Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Bing Search Engine hijacking

Bing; hijacking

  • Please log in to reply

#1
KimberlyFayeLane

KimberlyFayeLane

    New Member

  • Member
  • Pip
  • 2 posts
Google is the only search engine I have on my computer.  I have it selected as my default search engine.  However, when I enter a search into Google Chrome, the topic comes up in a Microsoft Bing results page.  I want Microsoft Bing GONE FOR GOOD!!!  Thank you for any support you can provide!
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2020
Ran by Lane Family (administrator) on DESKTOP-IEV2NL5 (HP HP Pavilion Desktop 590-p0xxx) (16-09-2020 17:02:31)
Running from C:\Users\Lane Family\Desktop
Loaded Profiles: Lane Family
Platform: Windows 10 Home Version 1903 18362.1082 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0353888.inf_amd64_a69018be2db26553\B353587\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0353888.inf_amd64_a69018be2db26553\B353587\atiesrxx.exe
(Amazon.com Services LLC -> Amazon.com Services LLC) C:\Users\Lane Family\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <42>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe <2>
(McAfee, LLC. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\pef\CORE\PEFService.exe
(McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\VSCore_19_7\mcapexe.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\csp\3.2.117.0\McCSPServiceHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\mmsshost\MMSSHOST.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\mcafee\mfeav\MfeAVSvc.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\mcafee\vul\McVulCtr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lane Family\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.20.5.39\nsWscSvc.exe
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealPlayer\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\realdownloader264.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.5.39\NortonSecurity.exe <2>
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [319520 2018-07-05] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709152 2018-03-22] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2107232 2017-12-19] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [353064 2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\Real\RealPlayer\downloader2.exe [1278248 2020-06-12] (RealNetworks, Inc. -> )
HKU\S-1-5-21-1344096843-1429473437-65493552-1001\...\Run: [Amazon Music Helper] => C:\Users\Lane Family\AppData\Local\Amazon Music\Amazon Music Helper.exe [2107848 2020-05-22] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-1344096843-1429473437-65493552-1001\...\Run: [Amazon Music] => C:\Users\Lane Family\AppData\Local\Amazon Music\Amazon Music.exe [20373448 2020-05-22] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-1344096843-1429473437-65493552-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --profile-directory="Profile 2" --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-swit (the data entry has 134 more characters).
HKU\S-1-5-21-1344096843-1429473437-65493552-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-s (the data entry has 222 more characters).
HKU\S-1-5-21-1344096843-1429473437-65493552-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [221184 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon TS6300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFQ.DLL [509952 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6300 series: C:\WINDOWS\system32\CNMLMFQ.DLL [940032 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP DD11 Status Monitor: C:\WINDOWS\system32\hpinkstsDD11LM.dll [392192 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\PDF995 Monitor: C:\WINDOWS\system32\pdf995mon64.dll [40448 2014-03-05] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NotificationTool.lnk [2020-01-03]
ShortcutTarget: NotificationTool.lnk -> C:\Program Files (x86)\Canon\hdAlbum EZ\NotificationTool.exe (Canon Inc. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2020-06-12]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03422755-8343-4F24-97EC-D837A9B61463} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-05-04] (HP Inc. -> HP Inc.)
Task: {03609CAA-E8A4-472F-9473-B2B27AABE529} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe [117192 2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {042F93BC-5B55-4190-A85D-A2F550D6A8DF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1344096843-1429473437-65493552-1001 => C:\Program Files (x86)\Real\RealPlayer\realupgrade.exe [135464 2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {094598D2-76F1-45F2-BB74-DE7A59381ECA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {0B39971E-FBC7-4068-9A72-A53FB3FE61F0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {19D896B5-28B6-4087-95AE-85C9C24F4431} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe [117192 2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {21B51199-1824-4453-8D88-E2714E9ABF84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {2256C2A9-BE0D-4D70-98FF-C9ABC27CC3C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {24ED3AE6-7442-4ADB-957A-845D297073F9} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [759752 2019-08-14] (McAfee, LLC. -> McAfee, LLC.)
