 _____ C:\WINDOWS\Minidump\080320-10500-01.dmp
2020-08-03 12:59 - 2020-08-03 12:59 - 001147012 _____ C:\WINDOWS\Minidump\080320-11031-01.dmp
2020-08-03 12:31 - 2020-08-03 12:31 - 000000000 ____D C:\Users\Scott\AppData\Local\mbam
2020-08-03 12:27 - 2020-08-03 12:27 - 001102924 _____ C:\WINDOWS\Minidump\080320-11265-01.dmp
2020-08-03 12:06 - 2020-08-16 12:18 - 000000000 ____D C:\WINDOWS\Minidump
2020-08-03 12:06 - 2020-08-03 12:06 - 001843044 _____ C:\WINDOWS\Minidump\080320-11390-01.dmp
2020-08-02 21:21 - 2020-08-09 14:10 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2020-08-02 14:14 - 2020-08-02 14:14 - 004819968 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 004273664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 026271744 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 019868160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 018766848 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 014754816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 008229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 008004728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 007972696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 007628208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 007596032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 007104000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006554424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmchipset.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006406144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006362176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006192640 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006188544 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 005990344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 005771904 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 005056000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004746752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004582288 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 004523520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004465664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 004362832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004307456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-02 14:13 - 2020-08-02 14:13 - 004003384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 003999744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003913216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003843584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003818472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003661312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003547280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003364864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003202872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 003181056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003062784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002947584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 002918728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002806160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-02 14:13 - 2020-08-02 14:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-02 14:13 - 2020-08-02 14:13 - 002686464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002541056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002433024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002422072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002403328 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002402768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 002265336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002259968 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002242048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002202112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002178040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002103712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002101248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsudk.shellcommon.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002023688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002018632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001980744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001930200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001922048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001868152 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001818568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001805744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-02 14:13 - 2020-08-02 14:13 - 001777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001766912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001763640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001719096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001717760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001695216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001616576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001596464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001538664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001514496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001506616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001504768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001501000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001472824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 001430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001423360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001394552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-02 14:13 - 2020-08-02 14:13 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001328936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001314616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001314616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001309512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-02 14:13 - 2020-08-02 14:13 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001252864 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001233408 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001197752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001184360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001181200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001158656 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-08-02 14:13 - 2020-08-02 14:13 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001095168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001093432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001089336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001046528 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001044880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001030656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001030656 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001024744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001019008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000976680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000943416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000938416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000913120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000912744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000881624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000876544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000843416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000808248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000760120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000755664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000749960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000747864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000706032 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000696760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000678200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000675640 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000671544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000639920 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000639288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\UiaManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000630088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-08-02 14:13 - 2020-08-02 14:13 - 000600376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-08-02 14:13 - 2020-08-02 14:13 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000530440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000528360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000524088 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000517976 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UiaManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000509248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmusrv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000500952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000495840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000471600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcIso.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-08-02 14:13 - 2020-08-02 14:13 - 000468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000440120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServerClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000420464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000418800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000417376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000401720 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallControlPanel.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000381704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsmb.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000373560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Vault.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000360024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000359936 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000353256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FrameServerClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxpTaskSync.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000324424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallControlPanel.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000303288 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000293176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nvspinfo.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000288152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.FileExplorer.Common.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vault.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxpTaskSync.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000264704 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000253016 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApproveChildRequest.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000215880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000214840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000213352 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000202568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000195248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000195128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mskeyprotcli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dsui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000172496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000167896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000166288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsievaluator.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\control.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000162616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsigpext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnsdiag.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000153600 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000151864 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dsui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\control.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000142008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000138928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000137016 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mskeyprotcli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\recovery.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountControlSettings.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000123968 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000118072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MaintenanceUI.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-08-02 14:13 - 2020-08-02 14:13 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidfdp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountControlSettings.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000094496 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000090416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsdefenderapplicationguardcsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\GPCSEWrapperCsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcacli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndadmin.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidnsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndadmin.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidfdp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000064824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcacli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000051000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxy.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDriverRetrievalClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifidatacapabilityhandler.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-08-02 14:13 - 2020-08-02 14:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000042808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidnsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000039224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxyHNic.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000033096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000026600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IntelTA.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000017224 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msidcrl40.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000014336 _____ C:\WINDOWS\system32\hnsproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msidcrl40.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-08-02 14:00 - 2017-01-09 00:32 - 004776240 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\rtwlanu.sys
2020-08-02 14:00 - 2017-01-09 00:32 - 004776240 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlanu.sys
2020-08-02 14:00 - 2017-01-09 00:31 - 000018394 _____ C:\WINDOWS\system32\netrtwlanu.cat
2020-08-02 14:00 - 2017-01-09 00:08 - 000006458 _____ C:\WINDOWS\system32\TP_TXPWR_LMT_Enc.txt
2020-08-02 14:00 - 2017-01-09 00:08 - 000006458 _____ C:\WINDOWS\system32\Drivers\TP_TXPWR_LMT_Enc.txt
2020-08-02 14:00 - 2017-01-09 00:08 - 000004625 _____ C:\WINDOWS\system32\TP_PHY_REG_PG_Enc.txt
2020-08-02 14:00 - 2017-01-09 00:08 - 000004625 _____ C:\WINDOWS\system32\Drivers\TP_PHY_REG_PG_Enc.txt
2020-07-29 19:00 - 2020-07-29 19:00 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2157332433-1070056625-1532484577-1000
2020-07-29 19:00 - 2020-07-29 19:00 - 000002402 _____ C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-28 16:44 - 2020-07-28 16:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-28 16:43 - 2020-07-29 11:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-07-23 16:10 - 2020-07-23 16:10 - 000001055 _____ C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Extreme Tuning Utility
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-16 12:20 - 2015-09-07 14:17 - 000000000 ____D C:\Users\Scott\Desktop\Tools
2020-08-16 12:19 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-16 12:18 - 2020-06-05 10:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-16 12:18 - 2020-06-05 10:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-16 12:18 - 2016-11-19 10:25 - 000000000 ____D C:\Users\Scott\AppData\LocalLow\Mozilla
2020-08-16 12:13 - 2020-06-11 15:53 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-08-16 11:59 - 2020-06-05 10:08 - 000000000 ____D C:\Users\Scott
2020-08-16 11:39 - 2020-06-05 10:38 - 001067550 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-16 11:39 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2020-08-16 10:52 - 2019-12-07 02:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-08-16 10:52 - 2017-03-05 12:09 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-08-16 09:40 - 2020-06-05 10:39 - 000004148 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{94B7351E-C17F-46F7-8BED-70D790AAD314}
2020-08-15 19:04 - 2020-06-05 10:01 - 000000000 ____D C:\WINDOWS\system32\msmq
2020-08-15 10:45 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-14 09:21 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-13 11:27 - 2019-12-16 13:12 - 000000000 ____D C:\Users\Scott\AppData\Local\D3DSCache
2020-08-12 23:40 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-12 17:00 - 2020-06-05 10:34 - 000552832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-12 16:28 - 2020-06-03 23:52 - 000000000 ___HD C:\$WinREAgent
2020-08-12 11:32 - 2015-11-13 11:12 - 000000000 ____D C:\Users\Scott\AppData\Local\ElevatedDiagnostics
2020-08-12 10:55 - 2019-12-16 12:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-08-11 19:18 - 2020-07-14 23:34 - 006247480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-08-11 19:18 - 2020-06-09 19:03 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-08-11 19:18 - 2020-06-09 19:03 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-08-11 19:18 - 2020-06-05 10:39 - 000004568 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-08-11 19:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-08-11 19:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-08-09 10:07 - 2019-12-16 12:43 - 000000000 ___RD C:\Users\Scott\OneDrive
2020-08-06 20:25 - 2019-12-16 12:41 - 000000000 ____D C:\Users\Scott\AppData\Local\Packages
2020-08-06 12:08 - 2019-12-07 02:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-05 20:26 - 2019-04-03 15:51 - 000243724 _____ C:\WINDOWS\Macrium Reflect Patch Log.txt
2020-08-03 14:48 - 2015-12-05 14:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-03 14:02 - 2019-03-09 18:27 - 005084592 _____ C:\WINDOWS\PE_Rom.dll
2020-08-03 13:11 - 2019-12-07 02:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-08-02 14:16 - 2019-12-07 02:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-07-29 11:17 - 2015-08-27 16:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-28 16:44 - 2015-08-27 16:37 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-28 14:12 - 2020-07-08 11:12 - 000001180 _____ C:\Users\Scott\Desktop\Start Tor Browser.lnk
2020-07-27 10:26 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemApps
2020-07-23 15:46 - 2019-12-16 12:57 - 000000000 ____D C:\Users\Scott\AppData\Local\PlaceholderTileLogoFolder
2020-07-21 21:03 - 2015-08-27 15:41 - 000000000 ____D C:\ProgramData\Intel
2020-07-21 21:01 - 2015-08-27 15:21 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-21 21:01 - 2015-08-27 15:03 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-20 14:38 - 2020-05-20 16:55 - 000001399 _____ C:\Users\Scott\Desktop\Hidden Secrets Nostradamus.lnk

==================== Files in the root of some directories ========

2015-08-28 18:28 - 2015-08-28 18:28 - 000000697 _____ () C:\Users\Scott\AppData\Roaming\ConvAPIPlugin.log
2015-10-21 19:06 - 2019-12-22 16:53 - 014716928 _____ () C:\Users\Scott\AppData\Roaming\Sandra.mdb
2015-08-28 13:20 - 2019-12-07 21:09 - 000007623 _____ () C:\Users\Scott\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2020
Ran by Scott (16-08-2020 12:23:50)
Running from C:\Users\Scott\Desktop
Windows 10 Pro Version 2004 19041.450 (X64) (2020-06-05 17:39:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2157332433-1070056625-1532484577-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2157332433-1070056625-1532484577-503 - Limited - Disabled)
Guest (S-1-5-21-2157332433-1070056625-1532484577-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2157332433-1070056625-1532484577-1003 - Limited - Enabled)
Scott (S-1-5-21-2157332433-1070056625-1532484577-1000 - Administrator - Enabled) => C:\Users\Scott
WDAGUtilityAccount (S-1-5-21-2157332433-1070056625-1532484577-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
8 Ball Pool (HKLM-x32\...\8 Ball Pool_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Acrylic Wi-Fi Home v4.3 (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 4.3 - Tarlogic Research S.L.)
Adam Wolfe (HKLM-x32\...\Adam Wolfe_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20041 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.8 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.414 - Adobe)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.02 - ASUSTeK Computer Inc.)
Alice in Wonderland (HKLM-x32\...\Alice in Wonderland_is1) (Version: 1.0 - GameTop Pte. Ltd.)
AlienHallway (HKLM-x32\...\AlienHallway_is1) (Version: 1.0 - Media Contact LLC)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Amazon Kindle) (Version: 1.25.0.52025 - Amazon)
Amazon Photos (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Amazon Photos) (Version: 7.3.1 - Amazon.com, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
Ancient Ball Curse of Pharaoh (HKLM-x32\...\Ancient Ball Curse of Pharaoh_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Apothecarium World (HKLM-x32\...\Apothecarium World_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3700 - ASUS)
Autodesk DWG TrueView 2018 - English (HKLM\...\DWG TrueView 2018 - English) (Version: 22.0.50.0 - Autodesk)
Barn Yarn (HKLM-x32\...\Barn Yarn_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Blue Tear (HKLM-x32\...\Blue Tear_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
bpd_scan (HKLM-x32\...\{0E52A52C-E120-461C-AA1B-21B045BEE842}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Brick Shooter Egypt (HKLM-x32\...\Brick Shooter Egypt_is1) (Version: 1.0 - Media Contact LLC)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{6C2E3E06-9075-AC61-44F5-727DFA72F01B}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Charm Tale 2 Mermaid Lagoon (HKLM-x32\...\Charm Tale 2 Mermaid Lagoon_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Chicken Attack Deluxe (HKLM-x32\...\Chicken Attack Deluxe_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Cisco VideoGuard Player (HKLM-x32\...\{eb841aaa-19f5-40db-93af-850cf64f61c3}) (Version: 6.8 - Cisco Systems, Inc)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Dark Asylum Mystery Adventure (HKLM-x32\...\Dark Asylum Mystery Adventure_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Dark Heart Flight of the Harpies (HKLM-x32\...\Dark Heart Flight of the Harpies_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Dark Matter (HKLM-x32\...\Dark Matter_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Desktop Destroyer 3D Screensaver (HKLM-x32\...\Desktop Destroyer) (Version: 3.0 - Isotope 244)
Detective of Spirit World (HKLM-x32\...\Detective of Spirit World_is1) (Version: 1.0 - GameTop Pte. Ltd.)
DWG TrueView 2018 - English (HKLM\...\{28B89EEF-1028-0409-0100-CF3F3A09B77D}) (Version: 22.0.50.0 - Autodesk) Hidden
Eastville Chroniclesthe The Drama Queen Murder (HKLM-x32\...\Eastville Chronicles the The Drama Queen Murder_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Egyptian Ball (HKLM-x32\...\Egyptian Ball_is1) (Version: 1.0 - Media Contact LLC)
Escape From Lost Island (HKLM-x32\...\Escape From Lost Island_is1) (Version: 1.0 - Media Contact LLC)
Fall of the New Age (HKLM-x32\...\Fall of the New Age_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Family Vacation 2 (HKLM-x32\...\Family Vacation 2_is1) (Version: 1.0 - GameTop Pte. Ltd.)
GDR 4042 for SQL Server 2008 R2 (KB3045313) (HKLM-x32\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Girl in the City (HKLM-x32\...\Girl in the City_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Golden Dozen Solitaire (HKLM-x32\...\GoldenDozenSolitaire_is1) (Version: 1.0 - Media Contact LLC)
Golden Path (HKLM-x32\...\Golden Path_is1) (Version: 1.0 - Media Contact LLC)
Golden Trails (HKLM-x32\...\Golden Trails_is1) (Version: 1.0 - Media Contact LLC)
Golden Trails 2 (HKLM-x32\...\Golden Trails 2_is1) (Version: 1.0 - Media Contact LLC)
Golden Trails 3 (HKLM-x32\...\Golden Trails 3_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Gone Home (HKLM-x32\...\{F41D91C5-83B4-40E1-869E-01A0D6056F97}) (Version:  - Fullbright)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GreatSecrets-DaVinci (HKLM-x32\...\GreatSecrets-DaVinci_is1) (Version: 1.0 - Media Contact LLC)
Haunted House (HKLM-x32\...\Haunted House_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Hidden Secrets Nostradamus (HKLM-x32\...\Hidden Secrets Nostradamus_is1) (Version: 1.0 - Media Contact LLC)
Hiddenverse Ariadna Dreaming (HKLM-x32\...\Hiddenverse Ariadna Dreaming_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Hiddenverse Tale of Ariadna (HKLM-x32\...\Hiddenverse Tale of Ariadna_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Hope Lake (HKLM-x32\...\Hope Lake_is1) (Version: 1.0 - GameTop Pte. Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP OfficeJet 4650 series Basic Device Software (HKLM\...\{F68DF314-BD12-4549-941C-521CB8D16DDE}) (Version: 40.11.1122.1796 - HP Inc.)
HP OfficeJet 4650 series Help (HKLM-x32\...\{20CA428A-0827-4441-BC64-5C577EA970AD}) (Version: 36.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Hypnosis (HKLM-x32\...\Hypnosis_is1) (Version: 1.0 - Media Contact LLC)
I.R.I.S. OCR (HKLM-x32\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP)
iCloud (HKLM\...\{F0AD317D-AE18-45D0-BE5B-30074AFE6740}) (Version: 7.19.0.10 - Apple Inc.)
Inbetween Land (HKLM-x32\...\Inbetween Land_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Insider Tales The Stolen Venus (HKLM-x32\...\Insider Tales The Stolen Venus_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Insider Tales Vanished in Rome (HKLM-x32\...\Insider Tales Vanished in Rome_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Intel Extreme Tuning Utility (HKLM-x32\...\{E33D0A14-53FA-4951-B957-B6B157EB6ED2}) (Version: 5.1.2.2 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{eb3c7583-932b-4db5-a272-5fb4528656bb}) (Version: 5.1.2.2 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Invasion Lost in Time (HKLM-x32\...\Invasion Lost in Time_is1) (Version: 1.0 - GameTop Pte. Ltd.)
iTunes (HKLM\...\{EA1B93E5-47D8-4252-8441-DEC5F5274C60}) (Version: 12.10.8.5 - Apple Inc.)
Jigsaw Puzzle Diamond Pack (HKLM-x32\...\Jigsaw Puzzle Diamond Pack_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Kingdom of Aurelia Mystery of Poisoned Dagger (HKLM-x32\...\Kingdom of Aurelia Mystery of Poisoned Dagger_is1) (Version: 1.0 - GameTop Pte. Ltd.)
League of Mermaids (HKLM-x32\...\League of Mermaids_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.123 - Logitech)
Lost Inca 2 (HKLM-x32\...\Lost Inca 2_is1) (Version: 1.0 - Media Contact LLC)
Lucky Pyramid Solitaire (HKLM-x32\...\Lucky Pyramid Solitaire_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Macrium Reflect Free Edition (HKLM\...\{7B6D9B8A-2663-4F00-87D9-550B309D77A8}) (Version: 7.2.4063 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
Magical Mysteries (HKLM-x32\...\Magical Mysteries_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Microsoft .NET Core SDK 3.1.300 (x64) (HKLM-x32\...\{c8867574-9c22-4807-9803-17387f3f6a85}) (Version: 3.1.300.15161 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{C058FC5D-565F-4360-A562-0527A3D993DC}) (Version: 2.3.2211 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.59 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Access Runtime (English) 2007 (HKLM-x32\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\OneDriveSetup.exe) (Version: 20.124.0621.0006 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{EFECC55D-7B0A-4D05-8487-CC2FD7C618A3}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.4 (x64) (HKLM-x32\...\{6ea49e83-4bd6-41b7-85ee-aa6a433739bd}) (Version: 3.1.4.28821 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
Mozilla Firefox 79.0 (x64 en-US) (HKLM\...\Mozilla Firefox 79.0 (x64 en-US)) (Version: 79.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 79.0.0.7506 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Expedition Prisoners of Ice (HKLM-x32\...\Mystery Expedition Prisoners of Ice_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Our Worst Fears Stained Skin (HKLM-x32\...\Our Worst Fears Stained Skin_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Pool Pro (HKLM-x32\...\Pool Pro_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Rainbow Web 2 (HKLM-x32\...\Rainbow Web 2_is1) (Version: 1.0 - Media Contact LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7233 - Realtek Semiconductor Corp.)
Riddles of the Past (HKLM-x32\...\Riddles of the Past_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Sacred Almanac Traces of Greed (HKLM-x32\...\Sacred Almanac Traces of Greed_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Sandra Fleming Chronicles Crystal Skulls (HKLM-x32\...\Sandra Fleming Chronicles Crystal Skulls_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Scaraball (HKLM-x32\...\Scaraball_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Search for the Wonderland (HKLM-x32\...\Search for the Wonderland_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Secrets of the Past Mothers Diary (HKLM-x32\...\Secrets of the Past Mothers Diary_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Seven Roses (HKLM-x32\...\Seven Roses_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Showing Tonight Mindhunters Incident (HKLM-x32\...\Showing Tonight Mindhunters Incident_is1) (Version: 1.0 - GameTop Pte. Ltd.)
SiSoftware Sandra Lite 2015.SP2b (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.42.2015.7 - SiSoftware)
Soldier of Fortune II - Double Helix GOLD (HKLM-x32\...\Soldier of Fortune II - Double Helix GOLD) (Version: 1.02 - Activsion, Inc.)
Space Legends (HKLM-x32\...\Space Legends_is1) (Version: 1.0 - GameTop Pte. Ltd.)
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM-x32\...\{93998800-1608-403F-9A51-420A77D23C25}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Star Defender 2 (HKLM-x32\...\Star Defender 2_is1) (Version: 1.0 - Media Contact LLC)
Star Drone (HKLM-x32\...\Star Drone_is1) (Version: 1.0 - Media Contact LLC)
Star Raid (HKLM-x32\...\Star Raid_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Curse of Silent Marshes (HKLM-x32\...\The Curse of Silent Marshes_is1) (Version: 1.0 - GameTop Pte. Ltd.)
The Great Unknown Houdinis Castle (HKLM-x32\...\The Great Unknown Houdinis Castle_is1) (Version: 1.0 - GameTop Pte. Ltd.)
The Princess Case (HKLM-x32\...\The Princess Case_is1) (Version: 1.0 - GameTop Pte. Ltd.)
The Secret Legacy Kate Brooks (HKLM-x32\...\The Secret Legacy Kate Brooks_is1) (Version: 1.0 - GameTop Pte. Ltd.)
The Spell (HKLM-x32\...\The Spell_is1) (Version: 1.0 - GameTop Pte. Ltd.)
TheMatrix Screen Saver version 1.14 (HKLM-x32\...\{23FBECC1-FA31-472A-83FB-27520B81EC3A}_is1) (Version: 1.14 - Meticulous Software)
TP-LINK Archer T4UH Driver (HKLM-x32\...\{56214C11-9B9E-4B22-8AB1-DCF9DD604A15}) (Version: 1.3.1 - TP-LINK)
TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Twilight City Love as a Cure (HKLM-x32\...\Twilight City Love as a Cure_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Twitch (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Void (HKLM-x32\...\Void_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Vulkan Run Time Libraries 1.0.13.0 (HKLM\...\VulkanRT1.0.13.0) (Version: 1.0.13.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.13.0 (HKLM\...\VulkanRT1.0.13.0-2) (Version: 1.0.13.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-2) (Version: 1.0.37.0 - LunarG, Inc.)
Wave of Time (HKLM-x32\...\Wave of Time_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Weeping Skies (HKLM-x32\...\Weeping Skies_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Yeti Legend Mystery of the Forest (HKLM-x32\...\Yeti Legend Mystery of the Forest_is1) (Version: 1.0 - GameTop Pte. Ltd.)

Packages:
=========
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08 [2020-07-24] (AMZN Mobile LLC.) [Startup Task]
Amazon Prime Video for PC -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.9.0_x64__pwbj9vvecjh7j [2020-08-11] (Amazon Development Centre (London) Ltd)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-27] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.1.7200.0_x86__8wekyb3d8bbwe [2020-08-10] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8042.0_x64__8wekyb3d8bbwe [2020-08-06] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.24.32162.0_x64__8wekyb3d8bbwe [2020-08-10] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> E:\Programs\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> E:\Programs\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-15] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-05-07] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll -> No File
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2020-07-12 21:48 - 2017-10-29 19:15 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2020-07-12 21:48 - 2017-11-24 08:48 - 000082432 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2020-07-12 21:48 - 2017-11-24 08:48 - 000743424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2020-07-12 21:48 - 2017-11-24 08:48 - 000082432 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2020-07-12 21:54 - 2014-10-30 15:36 - 001139712 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2020-07-12 21:54 - 2014-10-09 09:31 - 000237568 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2020-07-12 21:54 - 2014-02-24 17:49 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2020-07-12 21:48 - 2017-12-26 21:26 - 000053248 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\cpuutil.dll
2020-07-12 21:48 - 2017-11-27 17:57 - 000062464 _____ () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\Exeio.dll
2020-07-12 21:48 - 2017-11-27 17:57 - 001772544 _____ () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\Vender.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-07-24 19:00 - 2020-07-24 19:01 - 075942400 _____ () [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\Alexa.dll
2019-12-26 15:07 - 2019-12-26 15:07 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\e_sqlite3.dll
2020-07-24 19:00 - 2020-07-24 19:00 - 000009216 _____ () [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\ImagePipelineNative.dll
2020-05-14 00:59 - 2020-05-14 00:59 - 000123392 _____ () [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\libpryon_lite.dll
2020-08-05 17:38 - 2020-08-05 17:38 - 000799744 _____ () [File not signed] C:\Users\Scott\AppData\Local\Amazon Drive\sqlite3.dll
2015-08-27 14:59 - 2014-04-24 15:03 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2020-07-12 21:48 - 2017-10-29 19:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpi.dll
2020-07-12 21:48 - 2017-11-24 08:47 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2020-08-16 12:18 - 2020-08-16 12:18 - 000036648 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpiEx.dll
2020-07-12 21:48 - 2017-11-24 08:47 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2020-07-12 21:48 - 2017-11-24 08:47 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiEx.dll
2020-07-12 21:54 - 2014-10-14 19:32 - 001088000 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2020-07-12 21:54 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2020-07-12 21:54 - 2015-03-12 14:48 - 000901120 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2020-07-12 21:48 - 2017-05-03 08:17 - 000106496 _____ (ASUSTek Computer Inc.,) [File not signed] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\EIO.DLL
2019-12-26 15:07 - 2019-12-26 15:07 - 000098816 _____ (Facebook, Inc.) [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\yoga.dll
2015-08-28 18:26 - 2010-05-14 15:04 - 000138752 _____ (Hewlett-Packard Company) [File not signed] C:\WINDOWS\System32\hpf3l02t.dll
2015-08-28 18:27 - 2010-05-14 15:04 - 000253440 _____ (Hewlett-Packard Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp02t.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2014-05-28 10:10 - 2014-05-28 10:10 - 000296960 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-05-28 10:10 - 2014-05-28 10:10 - 000526336 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2020-08-05 17:38 - 2020-08-05 17:38 - 000125952 _____ (Robert Vazan) [File not signed] C:\Users\Scott\AppData\Local\Amazon Drive\crc32c.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000076288 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qgifd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000097280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicnsd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000077312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicod.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000432640 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qjpegd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000058880 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qsvgd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000058880 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtgad.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000574976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtiffd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000058368 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwbmpd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000844800 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwebpd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 002932736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 009541632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 010430464 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000557056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Svgd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 008565248 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000299520 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2020-07-12 21:48 - 2017-12-20 11:01 - 000193536 _____ (TODO: <Company name>) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\AsusGpuTweak.dll
2020-05-14 00:59 - 2020-05-14 00:59 - 000266752 _____ (Un4seen Developments) [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\bass.dll
2020-05-14 00:59 - 2020-05-14 00:59 - 000112640 _____ (Un4seen Developments) [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\bassmidi.dll
2020-05-14 00:59 - 2020-05-14 00:59 - 000045056 _____ (Un4seen Developments) [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\bassmix.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:67D1828F [1520]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\HP\Digital Imaging\bin;C:\Program Files (x86)\HP\Digital Imaging\bin\;C:\Program Files (x86)\HP\Digital Imaging\bin\Qt\Qt 4.3.3;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;%JAVA_HOME%\bin;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files\ASUS\Bluetooth Software\;C:\Program Files\ASUS\Bluetooth Software\syswow64;;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Scott\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\background12 (2).jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "HP OfficeJet 4650 series (NET)"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "Sidebar"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "79E7102FE81497D621F06500A298B59D3A61040B._service_run"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{779EED7B-BD7D-4D79-9034-17DC65FC91D6}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0472\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DBF24F04-77EC-49C8-A9AF-1B67E971FAF6}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0472\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{420B9F02-2B01-4BEF-9328-7B673EFCD911}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0046\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{F9415396-E76E-4C36-A1C9-797CCF660122}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0046\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{35B2364D-4C27-47DF-92F9-AF713C3D1472}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Research SL -> Tarlogic Research S.L.)
FirewallRules: [{A2C21173-0A04-4A84-81C5-7A2A3CD0900A}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Research SL -> Tarlogic Research S.L.)
FirewallRules: [{C387CDD3-BFCF-4010-83FD-65B9CA5FEC57}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe => No File
FirewallRules: [{594C618B-4BD2-4084-A7A1-1DD6A1D8F4DA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe => No File
FirewallRules: [{86CBC11C-692B-4B08-9345-DB9BD811B2AC}] => (Allow) LPort=1542
FirewallRules: [{383222AB-AC3A-407F-8F3D-AFC6A52DE012}] => (Allow) LPort=1542
FirewallRules: [{D272D3B0-F5D2-4391-91C2-83CBA6B64886}] => (Allow) LPort=53
FirewallRules: [{FD095C8E-10A8-4FB9-8570-D799E0B796C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{43E241A0-4881-4AD4-9DD3-01A1877FCD1F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{677D4B9B-E37B-44FC-B5F9-8BBFA8376832}] => (Allow) E:\Programs\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D2F3575F-BC6A-444C-A831-B27FA1DCA589}] => (Allow) E:\Programs\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1753CED9-8EBE-42C3-A8B6-F16CB055CFAD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe => No File
FirewallRules: [{58C7737F-F32B-4A0E-B860-CE55C5DC5D5E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe => No File
FirewallRules: [{6922DAB9-175E-499F-AB00-4A5EFD230AE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe => No File
FirewallRules: [{3E24251B-C52C-4DCB-9FE2-3EFB2CD5B11E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe => No File
FirewallRules: [{06AE3654-D4A7-47DC-A98C-2589B6A4A5B4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe => No File
FirewallRules: [{AB39ADDC-A29C-45FD-BE31-8F01BF9DA770}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe => No File
FirewallRules: [{799EE0EE-7DAA-4350-8DD1-4084F7B0CDC9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe => No File
FirewallRules: [{9D457F88-9F4B-4DF3-BE66-D22C6CA518E4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe => No File
FirewallRules: [{CC323492-90D3-43BE-AB7C-1E40298D6E33}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe => No File
FirewallRules: [{B19B816F-B98C-4081-BD6B-6BC5E7B98C71}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe => No File
FirewallRules: [{E4753B6B-84ED-4FF7-A9C4-9801BA0B20F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe => No File
FirewallRules: [{4711EE17-BE14-4C7F-AF0E-5B9C53C919E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe => No File
FirewallRules: [{ED17C471-841D-49C9-B1C0-440BCDE3BF37}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe => No File
FirewallRules: [{DFF66ABA-0CF2-487B-9D87-44ECE7B1B436}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe => No File
FirewallRules: [{3228B062-C0B2-48DE-8E0A-4F52B8C00B29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe => No File
FirewallRules: [{2A840883-AE55-4B26-B41E-A7DB9290DB21}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe => No File
FirewallRules: [{F417FBDA-CCFC-4304-83CE-9D0DB7CB908B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{D71DF2CD-0C41-444A-A6FB-997CC33924F7}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe => No File
FirewallRules: [{7ACAEC7E-1825-4230-AFD9-109531639F6E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3BE83233-CEFC-4394-AD4F-F407774CD1DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{914E4907-D489-4295-BA01-359EE94E6F06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7E1DBB0-FD40-43C3-95DA-5CDF119778DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{68136BBE-C8B1-4CE6-A626-7682F299C168}] => (Allow) E:\Programs\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe (SiSoftware SPC -> SiSoftware) [File not signed]
FirewallRules: [{3A5C218F-28F1-4492-8650-C29856DB9F95}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3F960DA5-0A85-43B4-B3F3-52AAA4FE86F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{453DD2EF-DC29-4BC0-B106-A6BD6DF76ECE}] => (Allow) E:\Programs\Steam\steamapps\common\Tachyon The Fringe\Tachyon.exe () [File not signed]
FirewallRules: [{94CFEE01-0B1D-46F4-AFA1-353D3F4CC35F}] => (Allow) E:\Programs\Steam\steamapps\common\Tachyon The Fringe\Tachyon.exe () [File not signed]
FirewallRules: [{72000F7B-CBC6-4522-8EFF-61DAEF00C482}] => (Allow) E:\Programs\Steam\steamapps\common\Comanche 4\c4.exe () [File not signed]
FirewallRules: [{74E43185-F58A-4AF8-B9DB-FE34300F1DED}] => (Allow) E:\Programs\Steam\steamapps\common\Comanche 4\c4.exe () [File not signed]
FirewallRules: [{B5590630-F2AD-440C-81FA-2645671FC1D2}] => (Allow) E:\Programs\Steam\steamapps\common\Comanche 4\c4medc.exe () [File not signed]
FirewallRules: [{53DA2017-2D0A-4BEC-AA37-C722356BF56C}] => (Allow) E:\Programs\Steam\steamapps\common\Comanche 4\c4medc.exe () [File not signed]
FirewallRules: [{7FF5E9C5-52C6-45DF-BCF5-EB2D3F6CEB4B}] => (Allow) E:\Programs\Steam\steamapps\common\MiG-29 Fulcrum\M29.exe (NovaLogic) [File not signed]
FirewallRules: [{0123CDF3-BC5B-4BD1-8F54-8AC0DFBC15A2}] => (Allow) E:\Programs\Steam\steamapps\common\MiG-29 Fulcrum\M29.exe (NovaLogic) [File not signed]
FirewallRules: [{892B875D-D8E3-4A09-A3D8-A7F383E46DC9}] => (Allow) E:\Programs\Steam\steamapps\common\MiG-29 Fulcrum\Fwe.exe (NovaLogic) [File not signed]
FirewallRules: [{8553807B-F5E9-4DAE-A315-E035607B363C}] => (Allow) E:\Programs\Steam\steamapps\common\MiG-29 Fulcrum\Fwe.exe (NovaLogic) [File not signed]
FirewallRules: [{F1889078-19AD-4B3C-B9F2-B41ADCFC4274}] => (Allow) E:\Programs\Steam\steamapps\common\F-16 Multirole Fighter\F16.EXE (NovaLogic) [File not signed]
FirewallRules: [{0AA1D55E-B576-4EA0-A51F-F4526964DFD8}] => (Allow) E:\Programs\Steam\steamapps\common\F-16 Multirole Fighter\F16.EXE (NovaLogic) [File not signed]
FirewallRules: [{6F670F7B-72F4-43BA-A98C-4598CEA21B48}] => (Allow) E:\Programs\Steam\steamapps\common\F-16 Multirole Fighter\FWE.EXE (NovaLogic) [File not signed]
FirewallRules: [{C1062F95-9041-42CD-AA0E-9EC2033C4F88}] => (Allow) E:\Programs\Steam\steamapps\common\F-16 Multirole Fighter\FWE.EXE (NovaLogic) [File not signed]
FirewallRules: [{2B57F8E3-9F99-42C0-A61D-E2C15EFB7796}] => (Allow) E:\Programs\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{24E26997-E0F0-4A43-BC14-830117A64424}] => (Allow) E:\Programs\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{F57FC5FC-FE0E-4DA0-AAD9-D41218CC1502}] => (Allow) E:\Programs\Steam\steamapps\common\F-22 Lightning 3\L3.exe (NovaLogic) [File not signed]
FirewallRules: [{C9F46A05-4338-4352-AA4A-6732E0AF6823}] => (Allow) E:\Programs\Steam\steamapps\common\F-22 Lightning 3\L3.exe (NovaLogic) [File not signed]
FirewallRules: [{9D0DEA32-4976-4CEA-8344-CE482FFD4FD7}] => (Allow) E:\Programs\Steam\steamapps\common\F-22 Lightning 3\Fwe.exe (NovaLogic) [File not signed]
FirewallRules: [{08311EB9-79AA-4690-AE37-92B29F71549C}] => (Allow) E:\Programs\Steam\steamapps\common\F-22 Lightning 3\Fwe.exe (NovaLogic) [File not signed]
FirewallRules: [{9BC96D88-0A39-4A17-9AC1-15890F2C4561}] => (Allow) E:\Programs\Steam\steamapps\common\Armored Fist 3\AF3.EXE () [File not signed]
FirewallRules: [{A04EC818-9666-4C94-9DC9-9009C2F01A1D}] => (Allow) E:\Programs\Steam\steamapps\common\Armored Fist 3\AF3.EXE () [File not signed]
FirewallRules: [{2FEBAD4F-4F1A-4544-85C7-04631A1429BE}] => (Allow) E:\Programs\Steam\steamapps\common\Armored Fist 3\AF3MED.EXE () [File not signed]
FirewallRules: [{F35CED5A-306A-41C7-830E-439BC25CBF33}] => (Allow) E:\Programs\Steam\steamapps\common\Armored Fist 3\AF3MED.EXE () [File not signed]
FirewallRules: [{4576AFB4-E9AF-472E-A61C-BDE87BA55874}] => (Allow) E:\Programs\Steam\steamapps\common\Shattered_Horizon\client_exe\shattered_horizon.exe (Futuremark) [File not signed]
FirewallRules: [{6522C122-88AB-49BD-A5CB-EB0F8B5D05DE}] => (Allow) E:\Programs\Steam\steamapps\common\Shattered_Horizon\client_exe\shattered_horizon.exe (Futuremark) [File not signed]
FirewallRules: [{8146F85C-996E-4A61-9853-838778A56109}] => (Allow) E:\Programs\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{B1EA69A4-793C-4DCE-93B5-0DC14510EF20}] => (Allow) E:\Programs\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{136F6FCB-6B7E-4AD2-8058-95FA0F842457}] => (Allow) LPort=1487
FirewallRules: [{2980AE92-DEF6-4854-938B-AABA2FE80B14}] => (Allow) E:\Programs\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B782F739-CFC3-407C-92F3-8F2B06534DBF}] => (Allow) E:\Programs\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{873099C4-5C6F-4FE4-A7DF-A9015D22387B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{51394781-3983-4291-9EED-CE701FF2B892}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe => No File
FirewallRules: [{D5D3CD8F-E9CF-4324-9EFE-C15DE5A04204}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe => No File
FirewallRules: [{5EBA23CA-7D7A-4412-A60E-721C001C1CE0}] => (Allow) D:\New folder\OJ6500vE709_Full_14\setup\hpznui40.exe => No File
FirewallRules: [{871BB756-E9FB-448F-8E3C-927F759309CD}] => (Allow) E:\Programs\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{61DA0787-044C-4F74-B593-A48181BEC0B6}] => (Allow) E:\Programs\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{4AF40956-004E-4958-8686-27D39E9AF642}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File
FirewallRules: [{F890BD76-1B15-4018-BAAC-4B9A56FCC101}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File
FirewallRules: [{FCD3B43D-EB07-4357-8E27-E3CC5550BF33}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File
FirewallRules: [{0570CEBA-C825-46DA-86E9-9AA9F19ADDBC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File
FirewallRules: [{FE555054-49C6-428F-80A3-670C871DA771}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [{F2062D52-3B20-4002-96C3-50D7905C7D0D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [{46B60C8C-DACA-4A17-8D44-7A34B6850553}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{70C67B01-96FB-4EB9-B570-3772850B8371}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{AF4ECDAA-252C-4D99-86B5-1F3789E71884}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => No File
FirewallRules: [{F32A1547-E1B3-493E-BCFA-0D617A4C5499}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => No File
FirewallRules: [{49B09E7F-6FCD-4684-9656-BB4CFF3EB765}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe => No File
FirewallRules: [{47967E56-4DD7-4EFB-8FC6-5B220D7EA602}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe => No File
FirewallRules: [{E493D093-4C5C-4EE7-BD89-834167894DF7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe => No File
FirewallRules: [{E150793C-CAAA-42E4-8A4D-890869F20AD1}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe => No File
FirewallRules: [{26A40C1E-AE92-4D38-AF62-EBA250D45489}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe => No File
FirewallRules: [{A82C50AF-F6F4-451D-A703-D80DF549A52E}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe => No File
FirewallRules: [{05F579F7-F2FD-4CF8-B527-14C43FCF46C2}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe => No File
FirewallRules: [{A256A3A9-C728-4887-8FD5-8814D2372512}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe => No File
FirewallRules: [{D440DC52-5702-4869-8666-F7691DD1EFF7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe => No File
FirewallRules: [{70F76B9A-A14E-455D-BFC0-A480C204F583}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe => No File
FirewallRules: [{AC6B2B75-0BF9-434A-81C2-D8CEC6C074AC}] => (Allow) C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe => No File
FirewallRules: [{11CFE420-9B35-4CB7-88BB-B274C01F825A}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe => No File
FirewallRules: [{288497F9-9D32-47B2-A4A4-CB630EA3ABFE}] => (Allow) C:\Program Files\ASUS\HomeCloud\ServerConsole\ASUS HomeCloud.exe => No File
FirewallRules: [{5A836B67-A3B3-4CBB-9029-02EBCC13839F}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Wi-Fi GO! AssistTool\WiFi GO! Server.exe => No File
FirewallRules: [{81DDB996-D5F5-4407-AA0A-0658035C8187}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Wi-Fi GO! AssistTool\WiFi GO! Server.exe => No File
FirewallRules: [{D19B85BE-0486-460E-9F73-5C11F437124D}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Remote GO!\ASUSDMS.exe => No File
FirewallRules: [{793F2227-3B1B-4896-A455-03990A33C765}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Remote GO!\ASUSDMS.exe => No File
FirewallRules: [TCP Query User{17178184-D71B-43AE-84FC-B6D626F9E14A}C:\users\scott\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\scott\appdata\local\amazon music\amazon music helper.exe => No File
FirewallRules: [UDP Query User{9EC79676-2C7E-46FE-A36D-F0D2A3EAC844}C:\users\scott\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\scott\appdata\local\amazon music\amazon music helper.exe => No File
FirewallRules: [TCP Query User{47CAA891-7790-4203-94E3-E803D3C15EE6}C:\users\scott\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\scott\appdata\local\amazon music\amazon music helper.exe => No File
FirewallRules: [UDP Query User{8E7BEFB6-74C4-45D1-862A-2BEC8A75C377}C:\users\scott\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\scott\appdata\local\amazon music\amazon music helper.exe => No File
FirewallRules: [{70DDD9E1-39C9-4016-B9B6-269FFCFF71D6}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2C74\HP.EasyStart.exe => No File
FirewallRules: [{25F68A88-110C-48BB-9012-D2B1A48D7A57}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{08C35FCD-9652-4291-B8A2-D2E33DACEB22}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{00F018DD-EF65-4186-A553-7FF0A3FB0BA5}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{C677A415-410E-4C1D-B0EF-45A38EC2454F}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3F0DE728-DD80-4C7D-8EDA-68C08D5A711A}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{0C0F07F2-B78D-4157-B200-7417299F2A73}] => (Allow) LPort=5357
FirewallRules: [{2AE31A57-FAFA-4955-90E2-2AFE87B4BA7D}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{C8B4A670-B867-4985-957A-F1A9BC947681}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS1CD0\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{78523B41-9A46-4788-8947-4AACE12EFDD0}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS1CD0\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DE970D6A-CAFF-4A6E-9C88-2F3E13A6DF41}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0A00\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{37C5EF38-998C-4357-B47F-51EBD4601E6C}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0A00\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{2469690C-8B77-413E-99D2-336D24085337}] => (Allow) E:\Programs\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9A94ED11-79B2-46B2-9B70-CD9AF6C1D56A}] => (Allow) E:\Programs\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DC56F89E-CF94-4E61-BC24-EB9649751772}] => (Allow) E:\Programs\Steam\steamapps\common\GRID Autosport\GRIDAutosport.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{E71530DE-390A-48AD-96EC-445E59135F7A}] => (Allow) E:\Programs\Steam\steamapps\common\GRID Autosport\GRIDAutosport.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{A31CA66C-3D07-4CFD-885A-BF159CBD9600}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{DEB2B1B7-73A3-4478-B73C-32C93C976657}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{F4BA919E-C038-4AAE-8E79-5A2527EA7E9E}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{A652D0DC-C303-4880-9398-B80EAB691E7E}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{36CA3E14-44E0-404B-9E72-F0515ADB182F}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{FBCB0F29-4261-430B-B3E0-F2BDB507D6D8}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{A539304B-823C-41B9-9AED-40ED88E9A694}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS62A3\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C27BA54D-A995-49AF-84E9-2646749FA0AA}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS62A3\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6F459F8B-AA50-483C-A4FD-3767E20B9F3E}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS62FE\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C49DF0BF-F497-4A48-8582-AE83AEBA9C31}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS62FE\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{59288CA4-0585-45FC-9486-728B6BBAAF30}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{199FADAB-3A3A-4C54-9F75-2E24710CD204}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4A9FE513-5462-4C49-BF17-7214EA885F8A}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2E8D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{353FF545-881C-457E-A078-D955C0A4F1DC}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2E8D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{B2B7151D-E177-4126-9B6D-D0AA47074FF2}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2ED1\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{33A27935-0BE6-431F-AD13-5A054076D45F}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2ED1\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FF9368DB-1184-4232-8978-EE339B038D6E}] => (Allow) E:\Programs\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{86190D57-382F-4836-91F4-50E1AC1C758F}] => (Allow) E:\Programs\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\RpcSandraSrv.exe (SiSoftware SPC -> SiSoftware) [File not signed]

==================== Restore Points =========================

11-08-2020 11:57:53 Scheduled Checkpoint
12-08-2020 16:28:06 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/16/2020 12:18:53 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NEWPC)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (08/16/2020 12:18:53 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NEWPC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/16/2020 12:00:16 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NEWPC)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (08/16/2020 12:00:16 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NEWPC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/16/2020 10:54:19 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NEWPC)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (08/16/2020 10:54:19 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NEWPC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/16/2020 10:42:17 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NEWPC)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (08/16/2020 10:42:17 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NEWPC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.