Task: {29B6F3FF-9963-4C7D-9876-E57861A82392} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe
Task: {2AF46C6A-F9B9-4F69-ABB8-AD51966A7FBB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealPlayer\downloader2.exe [1278248 2020-06-12] (RealNetworks, Inc. -> )
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {2DD91138-4CB1-4A0E-86E9-86D76208BC8E} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1040688 2019-09-10] (McAfee, LLC. -> McAfee, LLC.)
Task: {30819EDC-E0A3-4410-ACAB-BAB7FB1617F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {3801143E-EE0C-43B7-BB8F-71FEEFEA9CC6} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.5.39\SymErr.exe [117192 2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {461B338D-8144-4A68-A9B0-0C01347B2964} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {47886865-7FC1-4C66-B3B3-B84AC1A37D7B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4E2C4ED4-F553-497F-9AD3-CCF3B8F1C946} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe
Task: {4EE6CDA5-F5D2-470A-81BC-6DA2DAF884D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {5189576C-9D44-4FD7-BB8B-A2C8CF03C168} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {532C4C8E-9059-4DC1-9DCB-502DA6A94DD3} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5AF28BE0-9472-4101-AE38-298B51BD87B9} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.5.39\WSCStub.exe [644608 2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {61870A35-4D58-4917-B54D-792DA527A8EF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {6470C552-D68E-4EBD-A4CF-080F9295994B} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2162328 2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {794F0972-1492-4E88-87E5-9F8395C4648F} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.153\DADUpdater.exe [4194704 2020-07-22] (McAfee, Inc. -> McAfee, LLC)
Task: {7EF6D414-F1EA-45E6-BBC1-53AA7AE5A9C1} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4596480 2020-06-19] (McAfee, LLC -> McAfee, LLC)
Task: {81735A7C-0252-4FF1-AB2A-7FC60D36A257} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe
Task: {915353DE-13D5-4FFE-9F25-65830E9F06A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-29] (Google Inc -> Google Inc.)
Task: {91E6942F-C694-4DA1-AE07-2AF5A6FB5308} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-29] (Google Inc -> Google Inc.)
Task: {9BDC8F53-ADB9-4644-8B04-6B6692C757D3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9D91D10E-2186-4FCC-AD5E-02A96C9C2B19} - System32\Tasks\HPCustParticipation HP ENVY 5660 series => C:\Program Files\HP\HP ENVY 5660 series\Bin\HPCustPartic.exe [6437792 2019-03-19] (HP Inc -> HP Inc.)
Task: {9FB6947F-A79D-400B-B48B-49FE0DE42C4B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {A5C5A3C0-7A51-4DC9-99C6-5EE835E9C7E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {A753A92E-83E4-42EE-978C-CF372D294DE3} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d5cf133942b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-29] (Google Inc -> Google Inc.)
Task: {ACB8DF05-9998-4D7B-B44C-4B927D67EA2D} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d5cf13061fe => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-29] (Google Inc -> Google Inc.)
Task: {BD93C440-CBF5-42F3-BCEC-C78DE8CE95F6} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {C5632FD1-079C-48B5-A3A8-12DF0E647CA9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [345944 2020-09-08] (HP Inc. -> HP Inc.)
Task: {C5773265-1D82-4D45-B2F7-82F256057596} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1040688 2019-09-10] (McAfee, LLC. -> McAfee, LLC.)
Task: {D338218C-E09A-46DC-A77D-9E3CBC5BA4D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [519000 2020-09-09] (HP Inc. -> HP Inc.)