System errors:
=============
Error: (08/16/2020 12:18:21 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000124 (0x0000000000000000, 0xffff8e8f0961c028, 0x00000000be000000, 0x0000000000800400). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: fa588c48-3729-44ab-8658-7ec4be34064a.

Error: (08/16/2020 12:18:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126

Error: (08/16/2020 12:18:14 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.

Error: (08/16/2020 12:18:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:35:14 AM on ‎8/‎16/‎2020 was unexpected.

Error: (08/16/2020 12:18:03 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 124) (User: NT AUTHORITY)
Description: 03225747456

Error: (08/16/2020 12:18:03 PM) (Source: Microsoft-Windows-Hyper-V-Hypervisor) (EventID: 41) (User: NT AUTHORITY)
Description: Hypervisor launch failed; Either VMX not present or not enabled in BIOS.

Error: (08/16/2020 11:35:21 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x00000124 (0x0000000000000000, 0xffff998519b9b028, 0x00000000be000000, 0x0000000000800400). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 67dfe0b4-626c-4151-b7f4-a4988cd46f9a.

Error: (08/16/2020 11:35:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126


Windows Defender:
===================================
Date: 2020-08-15 12:56:16.2440000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {4E03C52C-F40B-48B4-BAF9-6C470E29BE53}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-08-15 12:06:10.0370000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {3DF590E7-C652-425F-A8D2-1F8606E26E32}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-08-12 11:32:30.6060000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {E74CE3B1-617D-4D5F-9A96-7DBF569C29CB}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-08-11 10:16:10.8290000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {C673C967-FB65-4DE6-BCBA-8C454D028D13}
Scan Type: Antimalware
Scan Parameters: Full Scan

Date: 2020-08-10 18:59:38.9390000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {9AB0E0AD-416C-4DB7-98C2-3023BEEFC8E2}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-08-15 19:13:40.6110000Z
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.321.1472.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17400.3
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2020-08-13 11:29:27.8020000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2020-08-13 11:29:27.7830000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2020-08-13 11:29:27.7680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2020-08-13 11:29:27.7260000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2020-08-13 11:29:27.7220000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2020-08-13 11:29:27.7170000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2020-08-13 11:29:27.2080000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2020-08-13 11:29:27.1410000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 3503 04/18/2018
Motherboard: ASUSTeK COMPUTER INC. Z97-AR
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 25%
Total physical RAM: 16323.55 MB
Available physical RAM: 12089.51 MB
Total Virtual: 32707.55 MB
Available Virtual: 27190.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.54 GB) (Free:225.53 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:664.77 GB) NTFS
Drive f: (BackUp) (Fixed) (Total:931.51 GB) (Free:413.47 GB) NTFS
Drive g: () (Fixed) (Total:0.39 GB) (Free:0.36 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 476.9 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=401 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 19D79FB1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 19D79FB0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

==================== End of Addition.txt =======================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,147 posts
  • MVP

Looks like Windows is crashing.

 

Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Right click on BlueScreenView.exe file and Run As Admin to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

 

 

 

Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 


  • 0

#3
sl962

sl962

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Thenk you RKinner for your help. Here are the requested logs

 

BSOD

==================================================
Dump File         : 081620-11359-01.dmp
Crash Time        : 8/16/2020 12:16:59 PM
Bug Check String  :
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : ffff8e8f`0961c028
Parameter 3       : 00000000`be000000
Parameter 4       : 00000000`00800400
Caused By Driver  : PSHED.dll
Caused By Address : PSHED.dll+15b0
File Description  : Platform Specific Hardware Error Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 10.0.19041.1 (WinBuild.160101.0800)
Processor         : x64
Crash Address     : ntoskrnl.exe+3ddf40
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\081620-11359-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 1,483,204
Dump File Time    : 8/16/2020 12:18:21 PM
==================================================

==================================================
Dump File         : 081620-10968-01.dmp
Crash Time        : 8/16/2020 11:34:00 AM
Bug Check String  :
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : ffff9985`19b9b028
Parameter 3       : 00000000`be000000
Parameter 4       : 00000000`00800400
Caused By Driver  : PSHED.dll
Caused By Address : PSHED.dll+15b0
File Description  : Platform Specific Hardware Error Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 10.0.19041.1 (WinBuild.160101.0800)
Processor         : x64
Crash Address     : ntoskrnl.exe+3ddf40
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\081620-10968-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 1,351,756
Dump File Time    : 8/16/2020 11:35:21 AM
==================================================

==================================================
Dump File         : 080920-14921-01.dmp
Crash Time        : 8/9/2020 3:23:41 PM
Bug Check String  :
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : ffff9d8f`2bb91028
Parameter 3       : 00000000`be000000
Parameter 4       : 00000000`00800400
Caused By Driver  : PSHED.dll
Caused By Address : PSHED.dll+15b0
File Description  : Platform Specific Hardware Error Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 10.0.19041.1 (WinBuild.160101.0800)
Processor         : x64
Crash Address     : ntoskrnl.exe+3ddf40
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\080920-14921-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 1,733,476
Dump File Time    : 8/9/2020 3:25:04 PM
==================================================

==================================================
Dump File         : 080720-13937-01.dmp
Crash Time        : 8/7/2020 2:25:43 PM
Bug Check String  :
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : ffff9e8e`e8dbb028
Parameter 3       : 00000000`be000000
Parameter 4       : 00000000`00800400
Caused By Driver  : PSHED.dll
Caused By Address : PSHED.dll+15b0
File Description  : Platform Specific Hardware Error Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 10.0.19041.1 (WinBuild.160101.0800)
Processor         : x64
Crash Address     : ntoskrnl.exe+3ddf40
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\080720-13937-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 1,314,268
Dump File Time    : 8/7/2020 4:25:24 PM
==================================================

==================================================
Dump File         : 080620-11078-01.dmp
Crash Time        : 8/6/2020 12:00:55 PM
Bug Check String  :
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : ffffa381`8599a028
Parameter 3       : 00000000`be000000
Parameter 4       : 00000000`00800400
Caused By Driver  : PSHED.dll
Caused By Address : PSHED.dll+15b0
File Description  : Platform Specific Hardware Error Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 10.0.19041.1 (WinBuild.160101.0800)
Processor         : x64
Crash Address     : ntoskrnl.exe+3ddf40
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\080620-11078-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 1,232,348
Dump File Time    : 8/6/2020 12:02:12 PM
==================================================

==================================================
Dump File         : 080320-10500-01.dmp
Crash Time        : 8/3/2020 1:45:21 PM
Bug Check String  :
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : ffff8902`333d4028
Parameter 3       : 00000000`be000000
Parameter 4       : 00000000`00800400
Caused By Driver  : PSHED.dll
Caused By Address : PSHED.dll+15b0
File Description  : Platform Specific Hardware Error Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 10.0.19041.1 (WinBuild.160101.0800)
Processor         : x64
Crash Address     : ntoskrnl.exe+3ddf40
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\080320-10500-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 1,619,412
Dump File Time    : 8/3/2020 1:46:41 PM
==================================================

==================================================
Dump File         : 080320-11031-01.dmp
Crash Time        : 8/3/2020 12:58:02 PM
Bug Check String  :
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : ffffd30c`85373028
Parameter 3       : 00000000`be000000
Parameter 4       : 00000000`00800400
Caused By Driver  : PSHED.dll
Caused By Address : PSHED.dll+15b0
File Description  : Platform Specific Hardware Error Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 10.0.19041.1 (WinBuild.160101.0800)
Processor         : x64
Crash Address     : ntoskrnl.exe+3ddf40
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\080320-11031-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 1,147,012
Dump File Time    : 8/3/2020 12:59:21 PM
==================================================

==================================================
Dump File         : 080320-11265-01.dmp
Crash Time        : 8/3/2020 12:26:16 PM
Bug Check String  :
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : ffffd283`53fc5028
Parameter 3       : 00000000`be000000
Parameter 4       : 00000000`00800400
Caused By Driver  : PSHED.dll
Caused By Address : PSHED.dll+15b0
File Description  : Platform Specific Hardware Error Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 10.0.19041.1 (WinBuild.160101.0800)
Processor         : x64
Crash Address     : ntoskrnl.exe+3ddf40
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\080320-11265-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 1,102,924
Dump File Time    : 8/3/2020 12:27:34 PM
==================================================

==================================================
Dump File         : 080320-11390-01.dmp
Crash Time        : 8/3/2020 12:05:09 PM
Bug Check String  :
Bug Check Code    : 0x00000124
Parameter 1       : 00000000`00000000
Parameter 2       : ffffca01`6dd8f028
Parameter 3       : 00000000`be000000
Parameter 4       : 00000000`00800400
Caused By Driver  : PSHED.dll
Caused By Address : PSHED.dll+15b0
File Description  : Platform Specific Hardware Error Driver
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 10.0.19041.1 (WinBuild.160101.0800)
Processor         : x64
Crash Address     : ntoskrnl.exe+3ddf40
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\WINDOWS\Minidump\080320-11390-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 19041
Dump File Size    : 1,843,044
Dump File Time    : 8/3/2020 12:06:29 PM
==================================================


 

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,147 posts
  • MVP

The file causing the crash is a windows file.  Usually that means that the PC is overheating but Speccy says things are normal but it has not been on that long.  Let's get a second opinion: 

Run Speedfan to monitor your temps in real time:



http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).

It will tell you your temps in real time tho the default is to show the hard drive temp in the systray.  You can change it:  Hit Configure then click on the highest temp and check Show in tray.  
Win 10 hides icons by default so: Settings, Personalization,  Taskbar, Select which Icons appear on Taskbar,  then turn Speedfan ON.
With no other programs running what is the highest temp you see?   Monitor the temp off and on while the following fixlist is run.  What is the highest temp it reaches?

We don't really want it to go over about 65 under load.  If it does it usually means either the fan is defective (speedfan should tell you your fan speed so you can see if it is running) or (most likely) the interface between the fan and the heatsink is clogged with dust. The best fix for a clogged heatsink is to remove the fan (not the heatsink or heatpipe) and vacuum out the heatsink. 

 

 

 

Let's check the system files with a fixlist.  It will take about 25 minutes to run then it will reboot so be patient.  The fixlist is also removing some dead tasks (Sideshow & multimedia are not supported on Win 10)  as well as some outdated firewall entries.  This should speed up your boot time.  The fixlist is also checking the health of a few files.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   31.78KB   23 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.  You can do a separate post for the fixlog, FRST and Addition.txt files.

 



 


  • 0

#5
sl962

sl962

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Sppedfan AUXTIN0. 1,2 , and 3 Bounce around between negative (-)128C and 127C. Must be errors??

Here are the scan results

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-08-2020
Ran by Scott (17-08-2020 12:42:12) Run:1
Running from C:\Users\Scott\Desktop
Loaded Profiles: Scott
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {0B42A096-6B31-46C7-9717-A452D549FDEB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0EFB50D6-E369-4A7E-B6BB-A16BE998618A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {138B907F-13CC-420B-8E50-0E0A6E509A21} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1A085D6E-C073-4F61-B98B-ED1EBE7B27AF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BF445B2-CC75-498D-B3F2-328B3ADFE0E5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1DABD321-FF18-40CC-8954-F11E03B4D95D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1EA2FDAF-1108-46D0-8B14-F26A6E296DA5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F101E6F-0566-47C7-9233-FEEDEBC4B26D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2A66BCBA-59B0-4272-8A11-EFF9618120F9} - System32\Tasks\{1FCD0362-97DB-40D9-BE78-CDCB74A29CCC} => C:\Windows\system32\pcalua.exe -a F:\atisetup.exe -d F:\
Task: {2B87EFFD-56C7-48F1-B9B2-4A4A2E8B2DA3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {34BEEBBB-8684-42D7-BB57-17BC53397CF0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3CF44AFA-0113-4452-915E-B62F6F4B48B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4CA9D354-A0F3-493F-B39F-7175E21A0269} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51FD8988-D71E-478B-892F-910B841DD4CD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5EBC9972-48B9-4F4D-9B40-87BF8201BD7D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {696A958D-DA99-492E-84A8-FF8A682186FF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B9FA49F-89B6-400A-849B-E26CAD1F25A0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9002838E-BEEB-4472-A2BA-9AA0BE675564} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {92F88386-AD1E-4ADC-8362-580E1B785E85} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {947D939B-6EBF-43E5-AED1-0C6C77161244} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D04838C-58C1-4F2C-8406-83CFE3236D2C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {9D848DC9-EEFB-4A99-9B84-020A07D1E9D8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A7F9093B-884C-434D-9E3D-D6CA2970D25F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {AD5216BC-F13A-44B9-8112-FB8F0098BF4E} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B4467CAC-C6CD-4D57-9DAD-19AEF8F21561} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {B917FB32-3F86-49CA-8B5A-BC47FAD57CDD} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [File not signed]
Task: {BEE77A5D-4820-4FD1-9104-54B6E9CD597A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3C0FAC2-99DD-409E-BC96-CCB5C4F2620B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C85F03A7-1DC2-4573-B6B0-66148AC44110} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCDECCFE-B5CB-43E9-B5A8-67550D1E4B9C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D034EFD6-15E1-4274-A4F8-43561DC93161} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DB879182-D425-451F-BC4D-22342AC632B0} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe [338944 2019-10-10] (Microsoft Corporation) [File not signed]
Task: {DEBDE314-C5E1-4425-823F-BB7FF704B498} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EC5616A0-669E-4934-8BA8-1D7DAFDD17BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F6A3F280-7D7D-44D4-8F09-7FB759805D8D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
FirewallRules: [{779EED7B-BD7D-4D79-9034-17DC65FC91D6}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0472\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DBF24F04-77EC-49C8-A9AF-1B67E971FAF6}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0472\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{420B9F02-2B01-4BEF-9328-7B673EFCD911}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0046\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{F9415396-E76E-4C36-A1C9-797CCF660122}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0046\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C387CDD3-BFCF-4010-83FD-65B9CA5FEC57}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe => No File
FirewallRules: [{594C618B-4BD2-4084-A7A1-1DD6A1D8F4DA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe => No File
FirewallRules: [{1753CED9-8EBE-42C3-A8B6-F16CB055CFAD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe => No File
FirewallRules: [{58C7737F-F32B-4A0E-B860-CE55C5DC5D5E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe => No File
FirewallRules: [{6922DAB9-175E-499F-AB00-4A5EFD230AE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe => No File
FirewallRules: [{3E24251B-C52C-4DCB-9FE2-3EFB2CD5B11E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe => No File
FirewallRules: [{06AE3654-D4A7-47DC-A98C-2589B6A4A5B4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe => No File
FirewallRules: [{AB39ADDC-A29C-45FD-BE31-8F01BF9DA770}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe => No File
FirewallRules: [{799EE0EE-7DAA-4350-8DD1-4084F7B0CDC9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe => No File
FirewallRules: [{9D457F88-9F4B-4DF3-BE66-D22C6CA518E4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe => No File
FirewallRules: [{CC323492-90D3-43BE-AB7C-1E40298D6E33}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe => No File
FirewallRules: [{B19B816F-B98C-4081-BD6B-6BC5E7B98C71}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe => No File
FirewallRules: [{E4753B6B-84ED-4FF7-A9C4-9801BA0B20F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe => No File
FirewallRules: [{4711EE17-BE14-4C7F-AF0E-5B9C53C919E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe => No File
FirewallRules: [{ED17C471-841D-49C9-B1C0-440BCDE3BF37}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe => No File
FirewallRules: [{DFF66ABA-0CF2-487B-9D87-44ECE7B1B436}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe => No File
FirewallRules: [{3228B062-C0B2-48DE-8E0A-4F52B8C00B29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe => No File
FirewallRules: [{2A840883-AE55-4B26-B41E-A7DB9290DB21}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe => No File
FirewallRules: [{D71DF2CD-0C41-444A-A6FB-997CC33924F7}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe => No File
FirewallRules: [{51394781-3983-4291-9EED-CE701FF2B892}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe => No File
FirewallRules: [{D5D3CD8F-E9CF-4324-9EFE-C15DE5A04204}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe => No File
FirewallRules: [{5EBA23CA-7D7A-4412-A60E-721C001C1CE0}] => (Allow) D:\New folder\OJ6500vE709_Full_14\setup\hpznui40.exe => No File
FirewallRules: [{871BB756-E9FB-448F-8E3C-927F759309CD}] => (Allow) E:\Programs\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{61DA0787-044C-4F74-B593-A48181BEC0B6}] => (Allow) E:\Programs\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{4AF40956-004E-4958-8686-27D39E9AF642}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File
FirewallRules: [{F890BD76-1B15-4018-BAAC-4B9A56FCC101}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File
FirewallRules: [{FCD3B43D-EB07-4357-8E27-E3CC5550BF33}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File
FirewallRules: [{0570CEBA-C825-46DA-86E9-9AA9F19ADDBC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File
FirewallRules: [{FE555054-49C6-428F-80A3-670C871DA771}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [{F2062D52-3B20-4002-96C3-50D7905C7D0D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [{46B60C8C-DACA-4A17-8D44-7A34B6850553}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{70C67B01-96FB-4EB9-B570-3772850B8371}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{AF4ECDAA-252C-4D99-86B5-1F3789E71884}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => No File
FirewallRules: [{F32A1547-E1B3-493E-BCFA-0D617A4C5499}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => No File
FirewallRules: [{49B09E7F-6FCD-4684-9656-BB4CFF3EB765}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe => No File
FirewallRules: [{47967E56-4DD7-4EFB-8FC6-5B220D7EA602}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe => No File
FirewallRules: [{E493D093-4C5C-4EE7-BD89-834167894DF7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe => No File
FirewallRules: [{E150793C-CAAA-42E4-8A4D-890869F20AD1}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe => No File
FirewallRules: [{26A40C1E-AE92-4D38-AF62-EBA250D45489}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe => No File
FirewallRules: [{A82C50AF-F6F4-451D-A703-D80DF549A52E}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe => No File
FirewallRules: [{05F579F7-F2FD-4CF8-B527-14C43FCF46C2}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe => No File
FirewallRules: [{A256A3A9-C728-4887-8FD5-8814D2372512}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe => No File
FirewallRules: [{D440DC52-5702-4869-8666-F7691DD1EFF7}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe => No File
FirewallRules: [{70F76B9A-A14E-455D-BFC0-A480C204F583}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe => No File
FirewallRules: [{AC6B2B75-0BF9-434A-81C2-D8CEC6C074AC}] => (Allow) C:\Program Files\ASUS\HomeCloud\Tomcat\Tomcat_OmniStore\bin\tomcat6.exe => No File
FirewallRules: [{11CFE420-9B35-4CB7-88BB-B274C01F825A}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe => No File
FirewallRules: [{288497F9-9D32-47B2-A4A4-CB630EA3ABFE}] => (Allow) C:\Program Files\ASUS\HomeCloud\ServerConsole\ASUS HomeCloud.exe => No File
FirewallRules: [{5A836B67-A3B3-4CBB-9029-02EBCC13839F}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Wi-Fi GO! AssistTool\WiFi GO! Server.exe => No File
FirewallRules: [{81DDB996-D5F5-4407-AA0A-0658035C8187}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Wi-Fi GO! AssistTool\WiFi GO! Server.exe => No File
FirewallRules: [{D19B85BE-0486-460E-9F73-5C11F437124D}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Remote GO!\ASUSDMS.exe => No File
FirewallRules: [{793F2227-3B1B-4896-A455-03990A33C765}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Remote GO!\ASUSDMS.exe => No File
FirewallRules: [TCP Query User{17178184-D71B-43AE-84FC-B6D626F9E14A}C:\users\scott\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\scott\appdata\local\amazon music\amazon music helper.exe => No File
FirewallRules: [UDP Query User{9EC79676-2C7E-46FE-A36D-F0D2A3EAC844}C:\users\scott\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\scott\appdata\local\amazon music\amazon music helper.exe => No File
FirewallRules: [TCP Query User{47CAA891-7790-4203-94E3-E803D3C15EE6}C:\users\scott\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\scott\appdata\local\amazon music\amazon music helper.exe => No File
FirewallRules: [UDP Query User{8E7BEFB6-74C4-45D1-862A-2BEC8A75C377}C:\users\scott\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\scott\appdata\local\amazon music\amazon music helper.exe => No File
FirewallRules: [{70DDD9E1-39C9-4016-B9B6-269FFCFF71D6}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2C74\HP.EasyStart.exe => No File
FirewallRules: [{C8B4A670-B867-4985-957A-F1A9BC947681}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS1CD0\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{78523B41-9A46-4788-8947-4AACE12EFDD0}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS1CD0\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DE970D6A-CAFF-4A6E-9C88-2F3E13A6DF41}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0A00\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{37C5EF38-998C-4357-B47F-51EBD4601E6C}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS0A00\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{A539304B-823C-41B9-9AED-40ED88E9A694}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS62A3\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C27BA54D-A995-49AF-84E9-2646749FA0AA}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS62A3\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6F459F8B-AA50-483C-A4FD-3767E20B9F3E}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS62FE\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C49DF0BF-F497-4A48-8582-AE83AEBA9C31}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS62FE\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{4A9FE513-5462-4C49-BF17-7214EA885F8A}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2E8D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{353FF545-881C-457E-A078-D955C0A4F1DC}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2E8D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{B2B7151D-E177-4126-9B6D-D0AA47074FF2}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2ED1\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{33A27935-0BE6-431F-AD13-5A054076D45F}] => (Allow) C:\Users\Scott\AppData\Local\Temp\7zS2ED1\HPDiagnosticCoreUI.exe => No File
Unlock: C:\WINDOWS\system32\sysmain.dll
File: C:\WINDOWS\system32\sysmain.dll;C:\WINDOWS\system32\pshed.dll
Unlock: C:\WINDOWS\system32\Rtlihvs.dll
File: C:\WINDOWS\system32\Rtlihvs.dll
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:


*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B42A096-6B31-46C7-9717-A452D549FDEB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B42A096-6B31-46C7-9717-A452D549FDEB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EFB50D6-E369-4A7E-B6BB-A16BE998618A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EFB50D6-E369-4A7E-B6BB-A16BE998618A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{138B907F-13CC-420B-8E50-0E0A6E509A21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{138B907F-13CC-420B-8E50-0E0A6E509A21}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1A085D6E-C073-4F61-B98B-ED1EBE7B27AF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A085D6E-C073-4F61-B98B-ED1EBE7B27AF}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BF445B2-CC75-498D-B3F2-328B3ADFE0E5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BF445B2-CC75-498D-B3F2-328B3ADFE0E5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DABD321-FF18-40CC-8954-F11E03B4D95D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DABD321-FF18-40CC-8954-F11E03B4D95D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EA2FDAF-1108-46D0-8B14-F26A6E296DA5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EA2FDAF-1108-46D0-8B14-F26A6E296DA5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1F101E6F-0566-47C7-9233-FEEDEBC4B26D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F101E6F-0566-47C7-9233-FEEDEBC4B26D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A66BCBA-59B0-4272-8A11-EFF9618120F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A66BCBA-59B0-4272-8A11-EFF9618120F9}" => removed successfully
C:\WINDOWS\System32\Tasks\{1FCD0362-97DB-40D9-BE78-CDCB74A29CCC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1FCD0362-97DB-40D9-BE78-CDCB74A29CCC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B87EFFD-56C7-48F1-B9B2-4A4A2E8B2DA3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B87EFFD-56C7-48F1-B9B2-4A4A2E8B2DA3}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34BEEBBB-8684-42D7-BB57-17BC53397CF0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34BEEBBB-8684-42D7-BB57-17BC53397CF0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CF44AFA-0113-4452-915E-B62F6F4B48B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CF44AFA-0113-4452-915E-B62F6F4B48B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CA9D354-A0F3-493F-B39F-7175E21A0269}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CA9D354-A0F3-493F-B39F-7175E21A0269}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51FD8988-D71E-478B-892F-910B841DD4CD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51FD8988-D71E-478B-892F-910B841DD4CD}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EBC9972-48B9-4F4D-9B40-87BF8201BD7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EBC9972-48B9-4F4D-9B40-87BF8201BD7D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{696A958D-DA99-492E-84A8-FF8A682186FF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{696A958D-DA99-492E-84A8-FF8A682186FF}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B9FA49F-89B6-400A-849B-E26CAD1F25A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B9FA49F-89B6-400A-849B-E26CAD1F25A0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9002838E-BEEB-4472-A2BA-9AA0BE675564}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9002838E-BEEB-4472-A2BA-9AA0BE675564}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{92F88386-AD1E-4ADC-8362-580E1B785E85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92F88386-AD1E-4ADC-8362-580E1B785E85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{947D939B-6EBF-43E5-AED1-0C6C77161244}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{947D939B-6EBF-43E5-AED1-0C6C77161244}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D04838C-58C1-4F2C-8406-83CFE3236D2C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D04838C-58C1-4F2C-8406-83CFE3236D2C}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D848DC9-EEFB-4A99-9B84-020A07D1E9D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D848DC9-EEFB-4A99-9B84-020A07D1E9D8}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7F9093B-884C-434D-9E3D-D6CA2970D25F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7F9093B-884C-434D-9E3D-D6CA2970D25F}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD5216BC-F13A-44B9-8112-FB8F0098BF4E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD5216BC-F13A-44B9-8112-FB8F0098BF4E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4467CAC-C6CD-4D57-9DAD-19AEF8F21561}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4467CAC-C6CD-4D57-9DAD-19AEF8F21561}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B917FB32-3F86-49CA-8B5A-BC47FAD57CDD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B917FB32-3F86-49CA-8B5A-BC47FAD57CDD}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEE77A5D-4820-4FD1-9104-54B6E9CD597A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEE77A5D-4820-4FD1-9104-54B6E9CD597A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3C0FAC2-99DD-409E-BC96-CCB5C4F2620B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3C0FAC2-99DD-409E-BC96-CCB5C4F2620B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C85F03A7-1DC2-4573-B6B0-66148AC44110}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C85F03A7-1DC2-4573-B6B0-66148AC44110}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDECCFE-B5CB-43E9-B5A8-67550D1E4B9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDECCFE-B5CB-43E9-B5A8-67550D1E4B9C}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D034EFD6-15E1-4274-A4F8-43561DC93161}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D034EFD6-15E1-4274-A4F8-43561DC93161}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB879182-D425-451F-BC4D-22342AC632B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB879182-D425-451F-BC4D-22342AC632B0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEBDE314-C5E1-4425-823F-BB7FF704B498}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEBDE314-C5E1-4425-823F-BB7FF704B498}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC5616A0-669E-4934-8BA8-1D7DAFDD17BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC5616A0-669E-4934-8BA8-1D7DAFDD17BD}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F6A3F280-7D7D-44D4-8F09-7FB759805D8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6A3F280-7D7D-44D4-8F09-7FB759805D8D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow\AutoWake => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{779EED7B-BD7D-4D79-9034-17DC65FC91D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBF24F04-77EC-49C8-A9AF-1B67E971FAF6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{420B9F02-2B01-4BEF-9328-7B673EFCD911}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9415396-E76E-4C36-A1C9-797CCF660122}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C387CDD3-BFCF-4010-83FD-65B9CA5FEC57}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{594C618B-4BD2-4084-A7A1-1DD6A1D8F4DA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1753CED9-8EBE-42C3-A8B6-F16CB055CFAD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58C7737F-F32B-4A0E-B860-CE55C5DC5D5E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6922DAB9-175E-499F-AB00-4A5EFD230AE2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E24251B-C52C-4DCB-9FE2-3EFB2CD5B11E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{06AE3654-D4A7-47DC-A98C-2589B6A4A5B4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB39ADDC-A29C-45FD-BE31-8F01BF9DA770}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{799EE0EE-7DAA-4350-8DD1-4084F7B0CDC9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D457F88-9F4B-4DF3-BE66-D22C6CA518E4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC323492-90D3-43BE-AB7C-1E40298D6E33}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B19B816F-B98C-4081-BD6B-6BC5E7B98C71}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E4753B6B-84ED-4FF7-A9C4-9801BA0B20F8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4711EE17-BE14-4C7F-AF0E-5B9C53C919E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED17C471-841D-49C9-B1C0-440BCDE3BF37}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFF66ABA-0CF2-487B-9D87-44ECE7B1B436}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3228B062-C0B2-48DE-8E0A-4F52B8C00B29}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A840883-AE55-4B26-B41E-A7DB9290DB21}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D71DF2CD-0C41-444A-A6FB-997CC33924F7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51394781-3983-4291-9EED-CE701FF2B892}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5D3CD8F-E9CF-4324-9EFE-C15DE5A04204}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5EBA23CA-7D7A-4412-A60E-721C001C1CE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{871BB756-E9FB-448F-8E3C-927F759309CD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61DA0787-044C-4F74-B593-A48181BEC0B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4AF40956-004E-4958-8686-27D39E9AF642}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F890BD76-1B15-4018-BAAC-4B9A56FCC101}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCD3B43D-EB07-4357-8E27-E3CC5550BF33}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0570CEBA-C825-46DA-86E9-9AA9F19ADDBC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE555054-49C6-428F-80A3-670C871DA771}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F2062D52-3B20-4002-96C3-50D7905C7D0D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{46B60C8C-DACA-4A17-8D44-7A34B6850553}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70C67B01-96FB-4EB9-B570-3772850B8371}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF4ECDAA-252C-4D99-86B5-1F3789E71884}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F32A1547-E1B3-493E-BCFA-0D617A4C5499}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{49B09E7F-6FCD-4684-9656-BB4CFF3EB765}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47967E56-4DD7-4EFB-8FC6-5B220D7EA602}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E493D093-4C5C-4EE7-BD89-834167894DF7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E150793C-CAAA-42E4-8A4D-890869F20AD1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26A40C1E-AE92-4D38-AF62-EBA250D45489}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A82C50AF-F6F4-451D-A703-D80DF549A52E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{05F579F7-F2FD-4CF8-B527-14C43FCF46C2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A256A3A9-C728-4887-8FD5-8814D2372512}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D440DC52-5702-4869-8666-F7691DD1EFF7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70F76B9A-A14E-455D-BFC0-A480C204F583}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AC6B2B75-0BF9-434A-81C2-D8CEC6C074AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11CFE420-9B35-4CB7-88BB-B274C01F825A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{288497F9-9D32-47B2-A4A4-CB630EA3ABFE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A836B67-A3B3-4CBB-9029-02EBCC13839F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{81DDB996-D5F5-4407-AA0A-0658035C8187}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D19B85BE-0486-460E-9F73-5C11F437124D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{793F2227-3B1B-4896-A455-03990A33C765}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{17178184-D71B-43AE-84FC-B6D626F9E14A}C:\users\scott\appdata\local\amazon music\amazon music helper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9EC79676-2C7E-46FE-A36D-F0D2A3EAC844}C:\users\scott\appdata\local\amazon music\amazon music helper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{47CAA891-7790-4203-94E3-E803D3C15EE6}C:\users\scott\appdata\local\amazon music\amazon music helper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8E7BEFB6-74C4-45D1-862A-2BEC8A75C377}C:\users\scott\appdata\local\amazon music\amazon music helper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70DDD9E1-39C9-4016-B9B6-269FFCFF71D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C8B4A670-B867-4985-957A-F1A9BC947681}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78523B41-9A46-4788-8947-4AACE12EFDD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE970D6A-CAFF-4A6E-9C88-2F3E13A6DF41}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{37C5EF38-998C-4357-B47F-51EBD4601E6C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A539304B-823C-41B9-9AED-40ED88E9A694}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C27BA54D-A995-49AF-84E9-2646749FA0AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F459F8B-AA50-483C-A4FD-3767E20B9F3E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C49DF0BF-F497-4A48-8582-AE83AEBA9C31}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A9FE513-5462-4C49-BF17-7214EA885F8A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{353FF545-881C-457E-A078-D955C0A4F1DC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B2B7151D-E177-4126-9B6D-D0AA47074FF2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33A27935-0BE6-431F-AD13-5A054076D45F}" => removed successfully
"C:\WINDOWS\system32\sysmain.dll" => was unlocked

========================= File: C:\WINDOWS\system32\sysmain.dll;C:\WINDOWS\system32\pshed.dll ========================

C:\WINDOWS\system32\sysmain.dll
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package06~31bf3856ad364e35~amd64~~10.0.19041.388.cat
File is digitally signed
MD5: 79F5391D4DE523D814B1516766E30131
Creation and modification date: 2020-06-05 10:05 - 2020-06-05 10:05
Size: 001006592
Attributes: ----A
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: SysMain
Original Name: sysmain.dll
Product: Microsoft® Windows® Operating System
Description: SysMain Service Host
File Version: 10.0.19041.264 (WinBuild.160101.0800)
Product Version: 10.0.19041.264
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustot...1403-1596576524

C:\WINDOWS\system32\pshed.dll
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0418~31bf3856ad364e35~amd64~~10.0.19041.388.cat
File is digitally signed
MD5: DC61643CD353AA826F2B8DF06422B266
Creation and modification date: 2019-12-07 02:08 - 2019-12-07 02:08
Size: 000076600
Attributes: ----A
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: pshed.dll
Original Name: pshed.dll
Product: Microsoft® Windows® Operating System
Description: Platform Specific Hardware Error Driver
File Version: 10.0.19041.1 (WinBuild.160101.0800)
Product Version: 10.0.19041.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustot...8221-1593489685

====== End of File: ======

"C:\WINDOWS\system32\Rtlihvs.dll" => not found

========================= File: C:\WINDOWS\system32\Rtlihvs.dll ========================

"C:\WINDOWS\system32\Rtlihvs.dll" => not found
====== End of File: ======


========= DISM /Online /Cleanup-Image /RestoreHealth =========


Deployment Image Servicing and Management tool
Version: 10.0.19041.329

Image Version: 10.0.19041.450


[==                         3.8%                           ]

[==                         4.8%                           ]

[===                        5.7%                           ]

[===                        6.7%                           ]

[====                       7.5%                           ]

[====                       8.5%                           ]

[=====                      9.5%                           ]

[======                     10.5%                          ]

[======                     11.5%                          ]

[=======                    12.5%                          ]

[=======                    13.4%                          ]

[========                   14.4%                          ]

[========                   15.4%                          ]

[=========                  16.4%                          ]

[==========                 17.4%                          ]

[==========                 18.3%                          ]

[===========                19.3%                          ]

[===========                20.3%                          ]

[============               21.3%                          ]

[============               22.3%                          ]

[=============              22.6%                          ]

[=============              23.5%                          ]

[=============              24.0%                          ]

[=============              24.1%                          ]

[==============             25.1%                          ]

[===============            26.0%                          ]

[===============            27.0%                          ]

[================           28.0%                          ]

[================           29.0%                          ]

[=================          30.0%                          ]

[=================          30.9%                          ]

[==================         31.9%                          ]

[===================        32.9%                          ]

[===================        33.9%                          ]

[====================       34.9%                          ]

[====================       35.6%                          ]

[=====================      36.2%                          ]

[=====================      37.2%                          ]

[=====================      37.3%                          ]

[======================     38.3%                          ]

[======================     38.3%                          ]

[======================     39.0%                          ]

[======================     39.5%                          ]

[=======================    40.5%                          ]

[=======================    41.1%                          ]

[========================   41.5%                          ]

[========================   41.8%                          ]

[========================   42.3%                          ]

[========================   42.8%                          ]

[=========================  43.2%                          ]

[=========================  44.2%                          ]

[========================== 45.1%                          ]

[========================== 46.1%                          ]

[===========================47.1%                          ]

[===========================48.1%                          ]

[===========================49.1%                          ]

[===========================49.8%                          ]

[===========================49.9%                          ]

[===========================50.0%                          ]

[===========================50.1%                          ]

[===========================50.2%                          ]

[===========================50.3%                          ]

[===========================50.3%                          ]

[===========================50.3%                          ]

[===========================50.4%                          ]

[===========================50.5%                          ]

[===========================50.6%                          ]

[===========================50.7%                          ]

[===========================50.8%                          ]

[===========================50.9%                          ]

[===========================51.0%                          ]

[===========================51.2%                          ]

[===========================51.3%                          ]

[===========================51.4%                          ]

[===========================51.5%                          ]

[===========================51.6%                          ]

[===========================51.7%                          ]

[===========================51.8%                          ]

[===========================51.9%                          ]

[===========================52.0%                          ]

[===========================52.0%                          ]

[===========================52.1%                          ]

[===========================52.2%                          ]

[===========================52.2%                          ]

[===========================52.2%                          ]

[===========================52.3%                          ]

[===========================52.4%                          ]

[===========================52.5%                          ]

[===========================52.6%                          ]

[===========================52.7%                          ]

[===========================53.1%                          ]

[===========================53.2%                          ]

[===========================53.3%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.8%                          ]

[===========================53.9%                          ]

[===========================54.9%                          ]

[===========================55.8%                          ]

[===========================56.1%                          ]

[===========================57.1%=                         ]

[===========================58.0%=                         ]

[===========================59.0%==                        ]

[===========================60.0%==                        ]

[===========================62.3%====                      ]

[===========================84.9%=================         ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

========= End of CMD: =========


========= SFC /scannow =========



Beginning system scan.  This process will take some time.



Beginning verification phase of system scan.


Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 2% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 5% complete.
Verification 6% complete.
Verification 7% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 10% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 42% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 45% complete.
Verification 46% complete.
Verification 47% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 73% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 100% complete.


Windows Resource Protection found corrupt files and successfully repaired them.

For online repairs, details are included in the CBS log file located at

windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

repairs, details are included in the log file provided by the /OFFLOGFILE flag.