Task: {DC278205-15DE-4E14-98AF-B766CCCC5661} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH51S64276 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {E19B4608-134D-4340-8C36-6690C05E8A17} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {E757B01D-7D13-44A8-8644-EBB2DA404FD4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F322A6F3-4080-4F0B-958D-493586C13CAC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1344096843-1429473437-65493552-1001 => C:\Program Files (x86)\Real\RealPlayer\realupgrade.exe [135464 2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {F3F888FD-0F44-4D07-B81B-4A9A093E3D56} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0542a238-13b6-474f-8e03-54b6082c6489}: [DhcpNameServer] 192.168.1.1
 
Edge: 
======
Edge Profile: C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-12]
Edge DefaultSearchURL: Default -> hxxps://searchprivacyplus.com/results.php?p=9018&v=400&q={searchTerms}&source=default
Edge DefaultSearchKeyword: Default -> Secure
Edge DefaultSuggestURL: Default -> hxxps://searchprivacyplus.com/gjson.php?q={searchTerms}
Edge Session Restore: Default -> is enabled.
Edge Extension: (Google Translate) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-07-03]
Edge Extension: (Honey) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2020-09-12]
Edge Extension: (Bitmoji) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bfgdeiadkckfbkeigkoncpdieiiefpig [2020-07-03]
Edge Extension: (One Click Full Page Screenshot) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dchfhilphcokdhfmikknmgdbmklbnnle [2020-07-03]
Edge Extension: (Houzz Save Button) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhjpekndimioildjhjfglcdgpahjoich [2020-09-12]
Edge Extension: (Save to Google Drive) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2020-07-03]
Edge Extension: (Flash SD App+) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ijjeicnefbibcbklpcilhdjofhhoiida [2020-07-03]
Edge Extension: (Pinterest Save Button) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggnegiphhh [2020-07-03]
Edge Extension: (GIPHY for Chrome) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlleokkdhkflpmghiioglgmnminbekdi [2020-09-12]
Edge Extension: (Wikibuy from Capital One) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2020-08-04]
Edge Extension: (Secure) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mhgbnhpnpbannmgopfmijnbbalfnajhk [2020-07-03]
Edge Extension: (Screencastify - Screen Video Recorder) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2020-09-12]
Edge Extension: (Instant Eyedropper) - C:\Users\Lane Family\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\okkpedjcdhfkhjnfcbebpdpnhdhibeic [2020-08-04]
 
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2019-09-17] (McAfee, LLC. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2019-09-17] (McAfee, LLC. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=20.0.0.314 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=20.0.0.314 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2020-06-12] (RealNetworks, Inc. -> RealPlayer)
FF Plugin HKU\S-1-5-21-1344096843-1429473437-65493552-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Lane Family\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-08] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default [2020-09-16]
CHR HomePage: Default -> bing.com
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Slides) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-29]
CHR Extension: (Docs) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-29]
CHR Extension: (Google Drive) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-29]
CHR Extension: (YouTube) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-29]
CHR Extension: (Sheets) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-29]
CHR Extension: (Google Docs Offline) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-13]
CHR Extension: (Bing Homepage & Search Engine) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2019-08-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-15]
CHR Extension: (Gmail) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-09]
CHR Extension: (Chrome Media Router) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-12]
CHR Profile: C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-06-25]
CHR Profile: C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-09-16]
CHR Notifications: Profile 1 -> hxxps://meet.google.com; hxxps://www.facebook.com
CHR Extension: (Slides) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-01]
CHR Extension: (Docs) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-01]
CHR Extension: (Google Drive) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-01]
CHR Extension: (Bitmoji) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfgdeiadkckfbkeigkoncpdieiiefpig [2020-05-10]
CHR Extension: (YouTube) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-01]
CHR Extension: (Random Number Generator) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ckdkgoogioikcpmpmoecocgfdangpecg [2020-08-30]