========= End of CMD: =========


========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========

2020-08-17 12:44:10, Info                  CSI    0000000f [SR] Verifying 100 components
2020-08-17 12:44:10, Info                  CSI    00000010 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:10, Info                  CSI    00000011 [SR] Verify complete
2020-08-17 12:44:10, Info                  CSI    00000012 [SR] Verifying 100 components
2020-08-17 12:44:10, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:10, Info                  CSI    00000014 [SR] Verify complete
2020-08-17 12:44:10, Info                  CSI    00000015 [SR] Verifying 100 components
2020-08-17 12:44:10, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:11, Info                  CSI    00000018 [SR] Verify complete
2020-08-17 12:44:11, Info                  CSI    00000019 [SR] Verifying 100 components
2020-08-17 12:44:11, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:11, Info                  CSI    0000001b [SR] Verify complete
2020-08-17 12:44:11, Info                  CSI    0000001c [SR] Verifying 100 components
2020-08-17 12:44:11, Info                  CSI    0000001d [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:12, Info                  CSI    0000001e [SR] Verify complete
2020-08-17 12:44:12, Info                  CSI    0000001f [SR] Verifying 100 components
2020-08-17 12:44:12, Info                  CSI    00000020 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:12, Info                  CSI    00000021 [SR] Verify complete
2020-08-17 12:44:12, Info                  CSI    00000022 [SR] Verifying 100 components
2020-08-17 12:44:12, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:13, Info                  CSI    00000024 [SR] Verify complete
2020-08-17 12:44:13, Info                  CSI    00000025 [SR] Verifying 100 components
2020-08-17 12:44:13, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:14, Info                  CSI    00000027 [SR] Verify complete
2020-08-17 12:44:14, Info                  CSI    00000028 [SR] Verifying 100 components
2020-08-17 12:44:14, Info                  CSI    00000029 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:16, Info                  CSI    0000002a [SR] Verify complete
2020-08-17 12:44:16, Info                  CSI    0000002b [SR] Verifying 100 components
2020-08-17 12:44:16, Info                  CSI    0000002c [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:19, Info                  CSI    0000002d [SR] Verify complete
2020-08-17 12:44:19, Info                  CSI    0000002e [SR] Verifying 100 components
2020-08-17 12:44:19, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:20, Info                  CSI    00000030 [SR] Verify complete
2020-08-17 12:44:20, Info                  CSI    00000031 [SR] Verifying 100 components
2020-08-17 12:44:20, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:20, Info                  CSI    00000034 [SR] Verify complete
2020-08-17 12:44:20, Info                  CSI    00000035 [SR] Verifying 100 components
2020-08-17 12:44:20, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:20, Info                  CSI    00000037 [SR] Verify complete
2020-08-17 12:44:20, Info                  CSI    00000038 [SR] Verifying 100 components
2020-08-17 12:44:20, Info                  CSI    00000039 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:21, Info                  CSI    0000003b [SR] Verify complete
2020-08-17 12:44:21, Info                  CSI    0000003c [SR] Verifying 100 components
2020-08-17 12:44:21, Info                  CSI    0000003d [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:21, Info                  CSI    0000003e [SR] Verify complete
2020-08-17 12:44:21, Info                  CSI    0000003f [SR] Verifying 100 components
2020-08-17 12:44:21, Info                  CSI    00000040 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:22, Info                  CSI    00000041 [SR] Verify complete
2020-08-17 12:44:22, Info                  CSI    00000042 [SR] Verifying 100 components
2020-08-17 12:44:22, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:22, Info                  CSI    00000044 [SR] Verify complete
2020-08-17 12:44:22, Info                  CSI    00000045 [SR] Verifying 100 components
2020-08-17 12:44:22, Info                  CSI    00000046 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:23, Info                  CSI    00000047 [SR] Verify complete
2020-08-17 12:44:23, Info                  CSI    00000048 [SR] Verifying 100 components
2020-08-17 12:44:23, Info                  CSI    00000049 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:23, Info                  CSI    0000004a [SR] Verify complete
2020-08-17 12:44:23, Info                  CSI    0000004b [SR] Verifying 100 components
2020-08-17 12:44:23, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:24, Info                  CSI    0000004d [SR] Verify complete
2020-08-17 12:44:24, Info                  CSI    0000004e [SR] Verifying 100 components
2020-08-17 12:44:24, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:25, Info                  CSI    00000050 [SR] Verify complete
2020-08-17 12:44:25, Info                  CSI    00000051 [SR] Verifying 100 components
2020-08-17 12:44:25, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:25, Info                  CSI    00000053 [SR] Verify complete
2020-08-17 12:44:25, Info                  CSI    00000054 [SR] Verifying 100 components
2020-08-17 12:44:25, Info                  CSI    00000055 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:25, Info                  CSI    00000056 [SR] Verify complete
2020-08-17 12:44:25, Info                  CSI    00000057 [SR] Verifying 100 components
2020-08-17 12:44:25, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:26, Info                  CSI    00000059 [SR] Verify complete
2020-08-17 12:44:26, Info                  CSI    0000005a [SR] Verifying 100 components
2020-08-17 12:44:26, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:27, Info                  CSI    0000005d [SR] Verify complete
2020-08-17 12:44:27, Info                  CSI    0000005e [SR] Verifying 100 components
2020-08-17 12:44:27, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:27, Info                  CSI    00000060 [SR] Verify complete
2020-08-17 12:44:27, Info                  CSI    00000061 [SR] Verifying 100 components
2020-08-17 12:44:27, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:28, Info                  CSI    00000063 [SR] Verify complete
2020-08-17 12:44:28, Info                  CSI    00000064 [SR] Verifying 100 components
2020-08-17 12:44:28, Info                  CSI    00000065 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:28, Info                  CSI    00000066 [SR] Verify complete
2020-08-17 12:44:28, Info                  CSI    00000067 [SR] Verifying 100 components
2020-08-17 12:44:28, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:28, Info                  CSI    0000006a [SR] Verify complete
2020-08-17 12:44:29, Info                  CSI    0000006b [SR] Verifying 100 components
2020-08-17 12:44:29, Info                  CSI    0000006c [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:29, Info                  CSI    0000006d [SR] Verify complete
2020-08-17 12:44:29, Info                  CSI    0000006e [SR] Verifying 100 components
2020-08-17 12:44:29, Info                  CSI    0000006f [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:29, Info                  CSI    00000070 [SR] Verify complete
2020-08-17 12:44:29, Info                  CSI    00000071 [SR] Verifying 100 components
2020-08-17 12:44:29, Info                  CSI    00000072 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:30, Info                  CSI    00000073 [SR] Verify complete
2020-08-17 12:44:30, Info                  CSI    00000074 [SR] Verifying 100 components
2020-08-17 12:44:30, Info                  CSI    00000075 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:30, Info                  CSI    00000076 [SR] Verify complete
2020-08-17 12:44:30, Info                  CSI    00000077 [SR] Verifying 100 components
2020-08-17 12:44:30, Info                  CSI    00000078 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:31, Info                  CSI    00000079 [SR] Verify complete
2020-08-17 12:44:31, Info                  CSI    0000007a [SR] Verifying 100 components
2020-08-17 12:44:31, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:31, Info                  CSI    0000007c [SR] Verify complete
2020-08-17 12:44:31, Info                  CSI    0000007d [SR] Verifying 100 components
2020-08-17 12:44:31, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:32, Info                  CSI    0000007f [SR] Verify complete
2020-08-17 12:44:32, Info                  CSI    00000080 [SR] Verifying 100 components
2020-08-17 12:44:32, Info                  CSI    00000081 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:33, Info                  CSI    00000083 [SR] Verify complete
2020-08-17 12:44:33, Info                  CSI    00000084 [SR] Verifying 100 components
2020-08-17 12:44:33, Info                  CSI    00000085 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:33, Info                  CSI    00000086 [SR] Verify complete
2020-08-17 12:44:33, Info                  CSI    00000087 [SR] Verifying 100 components
2020-08-17 12:44:33, Info                  CSI    00000088 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:34, Info                  CSI    0000008c [SR] Verify complete
2020-08-17 12:44:34, Info                  CSI    0000008d [SR] Verifying 100 components
2020-08-17 12:44:34, Info                  CSI    0000008e [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:35, Info                  CSI    0000008f [SR] Verify complete
2020-08-17 12:44:36, Info                  CSI    00000090 [SR] Verifying 100 components
2020-08-17 12:44:36, Info                  CSI    00000091 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:37, Info                  CSI    00000094 [SR] Verify complete
2020-08-17 12:44:37, Info                  CSI    00000095 [SR] Verifying 100 components
2020-08-17 12:44:37, Info                  CSI    00000096 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:38, Info                  CSI    00000097 [SR] Verify complete
2020-08-17 12:44:38, Info                  CSI    00000098 [SR] Verifying 100 components
2020-08-17 12:44:38, Info                  CSI    00000099 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:38, Info                  CSI    0000009b [SR] Verify complete
2020-08-17 12:44:38, Info                  CSI    0000009c [SR] Verifying 100 components
2020-08-17 12:44:38, Info                  CSI    0000009d [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:39, Info                  CSI    0000009f [SR] Verify complete
2020-08-17 12:44:39, Info                  CSI    000000a0 [SR] Verifying 100 components
2020-08-17 12:44:39, Info                  CSI    000000a1 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:39, Info                  CSI    000000a2 [SR] Verify complete
2020-08-17 12:44:39, Info                  CSI    000000a3 [SR] Verifying 100 components
2020-08-17 12:44:39, Info                  CSI    000000a4 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:39, Info                  CSI    000000a5 [SR] Verify complete
2020-08-17 12:44:39, Info                  CSI    000000a6 [SR] Verifying 100 components
2020-08-17 12:44:39, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:40, Info                  CSI    000000a8 [SR] Verify complete
2020-08-17 12:44:40, Info                  CSI    000000a9 [SR] Verifying 100 components
2020-08-17 12:44:40, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:40, Info                  CSI    000000ab [SR] Verify complete
2020-08-17 12:44:40, Info                  CSI    000000ac [SR] Verifying 100 components
2020-08-17 12:44:40, Info                  CSI    000000ad [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:41, Info                  CSI    000000ae [SR] Verify complete
2020-08-17 12:44:41, Info                  CSI    000000af [SR] Verifying 100 components
2020-08-17 12:44:41, Info                  CSI    000000b0 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:42, Info                  CSI    000000b2 [SR] Verify complete
2020-08-17 12:44:42, Info                  CSI    000000b3 [SR] Verifying 100 components
2020-08-17 12:44:42, Info                  CSI    000000b4 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:43, Info                  CSI    000000b5 [SR] Verify complete
2020-08-17 12:44:43, Info                  CSI    000000b6 [SR] Verifying 100 components
2020-08-17 12:44:43, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:43, Info                  CSI    000000b8 [SR] Verify complete
2020-08-17 12:44:43, Info                  CSI    000000b9 [SR] Verifying 100 components
2020-08-17 12:44:43, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:43, Info                  CSI    000000bb [SR] Verify complete
2020-08-17 12:44:43, Info                  CSI    000000bc [SR] Verifying 100 components
2020-08-17 12:44:43, Info                  CSI    000000bd [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:44, Info                  CSI    000000be [SR] Verify complete
2020-08-17 12:44:44, Info                  CSI    000000bf [SR] Verifying 100 components
2020-08-17 12:44:44, Info                  CSI    000000c0 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:44, Info                  CSI    000000c1 [SR] Verify complete
2020-08-17 12:44:44, Info                  CSI    000000c2 [SR] Verifying 100 components
2020-08-17 12:44:44, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:45, Info                  CSI    000000c5 [SR] Verify complete
2020-08-17 12:44:45, Info                  CSI    000000c6 [SR] Verifying 100 components
2020-08-17 12:44:45, Info                  CSI    000000c7 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:45, Info                  CSI    000000c8 [SR] Verify complete
2020-08-17 12:44:46, Info                  CSI    000000c9 [SR] Verifying 100 components
2020-08-17 12:44:46, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:46, Info                  CSI    000000cc [SR] Verify complete
2020-08-17 12:44:46, Info                  CSI    000000cd [SR] Verifying 100 components
2020-08-17 12:44:46, Info                  CSI    000000ce [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:48, Info                  CSI    000000d1 [SR] Verify complete
2020-08-17 12:44:48, Info                  CSI    000000d2 [SR] Verifying 100 components
2020-08-17 12:44:48, Info                  CSI    000000d3 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:48, Info                  CSI    000000d4 [SR] Verify complete
2020-08-17 12:44:48, Info                  CSI    000000d5 [SR] Verifying 100 components
2020-08-17 12:44:48, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:49, Info                  CSI    000000d7 [SR] Verify complete
2020-08-17 12:44:49, Info                  CSI    000000d8 [SR] Verifying 100 components
2020-08-17 12:44:49, Info                  CSI    000000d9 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:49, Info                  CSI    000000da [SR] Verify complete
2020-08-17 12:44:49, Info                  CSI    000000db [SR] Verifying 100 components
2020-08-17 12:44:49, Info                  CSI    000000dc [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:49, Info                  CSI    000000dd [SR] Verify complete
2020-08-17 12:44:50, Info                  CSI    000000de [SR] Verifying 100 components
2020-08-17 12:44:50, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:50, Info                  CSI    000000e0 [SR] Verify complete
2020-08-17 12:44:50, Info                  CSI    000000e1 [SR] Verifying 100 components
2020-08-17 12:44:50, Info                  CSI    000000e2 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:51, Info                  CSI    000000e3 [SR] Verify complete
2020-08-17 12:44:51, Info                  CSI    000000e4 [SR] Verifying 100 components
2020-08-17 12:44:51, Info                  CSI    000000e5 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:51, Info                  CSI    000000e6 [SR] Verify complete
2020-08-17 12:44:51, Info                  CSI    000000e7 [SR] Verifying 100 components
2020-08-17 12:44:51, Info                  CSI    000000e8 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:51, Info                  CSI    000000e9 [SR] Verify complete
2020-08-17 12:44:51, Info                  CSI    000000ea [SR] Verifying 100 components
2020-08-17 12:44:51, Info                  CSI    000000eb [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:52, Info                  CSI    000000ec [SR] Verify complete
2020-08-17 12:44:52, Info                  CSI    000000ed [SR] Verifying 100 components
2020-08-17 12:44:52, Info                  CSI    000000ee [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:52, Info                  CSI    000000ef [SR] Verify complete
2020-08-17 12:44:52, Info                  CSI    000000f0 [SR] Verifying 100 components
2020-08-17 12:44:52, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:53, Info                  CSI    000000f2 [SR] Verify complete
2020-08-17 12:44:53, Info                  CSI    000000f3 [SR] Verifying 100 components
2020-08-17 12:44:53, Info                  CSI    000000f4 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:53, Info                  CSI    000000f5 [SR] Verify complete
2020-08-17 12:44:53, Info                  CSI    000000f6 [SR] Verifying 100 components
2020-08-17 12:44:53, Info                  CSI    000000f7 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:53, Info                  CSI    000000f8 [SR] Verify complete
2020-08-17 12:44:54, Info                  CSI    000000f9 [SR] Verifying 100 components
2020-08-17 12:44:54, Info                  CSI    000000fa [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:54, Info                  CSI    000000fb [SR] Verify complete
2020-08-17 12:44:54, Info                  CSI    000000fc [SR] Verifying 100 components
2020-08-17 12:44:54, Info                  CSI    000000fd [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:54, Info                  CSI    000000fe [SR] Verify complete
2020-08-17 12:44:54, Info                  CSI    000000ff [SR] Verifying 100 components
2020-08-17 12:44:54, Info                  CSI    00000100 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:55, Info                  CSI    00000101 [SR] Verify complete
2020-08-17 12:44:55, Info                  CSI    00000102 [SR] Verifying 100 components
2020-08-17 12:44:55, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:55, Info                  CSI    00000104 [SR] Verify complete
2020-08-17 12:44:55, Info                  CSI    00000105 [SR] Verifying 100 components
2020-08-17 12:44:55, Info                  CSI    00000106 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:56, Info                  CSI    00000107 [SR] Verify complete
2020-08-17 12:44:56, Info                  CSI    00000108 [SR] Verifying 100 components
2020-08-17 12:44:56, Info                  CSI    00000109 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:56, Info                  CSI    0000010a [SR] Verify complete
2020-08-17 12:44:57, Info                  CSI    0000010b [SR] Verifying 100 components
2020-08-17 12:44:57, Info                  CSI    0000010c [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:57, Info                  CSI    0000010d [SR] Verify complete
2020-08-17 12:44:57, Info                  CSI    0000010e [SR] Verifying 100 components
2020-08-17 12:44:57, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:58, Info                  CSI    00000110 [SR] Verify complete
2020-08-17 12:44:58, Info                  CSI    00000111 [SR] Verifying 100 components
2020-08-17 12:44:58, Info                  CSI    00000112 [SR] Beginning Verify and Repair transaction
2020-08-17 12:44:59, Info                  CSI    00000114 [SR] Verify complete
2020-08-17 12:44:59, Info                  CSI    00000115 [SR] Verifying 100 components
2020-08-17 12:44:59, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:00, Info                  CSI    0000011a [SR] Verify complete
2020-08-17 12:45:00, Info                  CSI    0000011b [SR] Verifying 100 components
2020-08-17 12:45:00, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:01, Info                  CSI    0000011e [SR] Verify complete
2020-08-17 12:45:01, Info                  CSI    0000011f [SR] Verifying 100 components
2020-08-17 12:45:01, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:01, Info                  CSI    00000121 [SR] Verify complete
2020-08-17 12:45:01, Info                  CSI    00000122 [SR] Verifying 100 components
2020-08-17 12:45:01, Info                  CSI    00000123 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:02, Info                  CSI    00000124 [SR] Verify complete
2020-08-17 12:45:02, Info                  CSI    00000125 [SR] Verifying 100 components
2020-08-17 12:45:02, Info                  CSI    00000126 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:03, Info                  CSI    00000129 [SR] Verify complete
2020-08-17 12:45:03, Info                  CSI    0000012a [SR] Verifying 100 components
2020-08-17 12:45:03, Info                  CSI    0000012b [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:04, Info                  CSI    0000012d [SR] Verify complete
2020-08-17 12:45:04, Info                  CSI    0000012e [SR] Verifying 100 components
2020-08-17 12:45:04, Info                  CSI    0000012f [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:04, Info                  CSI    00000130 [SR] Verify complete
2020-08-17 12:45:04, Info                  CSI    00000131 [SR] Verifying 100 components
2020-08-17 12:45:04, Info                  CSI    00000132 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:05, Info                  CSI    00000133 [SR] Verify complete
2020-08-17 12:45:05, Info                  CSI    00000134 [SR] Verifying 100 components
2020-08-17 12:45:05, Info                  CSI    00000135 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:06, Info                  CSI    00000137 [SR] Verify complete
2020-08-17 12:45:06, Info                  CSI    00000138 [SR] Verifying 100 components
2020-08-17 12:45:06, Info                  CSI    00000139 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:06, Info                  CSI    0000013a [SR] Verify complete
2020-08-17 12:45:06, Info                  CSI    0000013b [SR] Verifying 100 components
2020-08-17 12:45:06, Info                  CSI    0000013c [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:06, Info                  CSI    0000013d [SR] Verify complete
2020-08-17 12:45:07, Info                  CSI    0000013e [SR] Verifying 100 components
2020-08-17 12:45:07, Info                  CSI    0000013f [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:07, Info                  CSI    00000140 [SR] Verify complete
2020-08-17 12:45:07, Info                  CSI    00000141 [SR] Verifying 100 components
2020-08-17 12:45:07, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:08, Info                  CSI    00000144 [SR] Verify complete
2020-08-17 12:45:08, Info                  CSI    00000145 [SR] Verifying 100 components
2020-08-17 12:45:08, Info                  CSI    00000146 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:08, Info                  CSI    00000147 [SR] Verify complete
2020-08-17 12:45:08, Info                  CSI    00000148 [SR] Verifying 100 components
2020-08-17 12:45:08, Info                  CSI    00000149 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:09, Info                  CSI    0000014b [SR] Verify complete
2020-08-17 12:45:09, Info                  CSI    0000014c [SR] Verifying 100 components
2020-08-17 12:45:09, Info                  CSI    0000014d [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:09, Info                  CSI    0000014e [SR] Verify complete
2020-08-17 12:45:09, Info                  CSI    0000014f [SR] Verifying 100 components
2020-08-17 12:45:09, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:10, Info                  CSI    00000151 [SR] Verify complete
2020-08-17 12:45:10, Info                  CSI    00000152 [SR] Verifying 100 components
2020-08-17 12:45:10, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:10, Info                  CSI    00000154 [SR] Verify complete
2020-08-17 12:45:10, Info                  CSI    00000155 [SR] Verifying 100 components
2020-08-17 12:45:10, Info                  CSI    00000156 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:10, Info                  CSI    00000157 [SR] Verify complete
2020-08-17 12:45:10, Info                  CSI    00000158 [SR] Verifying 100 components
2020-08-17 12:45:10, Info                  CSI    00000159 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:11, Info                  CSI    0000015a [SR] Verify complete
2020-08-17 12:45:11, Info                  CSI    0000015b [SR] Verifying 100 components
2020-08-17 12:45:11, Info                  CSI    0000015c [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:11, Info                  CSI    0000015d [SR] Verify complete
2020-08-17 12:45:11, Info                  CSI    0000015e [SR] Verifying 100 components
2020-08-17 12:45:11, Info                  CSI    0000015f [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:12, Info                  CSI    00000160 [SR] Verify complete
2020-08-17 12:45:12, Info                  CSI    00000161 [SR] Verifying 100 components
2020-08-17 12:45:12, Info                  CSI    00000162 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:13, Info                  CSI    00000163 [SR] Verify complete
2020-08-17 12:45:13, Info                  CSI    00000164 [SR] Verifying 100 components
2020-08-17 12:45:13, Info                  CSI    00000165 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:13, Info                  CSI    00000166 [SR] Verify complete
2020-08-17 12:45:13, Info                  CSI    00000167 [SR] Verifying 100 components
2020-08-17 12:45:13, Info                  CSI    00000168 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:14, Info                  CSI    0000016a [SR] Verify complete
2020-08-17 12:45:14, Info                  CSI    0000016b [SR] Verifying 100 components
2020-08-17 12:45:14, Info                  CSI    0000016c [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:14, Info                  CSI    0000016d [SR] Verify complete
2020-08-17 12:45:14, Info                  CSI    0000016e [SR] Verifying 100 components
2020-08-17 12:45:14, Info                  CSI    0000016f [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:15, Info                  CSI    00000170 [SR] Verify complete
2020-08-17 12:45:15, Info                  CSI    00000171 [SR] Verifying 100 components
2020-08-17 12:45:15, Info                  CSI    00000172 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:15, Info                  CSI    00000173 [SR] Verify complete
2020-08-17 12:45:15, Info                  CSI    00000174 [SR] Verifying 100 components
2020-08-17 12:45:15, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:16, Info                  CSI    00000176 [SR] Verify complete
2020-08-17 12:45:16, Info                  CSI    00000177 [SR] Verifying 100 components
2020-08-17 12:45:16, Info                  CSI    00000178 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:16, Info                  CSI    00000179 [SR] Verify complete
2020-08-17 12:45:16, Info                  CSI    0000017a [SR] Verifying 100 components
2020-08-17 12:45:16, Info                  CSI    0000017b [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:16, Info                  CSI    0000017c [SR] Verify complete
2020-08-17 12:45:16, Info                  CSI    0000017d [SR] Verifying 100 components
2020-08-17 12:45:16, Info                  CSI    0000017e [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:17, Info                  CSI    0000017f [SR] Verify complete
2020-08-17 12:45:17, Info                  CSI    00000180 [SR] Verifying 100 components
2020-08-17 12:45:17, Info                  CSI    00000181 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:17, Info                  CSI    00000182 [SR] Verify complete
2020-08-17 12:45:17, Info                  CSI    00000183 [SR] Verifying 100 components
2020-08-17 12:45:17, Info                  CSI    00000184 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:18, Info                  CSI    00000186 [SR] Verify complete
2020-08-17 12:45:18, Info                  CSI    00000187 [SR] Verifying 100 components
2020-08-17 12:45:18, Info                  CSI    00000188 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:19, Info                  CSI    00000189 [SR] Verify complete
2020-08-17 12:45:19, Info                  CSI    0000018a [SR] Verifying 100 components
2020-08-17 12:45:19, Info                  CSI    0000018b [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:19, Info                  CSI    0000018c [SR] Verify complete
2020-08-17 12:45:19, Info                  CSI    0000018d [SR] Verifying 100 components
2020-08-17 12:45:19, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:19, Info                  CSI    0000018f [SR] Verify complete
2020-08-17 12:45:20, Info                  CSI    00000190 [SR] Verifying 100 components
2020-08-17 12:45:20, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:20, Info                  CSI    00000192 [SR] Verify complete
2020-08-17 12:45:20, Info                  CSI    00000193 [SR] Verifying 100 components
2020-08-17 12:45:20, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:20, Info                  CSI    00000195 [SR] Verify complete
2020-08-17 12:45:20, Info                  CSI    00000196 [SR] Verifying 100 components
2020-08-17 12:45:20, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:21, Info                  CSI    00000198 [SR] Verify complete
2020-08-17 12:45:21, Info                  CSI    00000199 [SR] Verifying 100 components
2020-08-17 12:45:21, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:21, Info                  CSI    0000019b [SR] Verify complete
2020-08-17 12:45:21, Info                  CSI    0000019c [SR] Verifying 100 components
2020-08-17 12:45:21, Info                  CSI    0000019d [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:22, Info                  CSI    0000019e [SR] Verify complete
2020-08-17 12:45:22, Info                  CSI    0000019f [SR] Verifying 100 components
2020-08-17 12:45:22, Info                  CSI    000001a0 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:22, Info                  CSI    000001a1 [SR] Verify complete
2020-08-17 12:45:22, Info                  CSI    000001a2 [SR] Verifying 100 components
2020-08-17 12:45:22, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:23, Info                  CSI    000001a4 [SR] Verify complete
2020-08-17 12:45:23, Info                  CSI    000001a5 [SR] Verifying 100 components
2020-08-17 12:45:23, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:23, Info                  CSI    000001a7 [SR] Verify complete
2020-08-17 12:45:23, Info                  CSI    000001a8 [SR] Verifying 100 components
2020-08-17 12:45:23, Info                  CSI    000001a9 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:23, Info                  CSI    000001aa [SR] Verify complete
2020-08-17 12:45:23, Info                  CSI    000001ab [SR] Verifying 100 components
2020-08-17 12:45:23, Info                  CSI    000001ac [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:24, Info                  CSI    000001ad [SR] Verify complete
2020-08-17 12:45:24, Info                  CSI    000001ae [SR] Verifying 100 components
2020-08-17 12:45:24, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:24, Info                  CSI    000001b0 [SR] Verify complete
2020-08-17 12:45:25, Info                  CSI    000001b1 [SR] Verifying 100 components
2020-08-17 12:45:25, Info                  CSI    000001b2 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:25, Info                  CSI    000001b6 [SR] Verify complete
2020-08-17 12:45:25, Info                  CSI    000001b7 [SR] Verifying 100 components
2020-08-17 12:45:25, Info                  CSI    000001b8 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:25, Info                  CSI    000001b9 [SR] Verify complete
2020-08-17 12:45:25, Info                  CSI    000001ba [SR] Verifying 100 components
2020-08-17 12:45:25, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:25, Info                  CSI    000001bc [SR] Verify complete
2020-08-17 12:45:26, Info                  CSI    000001bd [SR] Verifying 100 components
2020-08-17 12:45:26, Info                  CSI    000001be [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:26, Info                  CSI    000001bf [SR] Verify complete
2020-08-17 12:45:26, Info                  CSI    000001c0 [SR] Verifying 100 components
2020-08-17 12:45:26, Info                  CSI    000001c1 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:26, Info                  CSI    000001c2 [SR] Verify complete
2020-08-17 12:45:26, Info                  CSI    000001c3 [SR] Verifying 100 components
2020-08-17 12:45:26, Info                  CSI    000001c4 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:26, Info                  CSI    000001c5 [SR] Verify complete
2020-08-17 12:45:26, Info                  CSI    000001c6 [SR] Verifying 100 components
2020-08-17 12:45:26, Info                  CSI    000001c7 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:27, Info                  CSI    000001c8 [SR] Verify complete
2020-08-17 12:45:27, Info                  CSI    000001c9 [SR] Verifying 100 components
2020-08-17 12:45:27, Info                  CSI    000001ca [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:27, Info                  CSI    000001cb [SR] Verify complete
2020-08-17 12:45:28, Info                  CSI    000001cc [SR] Verifying 100 components
2020-08-17 12:45:28, Info                  CSI    000001cd [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:28, Info                  CSI    000001ce [SR] Verify complete
2020-08-17 12:45:28, Info                  CSI    000001cf [SR] Verifying 100 components
2020-08-17 12:45:28, Info                  CSI    000001d0 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:29, Info                  CSI    000001d1 [SR] Verify complete
2020-08-17 12:45:29, Info                  CSI    000001d2 [SR] Verifying 100 components
2020-08-17 12:45:29, Info                  CSI    000001d3 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:29, Info                  CSI    000001d4 [SR] Verify complete
2020-08-17 12:45:29, Info                  CSI    000001d5 [SR] Verifying 100 components
2020-08-17 12:45:29, Info                  CSI    000001d6 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:30, Info                  CSI    000001d7 [SR] Verify complete
2020-08-17 12:45:30, Info                  CSI    000001d8 [SR] Verifying 100 components
2020-08-17 12:45:30, Info                  CSI    000001d9 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:31, Info                  CSI    000001db [SR] Verify complete
2020-08-17 12:45:31, Info                  CSI    000001dc [SR] Verifying 100 components
2020-08-17 12:45:31, Info                  CSI    000001dd [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:31, Info                  CSI    000001de [SR] Verify complete
2020-08-17 12:45:31, Info                  CSI    000001df [SR] Verifying 100 components
2020-08-17 12:45:31, Info                  CSI    000001e0 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:31, Info                  CSI    000001e1 [SR] Verify complete
2020-08-17 12:45:31, Info                  CSI    000001e2 [SR] Verifying 100 components
2020-08-17 12:45:31, Info                  CSI    000001e3 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:32, Info                  CSI    000001e4 [SR] Verify complete
2020-08-17 12:45:32, Info                  CSI    000001e5 [SR] Verifying 100 components
2020-08-17 12:45:32, Info                  CSI    000001e6 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:32, Info                  CSI    000001e7 [SR] Verify complete
2020-08-17 12:45:32, Info                  CSI    000001e8 [SR] Verifying 100 components
2020-08-17 12:45:32, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:33, Info                  CSI    000001ea [SR] Verify complete
2020-08-17 12:45:33, Info                  CSI    000001eb [SR] Verifying 100 components
2020-08-17 12:45:33, Info                  CSI    000001ec [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:33, Info                  CSI    000001f1 [SR] Verify complete
2020-08-17 12:45:33, Info                  CSI    000001f2 [SR] Verifying 100 components
2020-08-17 12:45:33, Info                  CSI    000001f3 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:34, Info                  CSI    000001f4 [SR] Verify complete
2020-08-17 12:45:34, Info                  CSI    000001f5 [SR] Verifying 100 components
2020-08-17 12:45:34, Info                  CSI    000001f6 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:34, Info                  CSI    000001f7 [SR] Verify complete
2020-08-17 12:45:34, Info                  CSI    000001f8 [SR] Verifying 100 components
2020-08-17 12:45:34, Info                  CSI    000001f9 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:35, Info                  CSI    000001fa [SR] Verify complete
2020-08-17 12:45:35, Info                  CSI    000001fb [SR] Verifying 100 components
2020-08-17 12:45:35, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:35, Info                  CSI    000001fd [SR] Verify complete
2020-08-17 12:45:35, Info                  CSI    000001fe [SR] Verifying 100 components
2020-08-17 12:45:35, Info                  CSI    000001ff [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:36, Info                  CSI    00000201 [SR] Verify complete
2020-08-17 12:45:36, Info                  CSI    00000202 [SR] Verifying 100 components
2020-08-17 12:45:36, Info                  CSI    00000203 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:36, Info                  CSI    00000204 [SR] Verify complete
2020-08-17 12:45:36, Info                  CSI    00000205 [SR] Verifying 100 components
2020-08-17 12:45:36, Info                  CSI    00000206 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:37, Info                  CSI    00000207 [SR] Verify complete
2020-08-17 12:45:37, Info                  CSI    00000208 [SR] Verifying 100 components
2020-08-17 12:45:37, Info                  CSI    00000209 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:38, Info                  CSI    0000020a [SR] Verify complete
2020-08-17 12:45:38, Info                  CSI    0000020b [SR] Verifying 100 components
2020-08-17 12:45:38, Info                  CSI    0000020c [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:38, Info                  CSI    0000020d [SR] Verify complete
2020-08-17 12:45:38, Info                  CSI    0000020e [SR] Verifying 100 components
2020-08-17 12:45:38, Info                  CSI    0000020f [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:38, Info                  CSI    00000210 [SR] Verify complete
2020-08-17 12:45:39, Info                  CSI    00000211 [SR] Verifying 100 components
2020-08-17 12:45:39, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:39, Info                  CSI    00000213 [SR] Verify complete
2020-08-17 12:45:39, Info                  CSI    00000214 [SR] Verifying 100 components
2020-08-17 12:45:39, Info                  CSI    00000215 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:40, Info                  CSI    00000216 [SR] Verify complete
2020-08-17 12:45:40, Info                  CSI    00000217 [SR] Verifying 100 components
2020-08-17 12:45:40, Info                  CSI    00000218 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:40, Info                  CSI    00000219 [SR] Verify complete
2020-08-17 12:45:40, Info                  CSI    0000021a [SR] Verifying 100 components
2020-08-17 12:45:40, Info                  CSI    0000021b [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:40, Info                  CSI    0000021c [SR] Verify complete
2020-08-17 12:45:40, Info                  CSI    0000021d [SR] Verifying 100 components
2020-08-17 12:45:40, Info                  CSI    0000021e [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:41, Info                  CSI    0000021f [SR] Verify complete
2020-08-17 12:45:41, Info                  CSI    00000220 [SR] Verifying 100 components
2020-08-17 12:45:41, Info                  CSI    00000221 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:41, Info                  CSI    00000223 [SR] Repairing file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2020-08-17 12:45:41, Info                  CSI    00000224 [SR] Verify complete
2020-08-17 12:45:41, Info                  CSI    00000225 [SR] Verifying 100 components
2020-08-17 12:45:41, Info                  CSI    00000226 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:42, Info                  CSI    00000227 [SR] Verify complete
2020-08-17 12:45:42, Info                  CSI    00000228 [SR] Verifying 100 components
2020-08-17 12:45:42, Info                  CSI    00000229 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:43, Info                  CSI    0000022b [SR] Verify complete
2020-08-17 12:45:43, Info                  CSI    0000022c [SR] Verifying 100 components
2020-08-17 12:45:43, Info                  CSI    0000022d [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:43, Info                  CSI    0000022e [SR] Verify complete
2020-08-17 12:45:43, Info                  CSI    0000022f [SR] Verifying 98 components
2020-08-17 12:45:43, Info                  CSI    00000230 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:44, Info                  CSI    00000231 [SR] Verify complete
2020-08-17 12:45:44, Info                  CSI    00000232 [SR] Repairing 1 components
2020-08-17 12:45:44, Info                  CSI    00000233 [SR] Beginning Verify and Repair transaction
2020-08-17 12:45:44, Info                  CSI    00000235 [SR] Repairing file \??\C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\\mscormmc.dll from store
2020-08-17 12:45:44, Info                  CSI    00000236 [SR] Repair complete
2020-08-17 12:45:44, Info                  CSI    00000237 [SR] Committing transaction
2020-08-17 12:45:44, Info                  CSI    0000023c [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired

========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.

========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 12:45:58 ====

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2020
Ran by Scott (administrator) on NEWPC (ASUS All Series) (17-08-2020 12:54:01)
Running from C:\Users\Scott\Desktop
Loaded Profiles: Scott
Platform: Windows 10 Pro Version 2004 19041.450 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͕311.inf_amd64_183b8d63847c90cf\B355199\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͕311.inf_amd64_183b8d63847c90cf\B355199\atiesrxx.exe
(Amazon.com Services LLC -> Amazon.com Inc.) C:\Users\Scott\AppData\Local\Amazon Drive\AmazonPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(Cisco Video Technologies Israel Ltd. -> Cisco) C:\Users\Scott\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
(DTS, Inc. -> DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\HPNetworkCommunicatorCom.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® Software -> Intel® Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-21] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7509728 2020-08-05] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-29] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => E:\Programs\iTunes\iTunesHelper.exe [331064 2020-07-24] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [VideoGuardMonitor] => C:\Users\Scott\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe [4155656 2017-06-20] (Cisco Video Technologies Israel Ltd. -> Cisco)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [HP OfficeJet 4650 series (NET)] => C:\Program Files\HP\HP OfficeJet 4650 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [Amazon Photos] => C:\Users\Scott\AppData\Local\Amazon Drive\AmazonPhotos.exe [9940144 2020-08-05] (Amazon.com Services LLC -> Amazon.com Inc.)
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Run: [79E7102FE81497D621F06500A298B59D3A61040B._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\MountPoints2: {b2cb9229-a988-11e5-944c-f07959de46f0} - "I:\LaunchU3.exe" -a
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Print\Monitors\HP D911 Status Monitor: C:\WINDOWS\system32\hpinkstsD911LM.dll [393352 2017-03-26] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP OfficeJet 4650 series): C:\WINDOWS\system32\HPDiscoPMD911.dll [840328 2017-04-06] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\WINDOWS\system32\hpf3l02t.dll [138752 2010-05-14] (Hewlett-Packard Company) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ASUS\Bluetooth Software\\BtwCP.dll [2012-12-06] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{031f4e88-3c1d-410a-a4c7-c244a1a60260}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0464B5B9-42ED-46A7-A18C-3753B81B3180}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1B202425-2F36-4F80-A102-7644224925D6}: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{982B1E08-A51C-464E-A3A2-9C4B81743F54}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> DefaultScope {4FDAFEB7-E07E-416C-8F72-229C49FE6025} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> {4FDAFEB7-E07E-416C-8F72-229C49FE6025} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> {54EBE68D-9D6E-4FF7-99B4-79C1325C7B59} URL = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)

Edge:
======
DownloadDir: E:\MyDownloads
Edge HomeButtonPage: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000 -> hxxp://www.google.com/
Edge Profile: C:\Users\Scott\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-16]
Edge HomePage: Default -> hxxp://www.google.com/

FireFox:
========
FF DefaultProfile: 4jnm1ed3.default-1595193498914
FF ProfilePath: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914 [2020-08-17]
FF Homepage: Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914 -> hxxps://www.google.com/
FF Extension: (Amazon Assistant) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\[email protected] [2020-08-11]
FF Extension: (Privacy Badger) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\[email protected] [2020-07-22]
FF Extension: (Pinterest Save Button) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\[email protected] [2020-08-03]
FF Extension: (Logitech SetPoint) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2020-07-19]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\4jnm1ed3.default-1595193498914\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-08-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2020-01-22] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_414.dll [2020-08-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_414.dll [2020-08-11] (Adobe Inc. -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-07-30] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"NAL" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\NAL => C:\WINDOWS\system32\Drivers\iqvw64e.sys [34568 2014-02-26] (Intel Corporation -> Intel Corporation) <==== ATTENTION (Rootkit!/Locked Service)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-11] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-04-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc. -> DTS, Inc)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [7409472 2020-08-05] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 MSSQL$ASUSHOMECLOUD; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\sqlservr.exe [43130032 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RunSwUSB; C:\Windows\runSW.exe [48856 2015-11-05] (Realtek Semiconductor Corp -> )
S3 SandraAgentSrv; E:\Programs\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe [73200 2015-07-06] (SiSoftware SPC -> SiSoftware) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5097344 2020-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$ASUSHOMECLOUD; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ASUSHOMECLOUD\MSSQL\Binn\SQLAGENT.EXE [381104 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\NisSrv.exe [2343128 2020-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\MsMpEng.exe [128376 2020-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [17720 2015-03-25] (Intel® Software -> Intel® Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-24] (ASUSTeK Computer Inc. -> )
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation -> MCCI Corporation)
S3 ASUSstpt; C:\WINDOWS\System32\drivers\ASUSstpt.sys [27392 2013-03-28] (MCCI Corporation -> MCCI Corporation)
S3 ASUSumsc; C:\WINDOWS\System32\drivers\ASUSumsc.sys [151808 2013-03-28] (MCCI Corporation -> MCCI Corporation)
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] (PassMark Software Pty Ltd -> )
S3 hnswfpdriver; C:\WINDOWS\System32\drivers\hnswfpdriver.sys [21304 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel® Software -> Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (ZTE CORPORATION -> HandSet Incorporated)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows ® Win 7 DDK provider)
S3 psvolacc; C:\WINDOWS\system32\drivers\psvolacc.sys [34520 2018-12-06] (Paramount Software UK Ltd -> Windows ® Win 7 DDK provider)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [4776240 2017-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 SANDRA; E:\Programs\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware Ltd -> SiSoftware)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-08-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428272 2020-08-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69872 2020-08-12] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-17 12:54 - 2020-08-17 12:54 - 000021845 _____ C:\Users\Scott\Desktop\FRST.txt
2020-08-17 12:53 - 2020-08-17 12:54 - 000000000 ____D C:\Users\Scott\Desktop\[email protected]
2020-08-17 12:47 - 2020-08-17 12:47 - 000003106 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-08-17 12:47 - 2020-08-17 12:47 - 000003092 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-08-17 12:21 - 2020-08-17 12:48 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-08-17 12:21 - 2020-08-17 12:21 - 000001080 _____ C:\Users\Scott\Desktop\SpeedFan.lnk
2020-08-17 12:21 - 2020-08-17 12:21 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2020-08-17 12:21 - 2020-08-17 12:21 - 000000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2020-08-17 12:20 - 2020-08-17 12:20 - 003086696 _____ C:\Users\Scott\Desktop\instspeedfan452_1.exe
2020-08-17 11:34 - 2020-08-17 11:34 - 000000000 ____D C:\Users\Scott\Desktop\Recps
2020-08-17 10:18 - 2020-08-17 10:18 - 000000797 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-08-17 10:18 - 2020-08-17 10:18 - 000000797 _____ C:\ProgramData\Desktop\Speccy.lnk
2020-08-17 10:18 - 2020-08-17 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-08-17 10:18 - 2020-08-17 10:18 - 000000000 ____D C:\Program Files\Speccy
2020-08-17 10:15 - 2020-08-17 10:15 - 000000000 ____D C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2020-08-17 10:15 - 2020-08-17 10:15 - 000000000 ____D C:\Program Files (x86)\NirSoft
2020-08-17 10:14 - 2020-08-17 10:14 - 006889184 _____ (Piriform Ltd) C:\Users\Scott\Desktop\spsetup132.exe
2020-08-17 10:10 - 2020-08-17 10:10 - 000141864 _____ C:\Users\Scott\Desktop\bluescreenview_setup.exe
2020-08-16 12:20 - 2020-08-16 12:21 - 002296320 _____ (Farbar) C:\Users\Scott\Desktop\FRST64.exe
2020-08-16 12:18 - 2020-08-17 12:47 - 000008192 ___SH C:\DumpStack.log.tmp
2020-08-16 12:18 - 2020-08-16 12:18 - 001483204 _____ C:\WINDOWS\Minidump\081620-11359-01.dmp
2020-08-16 11:35 - 2020-08-16 12:18 - 2270047705 _____ C:\WINDOWS\MEMORY.DMP
2020-08-16 11:35 - 2020-08-16 11:35 - 001351756 _____ C:\WINDOWS\Minidump\081620-10968-01.dmp
2020-08-13 12:14 - 2020-08-13 13:11 - 000000000 ____D C:\Users\Scott\Desktop\Woolput Order
2020-08-12 16:30 - 2020-08-12 16:30 - 024264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 023434752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 018071040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 010925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 010336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 008894656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 006709248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 005858136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 005820416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 005420648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 004783328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 004629312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 003867136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003859968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003846144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003810816 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 003806720 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003779400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 003750400 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\HostNetSvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002994504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 002744832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 002587464 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 002520056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002486584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 002450944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002254544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 002245632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 002113032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001879488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001641472 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001557832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001352248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001337168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001323520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 001255424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 001221632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001209624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 001117328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001090560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001041920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 001014888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000994616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Facilitator.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000945152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000930304 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000920904 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000900936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000825864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000801544 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000759784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000725608 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000707024 _____ C:\WINDOWS\system32\TextShaping.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000665256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 000660584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000647992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000602184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000583608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000581576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000548544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000538440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000502600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-12 16:30 - 2020-08-12 16:30 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000454984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000442680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000367416 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000362064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-12 16:30 - 2020-08-12 16:30 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000249672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000217912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000180040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-12 16:30 - 2020-08-12 16:30 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000134984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000132744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000116040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000099640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000092960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000061752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagnosticdataquery.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000042312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-08-12 16:30 - 2020-08-12 16:30 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000009281 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-08-12 16:30 - 2020-08-12 16:30 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-12 16:30 - 2020-08-12 16:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-12 16:28 - 2020-07-17 19:22 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-12 16:28 - 2020-07-17 19:01 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-12 10:59 - 2020-08-12 10:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-08-12 10:59 - 2020-08-12 10:59 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-11 08:58 - 2020-08-11 08:58 - 001385446 _____ C:\Users\Scott\Desktop\SalemStatesmanJournal_20200811_B07_1.pdf
2020-08-10 16:39 - 2020-08-10 16:39 - 000002223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2020-08-10 16:39 - 2020-08-10 16:39 - 000002211 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2020-08-10 16:39 - 2020-08-10 16:39 - 000002211 _____ C:\ProgramData\Desktop\Google Earth Pro.lnk
2020-08-10 16:39 - 2020-08-10 16:39 - 000000000 ____D C:\Program Files\Google
2020-08-09 15:24 - 2020-08-09 15:25 - 001733476 _____ C:\WINDOWS\Minidump\080920-14921-01.dmp
2020-08-09 14:10 - 2020-08-17 12:46 - 110100480 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-08-07 16:25 - 2020-08-07 16:25 - 001314268 _____ C:\WINDOWS\Minidump\080720-13937-01.dmp
2020-08-07 13:03 - 2020-08-07 13:03 - 000001266 _____ C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Photos.lnk
2020-08-07 13:03 - 2020-08-07 13:03 - 000000000 ____D C:\Users\Scott\AppData\Local\Amazon Drive
2020-08-06 12:19 - 2020-08-06 12:19 - 000001580 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-08-06 12:19 - 2020-08-06 12:19 - 000001580 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-08-06 12:19 - 2020-08-06 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-08-06 12:19 - 2020-08-06 12:19 - 000000000 ____D C:\Program Files\iPod
2020-08-06 12:07 - 2020-08-06 12:08 - 000000000 ____D C:\ProgramData\Avast Software
2020-08-06 12:02 - 2020-08-06 12:02 - 001232348 _____ C:\WINDOWS\Minidump\080620-11078-01.dmp
2020-08-06 10:12 - 2020-08-13 10:24 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-06 10:12 - 2020-08-06 20:18 - 000003478 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-06 10:12 - 2020-08-06 20:18 - 000003354 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-05 10:38 - 2020-08-06 20:25 - 000000000 ____D C:\Users\Scott\AppData\Local\CrashDumps
2020-08-05 09:28 - 2020-08-05 08:11 - 000101528 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\MRCBT.sys
2020-08-03 14:14 - 2020-08-17 12:53 - 000000000 ____D C:\FRST
2020-08-03 13:46 - 2020-08-03 13:46 - 001619412 _____ C:\WINDOWS\Minidump\080320-10500-01.dmp
2020-08-03 12:59 - 2020-08-03 12:59 - 001147012 _____ C:\WINDOWS\Minidump\080320-11031-01.dmp
2020-08-03 12:31 - 2020-08-03 12:31 - 000000000 ____D C:\Users\Scott\AppData\Local\mbam
2020-08-03 12:27 - 2020-08-03 12:27 - 001102924 _____ C:\WINDOWS\Minidump\080320-11265-01.dmp
2020-08-03 12:06 - 2020-08-16 12:18 - 000000000 ____D C:\WINDOWS\Minidump
2020-08-03 12:06 - 2020-08-03 12:06 - 001843044 _____ C:\WINDOWS\Minidump\080320-11390-01.dmp
2020-08-02 21:21 - 2020-08-09 14:10 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2020-08-02 14:14 - 2020-08-02 14:14 - 004819968 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 004273664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-08-02 14:14 - 2020-08-02 14:14 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 026271744 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 019868160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 018766848 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 014754816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 008229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 008004728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 007972696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 007628208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 007596032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 007104000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006554424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmchipset.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006406144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006362176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006192640 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 006188544 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 005990344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 005771904 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 005056000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004746752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004582288 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 004523520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004465664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 004362832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004307456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-02 14:13 - 2020-08-02 14:13 - 004003384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 003999744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003913216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003843584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003818472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003661312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003547280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003364864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003202872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 003181056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 003062784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002947584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 002918728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002806160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-02 14:13 - 2020-08-02 14:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-02 14:13 - 2020-08-02 14:13 - 002686464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002541056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002433024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002422072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002403328 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002402768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 002265336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002259968 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002242048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002202112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002178040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002103712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002101248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsudk.shellcommon.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002023688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 002018632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001980744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001930200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001922048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001868152 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001818568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001805744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-02 14:13 - 2020-08-02 14:13 - 001777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001766912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001763640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001719096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001717760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001695216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001616576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001596464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001538664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001514496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001506616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001504768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001501000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001472824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 001430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001423360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001394552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-02 14:13 - 2020-08-02 14:13 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001328936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001314616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001314616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001309512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-02 14:13 - 2020-08-02 14:13 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001252864 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001233408 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001197752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001184360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 001181200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001158656 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-08-02 14:13 - 2020-08-02 14:13 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001095168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001093432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001089336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001046528 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001044880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001030656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001030656 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001024744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001019008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000976680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000943416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000938416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000913120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000912744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000881624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000876544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000843416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000808248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000760120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000755664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000749960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000747864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000706032 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000696760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000678200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000675640 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000671544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000639920 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000639288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\UiaManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000630088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-08-02 14:13 - 2020-08-02 14:13 - 000600376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-08-02 14:13 - 2020-08-02 14:13 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000530440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000528360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000524088 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000517976 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UiaManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000509248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmusrv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000500952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000495840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000471600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcIso.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-08-02 14:13 - 2020-08-02 14:13 - 000468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000440120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServerClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000420464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000418800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000417376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000401720 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallControlPanel.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000381704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsmb.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000373560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Vault.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000360024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000359936 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000353256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FrameServerClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxpTaskSync.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000324424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallControlPanel.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000303288 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000293176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nvspinfo.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000288152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.FileExplorer.Common.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vault.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxpTaskSync.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000264704 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000253016 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApproveChildRequest.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000215880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000214840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000213352 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000202568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000195248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000195128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mskeyprotcli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dsui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000172496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000167896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000166288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsievaluator.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\control.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000162616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsigpext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnsdiag.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000153600 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000151864 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dsui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\control.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000142008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000138928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000137016 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mskeyprotcli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\recovery.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountControlSettings.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000123968 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000118072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MaintenanceUI.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-08-02 14:13 - 2020-08-02 14:13 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidfdp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountControlSettings.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000094496 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000090416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsdefenderapplicationguardcsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\GPCSEWrapperCsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcacli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndadmin.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidnsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndadmin.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidfdp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000064824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcacli.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000051000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxy.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDriverRetrievalClient.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifidatacapabilityhandler.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-08-02 14:13 - 2020-08-02 14:13 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000042808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidnsp.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000039224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxyHNic.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000033096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000026600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IntelTA.sys
2020-08-02 14:13 - 2020-08-02 14:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000017224 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msidcrl40.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000014336 _____ C:\WINDOWS\system32\hnsproxy.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msidcrl40.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-02 14:13 - 2020-08-02 14:13 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-02 14:13 - 2020-08-02 14:13 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-08-02 14:00 - 2017-01-09 00:32 - 004776240 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\rtwlanu.sys
2020-08-02 14:00 - 2017-01-09 00:32 - 004776240 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlanu.sys
2020-08-02 14:00 - 2017-01-09 00:31 - 000018394 _____ C:\WINDOWS\system32\netrtwlanu.cat
2020-08-02 14:00 - 2017-01-09 00:08 - 000006458 _____ C:\WINDOWS\system32\TP_TXPWR_LMT_Enc.txt
2020-08-02 14:00 - 2017-01-09 00:08 - 000006458 _____ C:\WINDOWS\system32\Drivers\TP_TXPWR_LMT_Enc.txt
2020-08-02 14:00 - 2017-01-09 00:08 - 000004625 _____ C:\WINDOWS\system32\TP_PHY_REG_PG_Enc.txt
2020-08-02 14:00 - 2017-01-09 00:08 - 000004625 _____ C:\WINDOWS\system32\Drivers\TP_PHY_REG_PG_Enc.txt
2020-07-29 19:00 - 2020-07-29 19:00 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2157332433-1070056625-1532484577-1000
2020-07-29 19:00 - 2020-07-29 19:00 - 000002402 _____ C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-28 16:44 - 2020-07-28 16:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-28 16:43 - 2020-07-29 11:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-07-23 16:10 - 2020-07-23 16:10 - 000001055 _____ C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Extreme Tuning Utility
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\Program Files\Microsoft Synchronization Services
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2020-07-21 21:01 - 2020-07-21 21:01 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-17 12:48 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-17 12:48 - 2016-11-19 10:25 - 000000000 ____D C:\Users\Scott\AppData\LocalLow\Mozilla
2020-08-17 12:47 - 2020-06-05 10:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-17 12:46 - 2019-12-07 02:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-08-17 12:46 - 2017-03-05 12:09 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-08-17 12:44 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-17 12:26 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-17 12:26 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-17 12:14 - 2020-06-05 10:38 - 001067550 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-17 12:14 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2020-08-17 11:33 - 2020-06-05 10:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-17 10:17 - 2015-09-07 14:17 - 000000000 ____D C:\Users\Scott\Desktop\Tools
2020-08-17 10:09 - 2020-06-05 10:39 - 000004148 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{94B7351E-C17F-46F7-8BED-70D790AAD314}
2020-08-16 22:20 - 2020-06-11 15:53 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-08-16 12:57 - 2020-06-05 10:08 - 000000000 ____D C:\Users\Scott
2020-08-15 19:04 - 2020-06-05 10:01 - 000000000 ____D C:\WINDOWS\system32\msmq
2020-08-13 11:27 - 2019-12-16 13:12 - 000000000 ____D C:\Users\Scott\AppData\Local\D3DSCache
2020-08-12 17:00 - 2020-06-05 10:34 - 000552832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-08-12 16:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-12 16:28 - 2020-06-03 23:52 - 000000000 ___HD C:\$WinREAgent
2020-08-12 11:32 - 2015-11-13 11:12 - 000000000 ____D C:\Users\Scott\AppData\Local\ElevatedDiagnostics
2020-08-12 10:55 - 2019-12-16 12:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-08-11 19:18 - 2020-07-14 23:34 - 006247480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-08-11 19:18 - 2020-06-09 19:03 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-08-11 19:18 - 2020-06-09 19:03 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-08-11 19:18 - 2020-06-05 10:39 - 000004568 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-08-11 19:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-08-11 19:18 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-08-09 10:07 - 2019-12-16 12:43 - 000000000 ___RD C:\Users\Scott\OneDrive
2020-08-06 20:25 - 2019-12-16 12:41 - 000000000 ____D C:\Users\Scott\AppData\Local\Packages
2020-08-06 12:08 - 2019-12-07 02:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-05 20:26 - 2019-04-03 15:51 - 000243724 _____ C:\WINDOWS\Macrium Reflect Patch Log.txt
2020-08-03 14:48 - 2015-12-05 14:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-03 14:02 - 2019-03-09 18:27 - 005084592 _____ C:\WINDOWS\PE_Rom.dll
2020-08-03 13:11 - 2019-12-07 02:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-08-02 14:16 - 2019-12-07 02:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-02 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-07-29 11:17 - 2015-08-27 16:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-28 16:44 - 2015-08-27 16:37 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-28 14:12 - 2020-07-08 11:12 - 000001180 _____ C:\Users\Scott\Desktop\Start Tor Browser.lnk
2020-07-27 10:26 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemApps
2020-07-23 15:46 - 2019-12-16 12:57 - 000000000 ____D C:\Users\Scott\AppData\Local\PlaceholderTileLogoFolder
2020-07-21 21:03 - 2015-08-27 15:41 - 000000000 ____D C:\ProgramData\Intel
2020-07-21 21:01 - 2015-08-27 15:21 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-21 21:01 - 2015-08-27 15:03 - 000000000 ____D C:\Program Files (x86)\Intel
2020-07-20 14:38 - 2020-05-20 16:55 - 000001399 _____ C:\Users\Scott\Desktop\Hidden Secrets Nostradamus.lnk