CHR Extension: (One Click Full Page Screenshot) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchfhilphcokdhfmikknmgdbmklbnnle [2020-06-09]
CHR Extension: (Sheets) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-01]
CHR Extension: (Google Docs Offline) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-12]
CHR Extension: (Save to Google Drive) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2020-06-09]
CHR Extension: (GIPHY for Chrome) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlleokkdhkflpmghiioglgmnminbekdi [2020-09-08]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2020-09-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-20]
CHR Extension: (Gmail) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-17]
CHR Extension: (Chrome Media Router) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-12]
CHR Profile: C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-09-16]
CHR Notifications: Profile 2 -> hxxps://www.hometalk.com; hxxps://www.marthastewart.com; hxxps://www.urbanoutfitters.com
CHR StartupUrls: Profile 2 -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://mail2.spectrum.net/mail#email","hxxps://www.google.com/","hxxps://docs.google.com/spreadsheets/d/1dYJBgETB5NSUM9yq8JGJFMXNN-2FFPdAHlm7O8F0lVA/edit#gid=1926935297"
CHR NewTab: Profile 2 ->  Not-active:"chrome-extension://fhjpekndimioildjhjfglcdgpahjoich/dist/html/houzz.html"
CHR Extension: (Google Translate) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-04-15]
CHR Extension: (Slides) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-03]
CHR Extension: (Docs) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-03]
CHR Extension: (Google Drive) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-03]
CHR Extension: (Bitmoji) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bfgdeiadkckfbkeigkoncpdieiiefpig [2020-05-10]
CHR Extension: (YouTube) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-03]
CHR Extension: (Honey) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-09-13]
CHR Extension: (Sheets) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-03]
CHR Extension: (Houzz Save Button) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fhjpekndimioildjhjfglcdgpahjoich [2020-09-12]
CHR Extension: (Google Docs Offline) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-13]
CHR Extension: (Save to Google Drive) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2020-06-09]
CHR Extension: (Pinterest Save Button) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-09-15]
CHR Extension: (GIPHY for Chrome) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jlleokkdhkflpmghiioglgmnminbekdi [2020-09-08]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2020-09-15]
CHR Extension: (No Name) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-09-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Instant Eyedropper) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\okkpedjcdhfkhjnfcbebpdpnhdhibeic [2020-07-15]
CHR Extension: (Gmail) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-12]
CHR Profile: C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\System Profile [2020-06-08]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-1344096843-1429473437-65493552-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc. -> McAfee, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_19_7\McApExe.exe [747896 2019-09-17] (McAfee, LLC. -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [455584 2017-09-27] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.2.117.0\\McCSPServiceHost.exe [2226608 2019-10-22] (McAfee, LLC. -> McAfee, LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1731480 2019-10-21] (McAfee, LLC -> McAfee, LLC.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.20.5.39\NortonSecurity.exe [344760 2020-07-23] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.20.5.39\nsWscSvc.exe [1056096 2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1367040 2019-09-19] (McAfee, LLC. -> McAfee, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [38536 2020-05-22] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [990856 2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [189928 2018-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1634096 2020-08-24] (WildTangent Inc -> )
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [66968 2018-11-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\BASHDefs\20200914.001\BHDrvx64.sys [1952136 2019-10-02] (Symantec Corporation -> Symantec Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-12] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\ccSetx64.sys [192248 2020-07-23] (Symantec Corporation -> Symantec Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75696 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516960 2020-08-03] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154464 2020-08-12] (Symantec Corporation -> Broadcom)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\IPSDefs\20200916.001\IDSvia64.sys [1478496 2020-08-31] (Symantec Corporation -> Broadcom)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2019-08-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [563640 2019-08-31] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107448 2019-08-31] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
S3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [71104 2018-03-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSP64.SYS [889704 2020-07-23] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SRTSPX64.SYS [50920 2020-07-23] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SYMEFASI64.SYS [1964384 2020-07-23] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\SymELAM.sys [25080 2020-07-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-14] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.16.2.22\SymPlatform\SymEvnt.sys [712368 2020-01-18] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\Ironx64.SYS [316488 2020-07-23] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\symnets.sys [575328 2020-07-23] (Symantec Corporation -> Symantec Corporation)
S3 WacomPen; C:\WINDOWS\System32\drivers\wacompen.sys [31744 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614050.027\wpCtrlDrv.sys [1013792 2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-16 17:02 - 2020-09-16 17:03 - 000042351 _____ C:\Users\Lane Family\Desktop\FRST.txt
2020-09-16 17:02 - 2020-09-16 17:02 - 000000000 ____D C:\FRST
2020-09-16 17:00 - 2020-09-16 17:00 - 002298368 _____ (Farbar) C:\Users\Lane Family\Desktop\FRST64.exe
2020-09-16 07:32 - 2020-09-16 07:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2020-09-16 00:50 - 2020-09-16 00:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2020-09-13 17:45 - 2020-09-13 17:45 - 005806109 _____ C:\Users\Lane Family\Downloads\OnCore_G7_U1_L1.notebook
2020-09-13 15:11 - 2020-09-13 15:11 - 000002495 _____ C:\Users\Lane Family\Desktop\Kimberly - Chrome.lnk
2020-09-13 12:04 - 2020-09-13 12:04 - 000091936 _____ C:\Users\Lane Family\Desktop\Combining Integers.pdf
2020-09-12 09:13 - 2020-09-12 09:13 - 000000000 ____D C:\Users\Lane Family\Documents\TotalAV
2020-09-12 09:12 - 2020-09-12 09:12 - 000000000 ____D C:\ProgramData\TotalAV
2020-09-12 09:12 - 2020-09-12 09:12 - 000000000 ____D C:\ProgramData\SecuritySuite
2020-09-12 09:11 - 2020-09-12 09:12 - 013988288 _____ C:\Users\Lane Family\Downloads\TotalAV_Setup.exe
2020-09-08 14:50 - 2020-09-08 14:50 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-08 14:50 - 2020-09-08 14:50 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-08 14:50 - 2020-09-08 14:50 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-08 14:50 - 2020-09-08 14:50 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-08 14:50 - 2020-09-08 14:50 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-08 14:50 - 2020-09-08 14:50 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-08 14:50 - 2020-09-08 14:50 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-08 14:50 - 2020-09-08 14:50 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-08 14:50 - 2020-09-08 14:50 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-08 14:49 - 2020-09-08 14:50 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-08 14:49 - 2020-09-08 14:49 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-08 14:49 - 2020-09-08 14:49 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-08 14:49 - 2020-09-08 14:49 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-08 14:49 - 2020-09-08 14:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-08 14:48 - 2020-09-08 14:48 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-08 14:48 - 2020-09-08 14:48 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-08 14:48 - 2020-09-08 14:48 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-08 14:48 - 2020-09-08 14:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-08 14:48 - 2020-09-08 14:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-08 14:42 - 2020-08-14 23:25 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-08 14:42 - 2020-08-14 23:15 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-30 20:00 - 2020-08-30 20:00 - 000215325 _____ C:\Users\Lane Family\Downloads\Unit 4C Identifying Triangles LT7-0.pptx
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-16 17:01 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-16 16:49 - 2019-12-21 09:31 - 000000000 ___RD C:\Users\Lane Family\Desktop\BILL RECEIPTS
2020-09-16 16:30 - 2019-10-12 18:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-16 16:01 - 2020-08-12 23:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2020-09-16 15:54 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-16 14:44 - 2018-12-29 17:07 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-12 23:32 - 2019-01-12 09:12 - 000000000 ____D C:\Users\Lane Family\AppData\Local\D3DSCache
2020-09-12 09:40 - 2019-01-01 18:03 - 000002451 _____ C:\Users\Lane Family\Desktop\Kim - Chrome.lnk
2020-09-12 09:36 - 2019-10-12 18:59 - 000936788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-12 09:36 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-12 09:33 - 2020-06-13 13:30 - 000003598 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1344096843-1429473437-65493552-1001
2020-09-12 09:33 - 2020-06-13 13:30 - 000003534 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1344096843-1429473437-65493552-1001
2020-09-12 09:33 - 2020-06-08 14:44 - 000000000 ____D C:\Users\Lane Family\AppData\Roaming\WTablet
2020-09-12 09:33 - 2018-12-29 16:11 - 000000000 ___RD C:\Users\Lane Family\OneDrive
2020-09-12 09:32 - 2019-10-12 18:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-12 09:31 - 2019-03-18 22:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-12 09:31 - 2018-11-09 18:33 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-09-12 09:30 - 2020-02-22 11:42 - 000000000 ____D C:\Users\Lane Family\AppData\Local\Stamps.com Connect
2020-09-12 09:30 - 2020-02-22 11:42 - 000000000 ____D C:\Users\Lane Family\AppData\Local\IIIQ
2020-09-12 09:25 - 2019-11-10 15:01 - 000000000 ___RD C:\Users\Lane Family\Desktop\PDFs
2020-09-11 23:50 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-11 06:39 - 2020-07-02 19:14 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-08 17:42 - 2018-12-29 16:07 - 000000000 ___RD C:\Users\Lane Family\3D Objects
2020-09-08 17:42 - 2018-04-28 00:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-08 17:41 - 2019-10-12 18:49 - 000894056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-08 17:41 - 2019-03-18 22:37 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-09-08 17:41 - 2018-11-09 19:26 - 000000000 ____D C:\Program Files (x86)\McAfee
2020-09-08 17:39 - 2019-03-18 22:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-08 17:39 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-08 17:39 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-08 17:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-08 17:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-08 17:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-08 17:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-08 17:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-08 17:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-08 15:03 - 2018-12-29 16:14 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-08 15:03 - 2018-12-29 16:14 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-08 15:03 - 2018-12-29 16:14 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-08 14:58 - 2019-01-01 11:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-08 14:53 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-08 14:53 - 2019-01-01 11:36 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-08 14:48 - 2019-10-12 18:53 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-05 17:37 - 2020-01-03 19:00 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-09-01 19:23 - 2019-10-12 18:56 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1344096843-1429473437-65493552-1001
2020-09-01 19:23 - 2019-10-12 18:53 - 000002388 _____ C:\Users\Lane Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-31 07:06 - 2019-10-12 18:56 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2020-08-31 06:06 - 2018-11-09 19:26 - 000000000 ____D C:\Program Files\Common Files\av
2020-08-30 20:02 - 2018-12-29 16:07 - 000000000 ____D C:\Users\Lane Family\AppData\Local\Packages
2020-08-30 19:53 - 2019-11-10 15:22 - 000000000 ___RD C:\Users\Lane Family\Desktop\KIM SCHOOL
2020-08-27 22:33 - 2020-07-02 19:14 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-27 22:33 - 2020-07-02 19:14 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-23 12:39 - 2018-12-29 16:11 - 000000000 ____D C:\Users\Lane Family\AppData\Local\PlaceholderTileLogoFolder
2020-08-20 18:03 - 2019-01-01 17:15 - 000000000 ____D C:\Users\Lane Family\Documents\Kim School
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2020
Ran by Lane Family (16-09-2020 17:03:33)
Running from C:\Users\Lane Family\Desktop
Windows 10 Home Version 1903 18362.1082 (X64) (2019-10-13 01:03:19)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1344096843-1429473437-65493552-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1344096843-1429473437-65493552-503 - Limited - Disabled)
Guest (S-1-5-21-1344096843-1429473437-65493552-501 - Limited - Disabled)
Lane Family (S-1-5-21-1344096843-1429473437-65493552-1001 - Administrator - Enabled) => C:\Users\Lane Family
WDAGUtilityAccount (S-1-5-21-1344096843-1429473437-65493552-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: McAfee VirusScan (Enabled - Up to date) {2624E002-54CC-27F9-FD39-B2DD14D41191}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
FW: McAfee Firewall (Disabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon Music (HKU\S-1-5-21-1344096843-1429473437-65493552-1001\...\Amazon Amazon Music) (Version: 7.12.0.2203 - Amazon.com Services LLC)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2020.0402.0133.2802 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon TS6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS6300_series) (Version: 1.01 - Canon Inc.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
H&R Block Deluxe + Efile + State 2018 (HKLM-x32\...\{87F75E61-4B61-431D-875D-0ACB48DD3285}) (Version: 18.05.7601 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2019 (HKLM-x32\...\{CFD891DB-B198-4549-A4F6-D5E8A66BD239}) (Version: 19.05.9801 - HRB Technology, LLC.)
H&R Block Montana 2018 (HKLM-x32\...\{66433CB1-62B4-41A1-B5AE-8694F775A4D2}) (Version: 1.18.5301 - H&R Block, Inc.)
H&R Block Montana 2019 (HKLM-x32\...\{E29B62D7-70A9-4A5B-9F0B-376048E827B4}) (Version: 1.19.7301 - H&R Block, Inc.)
hdAlbum EZ (HKLM-x32\...\{014BBF3C-D9C4-4FD0-857D-E7DDC95263C0}) (Version: 1.7.1.6 - Canon Inc.)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{C54DEA1F-7A8D-410B-A675-04E0FB562CB0}) (Version: 40.13.54.81239 - HP)
HP ENVY 5660 series Basic Device Software (HKLM\...\{C5A9B553-4AB1-40A2-B3EE-502DD5FDD16E}) (Version: 40.13.1176.1978 - HP Inc.)
HP ENVY 5660 series Help (HKLM-x32\...\{607F50D9-40BD-4F17-A584-152F563293B4}) (Version: 34.0.0 - Hewlett Packard)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP Google Drive Plugin (HKLM-x32\...\{533B4739-13DD-4AAB-9524-070B3F0CE6ED}) (Version: 40.13.54.81239 - HP)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Support Assistant (HKLM-x32\...\{F322B446-B157-4257-B44F-4F22D41F8EDB}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{20907839-6188-46EF-8AE7-141C86EDE13F}) (Version: 12.18.34.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1808.12.0.1102 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.3.1031 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C693010C-7727-4824-9A13-8C7A5E43209A}) (Version: 16.5.3.1031 - Intel Corporation)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R22 - McAfee, LLC.)
Microsoft 365 - en-us (HKLM\...\o365homepremretail - en-us) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Home and Student 2019 - en-us (HKLM\...\HomeStudent2019Retail - en-us) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1344096843-1429473437-65493552-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\NGC) (Version: 22.20.5.39 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Pdf995 (installed by H&R Block) (HKLM-x32\...\Pdf995) (Version: 15.0s - )
PdfEdit995 (installed by H&R Block) (HKLM-x32\...\PdfEdit995) (Version:  - )
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.5.0 - Canon Inc.)
PrintMaster 2012 Platinum (HKLM-x32\...\5354-7805-5584-7014) (Version: 4.0.0.230 - Encore Software Inc.)
Product Improvement Study for HP ENVY 5660 series (HKLM\...\{4ADA077C-CCBC-41ED-91D9-985CCBE26090}) (Version: 40.13.1176.1978 - HP Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 20.0) (Version: 20.0.0 - RealNetworks)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8924.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.108 - REALTEK Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.39-1 - Wacom Technology Corp.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.46 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.424 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 1.0.0.59 - WildTangent) Hidden
Zoom (HKU\S-1-5-21-1344096843-1429473437-65493552-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
 
Packages:
=========
Animal Mothers -> C:\Program Files\WindowsApps\Microsoft.AnimalMothers_1.0.0.0_neutral__8wekyb3d8bbwe [2019-11-10] (Microsoft Corporation)
Animals of Yellowstone -> C:\Program Files\WindowsApps\Microsoft.AnimalsofYellowstone_1.0.0.0_neutral__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.42.2.0_x86__kgqvnymyfvs32 [2020-09-08] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1851.4.0_x86__kgqvnymyfvs32 [2020-09-11] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\Nordcurrent.CookingFever_8.0.0.4_x86__