==================== Files in the root of some directories ========

2015-08-28 18:28 - 2015-08-28 18:28 - 000000697 _____ () C:\Users\Scott\AppData\Roaming\ConvAPIPlugin.log
2015-10-21 19:06 - 2019-12-22 16:53 - 014716928 _____ () C:\Users\Scott\AppData\Roaming\Sandra.mdb
2015-08-28 13:20 - 2019-12-07 21:09 - 000007623 _____ () C:\Users\Scott\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2020
Ran by Scott (17-08-2020 12:54:35)
Running from C:\Users\Scott\Desktop
Windows 10 Pro Version 2004 19041.450 (X64) (2020-06-05 17:39:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2157332433-1070056625-1532484577-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2157332433-1070056625-1532484577-503 - Limited - Disabled)
Guest (S-1-5-21-2157332433-1070056625-1532484577-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2157332433-1070056625-1532484577-1003 - Limited - Enabled)
Scott (S-1-5-21-2157332433-1070056625-1532484577-1000 - Administrator - Enabled) => C:\Users\Scott
WDAGUtilityAccount (S-1-5-21-2157332433-1070056625-1532484577-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
8 Ball Pool (HKLM-x32\...\8 Ball Pool_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Acrylic Wi-Fi Home v4.3 (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 4.3 - Tarlogic Research S.L.)
Adam Wolfe (HKLM-x32\...\Adam Wolfe_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20041 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.8 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.414 - Adobe)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.02 - ASUSTeK Computer Inc.)
Alice in Wonderland (HKLM-x32\...\Alice in Wonderland_is1) (Version: 1.0 - GameTop Pte. Ltd.)
AlienHallway (HKLM-x32\...\AlienHallway_is1) (Version: 1.0 - Media Contact LLC)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Amazon Kindle) (Version: 1.25.0.52025 - Amazon)
Amazon Photos (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\Amazon Photos) (Version: 7.3.1 - Amazon.com, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
Ancient Ball Curse of Pharaoh (HKLM-x32\...\Ancient Ball Curse of Pharaoh_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Apothecarium World (HKLM-x32\...\Apothecarium World_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3700 - ASUS)
Autodesk DWG TrueView 2018 - English (HKLM\...\DWG TrueView 2018 - English) (Version: 22.0.50.0 - Autodesk)
Barn Yarn (HKLM-x32\...\Barn Yarn_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Blue Tear (HKLM-x32\...\Blue Tear_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
bpd_scan (HKLM-x32\...\{0E52A52C-E120-461C-AA1B-21B045BEE842}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Brick Shooter Egypt (HKLM-x32\...\Brick Shooter Egypt_is1) (Version: 1.0 - Media Contact LLC)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{6C2E3E06-9075-AC61-44F5-727DFA72F01B}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Charm Tale 2 Mermaid Lagoon (HKLM-x32\...\Charm Tale 2 Mermaid Lagoon_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Chicken Attack Deluxe (HKLM-x32\...\Chicken Attack Deluxe_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Cisco VideoGuard Player (HKLM-x32\...\{eb841aaa-19f5-40db-93af-850cf64f61c3}) (Version: 6.8 - Cisco Systems, Inc)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Dark Asylum Mystery Adventure (HKLM-x32\...\Dark Asylum Mystery Adventure_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Dark Heart Flight of the Harpies (HKLM-x32\...\Dark Heart Flight of the Harpies_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Dark Matter (HKLM-x32\...\Dark Matter_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Desktop Destroyer 3D Screensaver (HKLM-x32\...\Desktop Destroyer) (Version: 3.0 - Isotope 244)
Detective of Spirit World (HKLM-x32\...\Detective of Spirit World_is1) (Version: 1.0 - GameTop Pte. Ltd.)
DWG TrueView 2018 - English (HKLM\...\{28B89EEF-1028-0409-0100-CF3F3A09B77D}) (Version: 22.0.50.0 - Autodesk) Hidden
Eastville Chroniclesthe The Drama Queen Murder (HKLM-x32\...\Eastville Chronicles the The Drama Queen Murder_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Egyptian Ball (HKLM-x32\...\Egyptian Ball_is1) (Version: 1.0 - Media Contact LLC)
Escape From Lost Island (HKLM-x32\...\Escape From Lost Island_is1) (Version: 1.0 - Media Contact LLC)
Fall of the New Age (HKLM-x32\...\Fall of the New Age_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Family Vacation 2 (HKLM-x32\...\Family Vacation 2_is1) (Version: 1.0 - GameTop Pte. Ltd.)
GDR 4042 for SQL Server 2008 R2 (KB3045313) (HKLM-x32\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Girl in the City (HKLM-x32\...\Girl in the City_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Golden Dozen Solitaire (HKLM-x32\...\GoldenDozenSolitaire_is1) (Version: 1.0 - Media Contact LLC)
Golden Path (HKLM-x32\...\Golden Path_is1) (Version: 1.0 - Media Contact LLC)
Golden Trails (HKLM-x32\...\Golden Trails_is1) (Version: 1.0 - Media Contact LLC)
Golden Trails 2 (HKLM-x32\...\Golden Trails 2_is1) (Version: 1.0 - Media Contact LLC)
Golden Trails 3 (HKLM-x32\...\Golden Trails 3_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Gone Home (HKLM-x32\...\{F41D91C5-83B4-40E1-869E-01A0D6056F97}) (Version:  - Fullbright)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GreatSecrets-DaVinci (HKLM-x32\...\GreatSecrets-DaVinci_is1) (Version: 1.0 - Media Contact LLC)
Haunted House (HKLM-x32\...\Haunted House_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Hidden Secrets Nostradamus (HKLM-x32\...\Hidden Secrets Nostradamus_is1) (Version: 1.0 - Media Contact LLC)
Hiddenverse Ariadna Dreaming (HKLM-x32\...\Hiddenverse Ariadna Dreaming_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Hiddenverse Tale of Ariadna (HKLM-x32\...\Hiddenverse Tale of Ariadna_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Hope Lake (HKLM-x32\...\Hope Lake_is1) (Version: 1.0 - GameTop Pte. Ltd.)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP OfficeJet 4650 series Basic Device Software (HKLM\...\{F68DF314-BD12-4549-941C-521CB8D16DDE}) (Version: 40.11.1122.1796 - HP Inc.)
HP OfficeJet 4650 series Help (HKLM-x32\...\{20CA428A-0827-4441-BC64-5C577EA970AD}) (Version: 36.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Hypnosis (HKLM-x32\...\Hypnosis_is1) (Version: 1.0 - Media Contact LLC)
I.R.I.S. OCR (HKLM-x32\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP)
iCloud (HKLM\...\{F0AD317D-AE18-45D0-BE5B-30074AFE6740}) (Version: 7.19.0.10 - Apple Inc.)
Inbetween Land (HKLM-x32\...\Inbetween Land_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Insider Tales The Stolen Venus (HKLM-x32\...\Insider Tales The Stolen Venus_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Insider Tales Vanished in Rome (HKLM-x32\...\Insider Tales Vanished in Rome_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Intel Extreme Tuning Utility (HKLM-x32\...\{E33D0A14-53FA-4951-B957-B6B157EB6ED2}) (Version: 5.1.2.2 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{eb3c7583-932b-4db5-a272-5fb4528656bb}) (Version: 5.1.2.2 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Invasion Lost in Time (HKLM-x32\...\Invasion Lost in Time_is1) (Version: 1.0 - GameTop Pte. Ltd.)
iTunes (HKLM\...\{EA1B93E5-47D8-4252-8441-DEC5F5274C60}) (Version: 12.10.8.5 - Apple Inc.)
Jigsaw Puzzle Diamond Pack (HKLM-x32\...\Jigsaw Puzzle Diamond Pack_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Kingdom of Aurelia Mystery of Poisoned Dagger (HKLM-x32\...\Kingdom of Aurelia Mystery of Poisoned Dagger_is1) (Version: 1.0 - GameTop Pte. Ltd.)
League of Mermaids (HKLM-x32\...\League of Mermaids_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.123 - Logitech)
Lost Inca 2 (HKLM-x32\...\Lost Inca 2_is1) (Version: 1.0 - Media Contact LLC)
Lucky Pyramid Solitaire (HKLM-x32\...\Lucky Pyramid Solitaire_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Macrium Reflect Free Edition (HKLM\...\{7B6D9B8A-2663-4F00-87D9-550B309D77A8}) (Version: 7.2.4063 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
Magical Mysteries (HKLM-x32\...\Magical Mysteries_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Microsoft .NET Core SDK 3.1.300 (x64) (HKLM-x32\...\{c8867574-9c22-4807-9803-17387f3f6a85}) (Version: 3.1.300.15161 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{C058FC5D-565F-4360-A562-0527A3D993DC}) (Version: 2.3.2211 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.59 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Access Runtime (English) 2007 (HKLM-x32\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\OneDriveSetup.exe) (Version: 20.124.0621.0006 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{EFECC55D-7B0A-4D05-8487-CC2FD7C618A3}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.4 (x64) (HKLM-x32\...\{6ea49e83-4bd6-41b7-85ee-aa6a433739bd}) (Version: 3.1.4.28821 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
Mozilla Firefox 79.0 (x64 en-US) (HKLM\...\Mozilla Firefox 79.0 (x64 en-US)) (Version: 79.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 79.0.0.7506 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Expedition Prisoners of Ice (HKLM-x32\...\Mystery Expedition Prisoners of Ice_is1) (Version: 1.0 - GameTop Pte. Ltd.)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Our Worst Fears Stained Skin (HKLM-x32\...\Our Worst Fears Stained Skin_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Pool Pro (HKLM-x32\...\Pool Pro_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Rainbow Web 2 (HKLM-x32\...\Rainbow Web 2_is1) (Version: 1.0 - Media Contact LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7233 - Realtek Semiconductor Corp.)
Riddles of the Past (HKLM-x32\...\Riddles of the Past_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Sacred Almanac Traces of Greed (HKLM-x32\...\Sacred Almanac Traces of Greed_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Sandra Fleming Chronicles Crystal Skulls (HKLM-x32\...\Sandra Fleming Chronicles Crystal Skulls_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Scaraball (HKLM-x32\...\Scaraball_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Search for the Wonderland (HKLM-x32\...\Search for the Wonderland_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Secrets of the Past Mothers Diary (HKLM-x32\...\Secrets of the Past Mothers Diary_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Seven Roses (HKLM-x32\...\Seven Roses_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Showing Tonight Mindhunters Incident (HKLM-x32\...\Showing Tonight Mindhunters Incident_is1) (Version: 1.0 - GameTop Pte. Ltd.)
SiSoftware Sandra Lite 2015.SP2b (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.42.2015.7 - SiSoftware)
Soldier of Fortune II - Double Helix GOLD (HKLM-x32\...\Soldier of Fortune II - Double Helix GOLD) (Version: 1.02 - Activsion, Inc.)
Space Legends (HKLM-x32\...\Space Legends_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM-x32\...\{93998800-1608-403F-9A51-420A77D23C25}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Star Defender 2 (HKLM-x32\...\Star Defender 2_is1) (Version: 1.0 - Media Contact LLC)
Star Drone (HKLM-x32\...\Star Drone_is1) (Version: 1.0 - Media Contact LLC)
Star Raid (HKLM-x32\...\Star Raid_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Curse of Silent Marshes (HKLM-x32\...\The Curse of Silent Marshes_is1) (Version: 1.0 - GameTop Pte. Ltd.)
The Great Unknown Houdinis Castle (HKLM-x32\...\The Great Unknown Houdinis Castle_is1) (Version: 1.0 - GameTop Pte. Ltd.)
The Princess Case (HKLM-x32\...\The Princess Case_is1) (Version: 1.0 - GameTop Pte. Ltd.)
The Secret Legacy Kate Brooks (HKLM-x32\...\The Secret Legacy Kate Brooks_is1) (Version: 1.0 - GameTop Pte. Ltd.)
The Spell (HKLM-x32\...\The Spell_is1) (Version: 1.0 - GameTop Pte. Ltd.)
TheMatrix Screen Saver version 1.14 (HKLM-x32\...\{23FBECC1-FA31-472A-83FB-27520B81EC3A}_is1) (Version: 1.14 - Meticulous Software)
TP-LINK Archer T4UH Driver (HKLM-x32\...\{56214C11-9B9E-4B22-8AB1-DCF9DD604A15}) (Version: 1.3.1 - TP-LINK)
TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Twilight City Love as a Cure (HKLM-x32\...\Twilight City Love as a Cure_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Twitch (HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Void (HKLM-x32\...\Void_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Vulkan Run Time Libraries 1.0.13.0 (HKLM\...\VulkanRT1.0.13.0) (Version: 1.0.13.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.13.0 (HKLM\...\VulkanRT1.0.13.0-2) (Version: 1.0.13.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-2) (Version: 1.0.37.0 - LunarG, Inc.)
Wave of Time (HKLM-x32\...\Wave of Time_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Weeping Skies (HKLM-x32\...\Weeping Skies_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Yeti Legend Mystery of the Forest (HKLM-x32\...\Yeti Legend Mystery of the Forest_is1) (Version: 1.0 - GameTop Pte. Ltd.)

Packages:
=========
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08 [2020-07-24] (AMZN Mobile LLC.) [Startup Task]
Amazon Prime Video for PC -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.9.0_x64__pwbj9vvecjh7j [2020-08-11] (Amazon Development Centre (London) Ltd)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-27] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.1.7200.0_x86__8wekyb3d8bbwe [2020-08-10] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8042.0_x64__8wekyb3d8bbwe [2020-08-06] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.24.32162.0_x64__8wekyb3d8bbwe [2020-08-10] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-16] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> E:\Programs\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> E:\Programs\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-15] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-05-07] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll -> No File
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2020-07-12 21:48 - 2017-10-29 19:15 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2020-07-12 21:48 - 2017-11-24 08:48 - 000082432 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
2020-07-12 21:48 - 2017-11-24 08:48 - 000743424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2020-07-12 21:48 - 2017-11-24 08:48 - 000082432 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2020-07-12 21:54 - 2014-10-30 15:36 - 001139712 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2020-07-12 21:54 - 2014-10-09 09:31 - 000237568 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2020-07-12 21:54 - 2014-02-24 17:49 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2020-07-12 21:48 - 2017-12-26 21:26 - 000053248 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\cpuutil.dll
2020-07-12 21:48 - 2017-11-27 17:57 - 000062464 _____ () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\Exeio.dll
2020-07-12 21:48 - 2017-11-27 17:57 - 001772544 _____ () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\Vender.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-07-24 19:00 - 2020-07-24 19:01 - 075942400 _____ () [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\Alexa.dll
2019-12-26 15:07 - 2019-12-26 15:07 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\e_sqlite3.dll
2020-07-24 19:00 - 2020-07-24 19:00 - 000009216 _____ () [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\ImagePipelineNative.dll
2020-05-14 00:59 - 2020-05-14 00:59 - 000123392 _____ () [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\libpryon_lite.dll
2020-08-05 17:38 - 2020-08-05 17:38 - 000799744 _____ () [File not signed] C:\Users\Scott\AppData\Local\Amazon Drive\sqlite3.dll
2020-08-17 12:48 - 2020-08-17 12:48 - 000192512 _____ () [File not signed] C:\Users\Scott\AppData\Local\Temp\sfamcc00001.dll
2020-08-17 12:48 - 2020-08-17 12:48 - 000158720 _____ () [File not signed] C:\Users\Scott\AppData\Local\Temp\sfareca00001.dll
2015-08-27 14:59 - 2014-04-24 15:03 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL
2020-07-12 21:48 - 2017-10-29 19:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpi.dll
2020-07-12 21:48 - 2017-11-24 08:47 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll
2020-08-17 12:47 - 2020-08-17 12:47 - 000036648 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\asacpiEx.dll
2020-07-12 21:48 - 2017-11-24 08:47 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2020-07-12 21:48 - 2017-11-24 08:47 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiEx.dll
2020-07-12 21:54 - 2014-10-14 19:32 - 001088000 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\System Information\SystemInfo.dll
2020-07-12 21:54 - 2010-03-08 17:11 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\AsMultiLang.dll
2020-07-12 21:54 - 2015-03-12 14:48 - 000901120 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\Express.dll
2020-07-12 21:48 - 2017-05-03 08:17 - 000106496 _____ (ASUSTek Computer Inc.,) [File not signed] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\EIO.DLL
2019-12-26 15:07 - 2019-12-26 15:07 - 000098816 _____ (Facebook, Inc.) [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\yoga.dll
2015-08-28 18:26 - 2010-05-14 15:04 - 000138752 _____ (Hewlett-Packard Company) [File not signed] C:\WINDOWS\System32\hpf3l02t.dll
2015-08-28 18:27 - 2010-05-14 15:04 - 000253440 _____ (Hewlett-Packard Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp02t.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2014-05-28 10:10 - 2014-05-28 10:10 - 000296960 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-05-28 10:10 - 2014-05-28 10:10 - 000526336 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2020-08-05 17:38 - 2020-08-05 17:38 - 000125952 _____ (Robert Vazan) [File not signed] C:\Users\Scott\AppData\Local\Amazon Drive\crc32c.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000076288 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qgifd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000097280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicnsd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000077312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qicod.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000432640 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qjpegd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000058880 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qsvgd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000058880 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtgad.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000574976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qtiffd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000058368 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwbmpd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000844800 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\imageformats\qwebpd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 002932736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\platforms\qwindowsd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 009541632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Cored.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 010430464 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Guid.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000557056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Svgd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 008565248 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Widgetsd.dll
2020-07-12 21:48 - 2017-10-29 19:15 - 000299520 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\Qt5Xmld.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2020-07-12 21:48 - 2017-12-20 11:01 - 000193536 _____ (TODO: <Company name>) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\VGA COM\2.00.03\AsusGpuTweak.dll
2020-05-14 00:59 - 2020-05-14 00:59 - 000266752 _____ (Un4seen Developments) [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\bass.dll
2020-05-14 00:59 - 2020-05-14 00:59 - 000112640 _____ (Un4seen Developments) [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\bassmidi.dll
2020-05-14 00:59 - 2020-05-14 00:59 - 000045056 _____ (Un4seen Developments) [File not signed] C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_2.12.469.0_x64__22t9g3sebte08\bassmix.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:67D1828F [1520]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\HP\Digital Imaging\bin;C:\Program Files (x86)\HP\Digital Imaging\bin\;C:\Program Files (x86)\HP\Digital Imaging\bin\Qt\Qt 4.3.3;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;%JAVA_HOME%\bin;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files\ASUS\Bluetooth Software\;C:\Program Files\ASUS\Bluetooth Software\syswow64;;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Scott\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\background12 (2).jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "HP OfficeJet 4650 series (NET)"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "Sidebar"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2157332433-1070056625-1532484577-1000\...\StartupApproved\Run: => "79E7102FE81497D621F06500A298B59D3A61040B._service_run"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{35B2364D-4C27-47DF-92F9-AF713C3D1472}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Research SL -> Tarlogic Research S.L.)
FirewallRules: [{A2C21173-0A04-4A84-81C5-7A2A3CD0900A}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe (Tarlogic Research SL -> Tarlogic Research S.L.)
FirewallRules: [{86CBC11C-692B-4B08-9345-DB9BD811B2AC}] => (Allow) LPort=1542
FirewallRules: [{383222AB-AC3A-407F-8F3D-AFC6A52DE012}] => (Allow) LPort=1542
FirewallRules: [{D272D3B0-F5D2-4391-91C2-83CBA6B64886}] => (Allow) LPort=53
FirewallRules: [{FD095C8E-10A8-4FB9-8570-D799E0B796C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{43E241A0-4881-4AD4-9DD3-01A1877FCD1F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{677D4B9B-E37B-44FC-B5F9-8BBFA8376832}] => (Allow) E:\Programs\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D2F3575F-BC6A-444C-A831-B27FA1DCA589}] => (Allow) E:\Programs\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F417FBDA-CCFC-4304-83CE-9D0DB7CB908B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{7ACAEC7E-1825-4230-AFD9-109531639F6E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3BE83233-CEFC-4394-AD4F-F407774CD1DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{914E4907-D489-4295-BA01-359EE94E6F06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7E1DBB0-FD40-43C3-95DA-5CDF119778DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{68136BBE-C8B1-4CE6-A626-7682F299C168}] => (Allow) E:\Programs\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe (SiSoftware SPC -> SiSoftware) [File not signed]
FirewallRules: [{3A5C218F-28F1-4492-8650-C29856DB9F95}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3F960DA5-0A85-43B4-B3F3-52AAA4FE86F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{453DD2EF-DC29-4BC0-B106-A6BD6DF76ECE}] => (Allow) E:\Programs\Steam\steamapps\common\Tachyon The Fringe\Tachyon.exe () [File not signed]
FirewallRules: [{94CFEE01-0B1D-46F4-AFA1-353D3F4CC35F}] => (Allow) E:\Programs\Steam\steamapps\common\Tachyon The Fringe\Tachyon.exe () [File not signed]
FirewallRules: [{72000F7B-CBC6-4522-8EFF-61DAEF00C482}] => (Allow) E:\Programs\Steam\steamapps\common\Comanche 4\c4.exe () [File not signed]
FirewallRules: [{74E43185-F58A-4AF8-B9DB-FE34300F1DED}] => (Allow) E:\Programs\Steam\steamapps\common\Comanche 4\c4.exe () [File not signed]
FirewallRules: [{B5590630-F2AD-440C-81FA-2645671FC1D2}] => (Allow) E:\Programs\Steam\steamapps\common\Comanche 4\c4medc.exe () [File not signed]
FirewallRules: [{53DA2017-2D0A-4BEC-AA37-C722356BF56C}] => (Allow) E:\Programs\Steam\steamapps\common\Comanche 4\c4medc.exe () [File not signed]
FirewallRules: [{7FF5E9C5-52C6-45DF-BCF5-EB2D3F6CEB4B}] => (Allow) E:\Programs\Steam\steamapps\common\MiG-29 Fulcrum\M29.exe (NovaLogic) [File not signed]
FirewallRules: [{0123CDF3-BC5B-4BD1-8F54-8AC0DFBC15A2}] => (Allow) E:\Programs\Steam\steamapps\common\MiG-29 Fulcrum\M29.exe (NovaLogic) [File not signed]
FirewallRules: [{892B875D-D8E3-4A09-A3D8-A7F383E46DC9}] => (Allow) E:\Programs\Steam\steamapps\common\MiG-29 Fulcrum\Fwe.exe (NovaLogic) [File not signed]
FirewallRules: [{8553807B-F5E9-4DAE-A315-E035607B363C}] => (Allow) E:\Programs\Steam\steamapps\common\MiG-29 Fulcrum\Fwe.exe (NovaLogic) [File not signed]
FirewallRules: [{F1889078-19AD-4B3C-B9F2-B41ADCFC4274}] => (Allow) E:\Programs\Steam\steamapps\common\F-16 Multirole Fighter\F16.EXE (NovaLogic) [File not signed]
FirewallRules: [{0AA1D55E-B576-4EA0-A51F-F4526964DFD8}] => (Allow) E:\Programs\Steam\steamapps\common\F-16 Multirole Fighter\F16.EXE (NovaLogic) [File not signed]
FirewallRules: [{6F670F7B-72F4-43BA-A98C-4598CEA21B48}] => (Allow) E:\Programs\Steam\steamapps\common\F-16 Multirole Fighter\FWE.EXE (NovaLogic) [File not signed]
FirewallRules: [{C1062F95-9041-42CD-AA0E-9EC2033C4F88}] => (Allow) E:\Programs\Steam\steamapps\common\F-16 Multirole Fighter\FWE.EXE (NovaLogic) [File not signed]
FirewallRules: [{2B57F8E3-9F99-42C0-A61D-E2C15EFB7796}] => (Allow) E:\Programs\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{24E26997-E0F0-4A43-BC14-830117A64424}] => (Allow) E:\Programs\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{F57FC5FC-FE0E-4DA0-AAD9-D41218CC1502}] => (Allow) E:\Programs\Steam\steamapps\common\F-22 Lightning 3\L3.exe (NovaLogic) [File not signed]
FirewallRules: [{C9F46A05-4338-4352-AA4A-6732E0AF6823}] => (Allow) E:\Programs\Steam\steamapps\common\F-22 Lightning 3\L3.exe (NovaLogic) [File not signed]
FirewallRules: [{9D0DEA32-4976-4CEA-8344-CE482FFD4FD7}] => (Allow) E:\Programs\Steam\steamapps\common\F-22 Lightning 3\Fwe.exe (NovaLogic) [File not signed]
FirewallRules: [{08311EB9-79AA-4690-AE37-92B29F71549C}] => (Allow) E:\Programs\Steam\steamapps\common\F-22 Lightning 3\Fwe.exe (NovaLogic) [File not signed]
FirewallRules: [{9BC96D88-0A39-4A17-9AC1-15890F2C4561}] => (Allow) E:\Programs\Steam\steamapps\common\Armored Fist 3\AF3.EXE () [File not signed]
FirewallRules: [{A04EC818-9666-4C94-9DC9-9009C2F01A1D}] => (Allow) E:\Programs\Steam\steamapps\common\Armored Fist 3\AF3.EXE () [File not signed]
FirewallRules: [{2FEBAD4F-4F1A-4544-85C7-04631A1429BE}] => (Allow) E:\Programs\Steam\steamapps\common\Armored Fist 3\AF3MED.EXE () [File not signed]
FirewallRules: [{F35CED5A-306A-41C7-830E-439BC25CBF33}] => (Allow) E:\Programs\Steam\steamapps\common\Armored Fist 3\AF3MED.EXE () [File not signed]
FirewallRules: [{4576AFB4-E9AF-472E-A61C-BDE87BA55874}] => (Allow) E:\Programs\Steam\steamapps\common\Shattered_Horizon\client_exe\shattered_horizon.exe (Futuremark) [File not signed]
FirewallRules: [{6522C122-88AB-49BD-A5CB-EB0F8B5D05DE}] => (Allow) E:\Programs\Steam\steamapps\common\Shattered_Horizon\client_exe\shattered_horizon.exe (Futuremark) [File not signed]
FirewallRules: [{8146F85C-996E-4A61-9853-838778A56109}] => (Allow) E:\Programs\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{B1EA69A4-793C-4DCE-93B5-0DC14510EF20}] => (Allow) E:\Programs\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{136F6FCB-6B7E-4AD2-8058-95FA0F842457}] => (Allow) LPort=1487
FirewallRules: [{2980AE92-DEF6-4854-938B-AABA2FE80B14}] => (Allow) E:\Programs\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B782F739-CFC3-407C-92F3-8F2B06534DBF}] => (Allow) E:\Programs\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{873099C4-5C6F-4FE4-A7DF-A9015D22387B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{25F68A88-110C-48BB-9012-D2B1A48D7A57}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{08C35FCD-9652-4291-B8A2-D2E33DACEB22}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{00F018DD-EF65-4186-A553-7FF0A3FB0BA5}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{C677A415-410E-4C1D-B0EF-45A38EC2454F}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3F0DE728-DD80-4C7D-8EDA-68C08D5A711A}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{0C0F07F2-B78D-4157-B200-7417299F2A73}] => (Allow) LPort=5357
FirewallRules: [{2AE31A57-FAFA-4955-90E2-2AFE87B4BA7D}] => (Allow) C:\Program Files\HP\HP OfficeJet 4650 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2469690C-8B77-413E-99D2-336D24085337}] => (Allow) E:\Programs\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9A94ED11-79B2-46B2-9B70-CD9AF6C1D56A}] => (Allow) E:\Programs\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DC56F89E-CF94-4E61-BC24-EB9649751772}] => (Allow) E:\Programs\Steam\steamapps\common\GRID Autosport\GRIDAutosport.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{E71530DE-390A-48AD-96EC-445E59135F7A}] => (Allow) E:\Programs\Steam\steamapps\common\GRID Autosport\GRIDAutosport.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{A31CA66C-3D07-4CFD-885A-BF159CBD9600}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{DEB2B1B7-73A3-4478-B73C-32C93C976657}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{F4BA919E-C038-4AAE-8E79-5A2527EA7E9E}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{A652D0DC-C303-4880-9398-B80EAB691E7E}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{36CA3E14-44E0-404B-9E72-F0515ADB182F}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{FBCB0F29-4261-430B-B3E0-F2BDB507D6D8}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{59288CA4-0585-45FC-9486-728B6BBAAF30}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{199FADAB-3A3A-4C54-9F75-2E24710CD204}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FF9368DB-1184-4232-8978-EE339B038D6E}] => (Allow) E:\Programs\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{86190D57-382F-4836-91F4-50E1AC1C758F}] => (Allow) E:\Programs\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\RpcSandraSrv.exe (SiSoftware SPC -> SiSoftware) [File not signed]

==================== Restore Points =========================

12-08-2020 16:28:06 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/17/2020 12:48:09 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NEWPC)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (08/17/2020 12:48:09 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NEWPC)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/17/2020 12:46:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/17/2020 12:46:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/17/2020 12:46:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/17/2020 12:46:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]


System errors:
=============
Error: (08/17/2020 12:47:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126

Error: (08/17/2020 12:47:32 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ASUS\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.

Error: (08/17/2020 12:47:22 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 124) (User: NT AUTHORITY)
Description: 03225747456

Error: (08/17/2020 12:47:22 PM) (Source: Microsoft-Windows-Hyper-V-Hypervisor) (EventID: 41) (User: NT AUTHORITY)
Description: Hypervisor launch failed; Either VMX not present or not enabled in BIOS.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 3503 04/18/2018
Motherboard: ASUSTeK COMPUTER INC. Z97-AR
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 25%
Total physical RAM: 16323.55 MB
Available physical RAM: 12140.03 MB
Total Virtual: 32707.55 MB
Available Virtual: 27167.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.54 GB) (Free:225.25 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:664.77 GB) NTFS
Drive f: (BackUp) (Fixed) (Total:931.51 GB) (Free:411.43 GB) NTFS
Drive g: () (Fixed) (Total:0.39 GB) (Free:0.36 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 476.9 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=401 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 19D79FB1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 19D79FB0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

==================== End of Addition.txt =======================


  • 0

#6
sl962

sl962

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Sorry, forgot this in last post

All other temps between 29 and 50C


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,147 posts
  • MVP

DISM says it found and fixed some corrupt files so perhaps that helped.  See if you can get the Windows Defender scan to complete now.

 

You probably need a new install of

ASUS Bluetooth Software

 

It is showing an error. 

 

Also your TP-LINK software probably needs to be updated or reinstalled.


  • 0

#8
sl962

sl962

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Will take care of above software and run full scan.

I will let you know the results as soon as I can

Thanx again for you help...


  • 0

#9
sl962

sl962

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

All seems well. Scan finished and only found 1 PUP in the spsetup 132 download. Temps stayed below 65C on speedfan and between 90 - 100C on HWMonitor. Still concerned with difference in temp monitors Speedfan and HWMonitor. Also will do a thorough cleaning inside. My case has pretty decent filters so keep those clean (weekly). Will let you know if anything else pops up out of the blue. Let me know if there is anything special I need to do to remove programs ect beyond standard removal.

Thank You again for all your help. (And I agree with the Orcas Island thing!)


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,147 posts
  • MVP

spsetup132 is the installer we downloaded for Speccy.

Are you sure HWMonitor is not giving you F instead of C?

You might try Core-Temp

for a second opinion on the temps:

https://www.alcpu.com/CoreTemp/

 

It never hurts to run MBAR once in a while to make sure there is nothing hiding that we can't see.

 

https://www.malwareb...om/antirootkit/

 

I like to do the following to speedup Win 10 a bit:

 

Search for

task scheduler

hit Enter

Click on the arrow in front of Task Scheduler Library then

Click on the arrow in front of Microsoft

Click on the arrow in front of Windows

Click on Application Experience.  In the next pane to the right, right click on each Task and Disable.  Should be three tasks.

Click on Customer Experience Improvement Program.  In the next pane to the right, right click on each Task and Disable.  Should be two tasks.

Download OOSU10.exe:

https://www.oo-softw...com/en/shutup10

Download and Save it (You will get a popup while it's downloading.  You can X out of it)
then Right click and Run As Admin.
Allow it to make a System Restore Point.
Click on Actions then on Apply Recommended Settings.

Close the program and reboot.

(After each major Windows update it's wise to rerun the program and "Revert the changes.")

 

You were getting an error about sysmain.dll.  This is not something you really need.  Search for

services.msc

hit Enter

Scroll down to Sysmain and right click and select Properties.  Change the Startup Type to Manual or Disabled.  OK.

 

Alas we are no longer on Orcas.  Lived there for 5 years but 3 years ago my wife decided she wanted to live closer to her grandchildren so we are back in Melbourne Beach FL.

 

Following is my standard goodbye with instructions for removing things:

 

Time to clean up:
If we used FRST to clean your PC:

right click on FRST.exe or FRST64.exe (whichever you used) and rename it to uninstall.exe.  Then right click on uninstall.exe and Run as Admin.

 
If we installed Speccy it needs to be uninstalled.  Process Explorer, VEW, AdwCleaner, JRT  and their logs and Speccy's log can just be deleted.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan.  Go slow and uncheck the optional stuff.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions.


If you use Chrome/Firefox/Edge then get the Ublock Origin extension.  For IE go to adblockplus.org  and get the program.
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox. Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
(If it complains about Chrome still running you can stop it with Task Manager or go into Chrome then go to:

chrome://settings/

Hit Advanced at the bottom of the page then scroll down to near the bottom where it says System.

Change
Continue running background apps when Google Chrome is closed
to Off (slide the blue thing to the left and it turns brown)
Close Chrome.


If the browser is still slow then go in and disable all of your extensions, close the browser and Optimize with SpeedyFox then restart the browser.  If that helps then one or more of your extensions is at fault.  Go back in and turn them on one at a time and see if you can figure out which ones slow things down the most.

If you are a Facebook user get the FB Purity extension for your browser:
http://www.fbpurity.com/
This will stop all of the suggested pages and ads so that Facebook loads much quicker.


Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combeforeyou open them.

Due to a recent rise in the number of Crytolocker infections I am now recommending you install:

https://www.bleeping...somware/dl/306/
It's currently a free version.

If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.
If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.

Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not the latest.  If in doubt uninstall all.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.

If you are running Win 10 you probably want Classic Shell:  http://www.classicshell.net/ This program will make Win 10 act like Win 7 with the same controls you are used to.



Recommended software: (I'm not saying you should download these just that if you have a need for a new program these are safe and work)  
Compression:  7-zip.  Avoid WinRar and WinZip as the free versions have adware.
Video Player:  VLC  Unlike Windows Media Player it never seems to need extra files to work.
Office like free program:  Open Office: https://www.openoffice.org/download/
or
LibreOffice: https://www.libreoffice.org/
Free Anti-Virus:  Avast
Free Malware prevention:  MBAM: Free version at https://www.malwareb...m/mwb-download/
Can run with your anti-virus.
Paid Anti-Virus:  Kaspersky or BitDefender
Utilities:
Root Kit Detector:  MBAR: https://www.malwareb...om/antirootkit/
Process Explorer:  Show you what is running on the PC.  Like Task manager but better:  http://live.sysinter...com/procexp.exe
WhoCrashed: Why did your system crash?
http://www.resplendence.com/downloads
Then click on Download free home edition
where it says:
WhoCrashed 5.51
Comprehensible crash dump analysis tool
for Windows 10/8.1/8/7/Vista/XP/2012/2008/2003 (x86 and x64)
System Health:
Speccy:  
http://www.filehippo.com/download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Decline CCleaner if offered.  Pay attention to SMART info on your hard drives and to temps.  If in doubt about temps try:
SpeedFan:  Try speedfan
http://www.filehippo...nload_speedfan/
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.


With Win 10 only there is a new Game recorder program.  It's supposed to only work for games but it works nicely to record any video you watch.  Hit the Win key + Alt + r to start the recorder.  The first time it asks you if it is looking at a game.  Just tell it yes.  After that it starts recording whenever you bring it up.  Videos are saved to the Captures folder under Videos.  You can only record what you watch so limited to only one video at a time.  Best to go to full screen before starting the recorder.

Avoid:  
Advanced System Care
SuperAntiSpyware
HitmanPro
Spybot S&D
Any P2P software especially if it comes from Conduit.
Registry Cleaners
Driver updating software.
PC fixing or Speed up software.
Running more than one anti-virus.
Seagate hard drives.  If you have one it's going to fail on you so backup your data now!



 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP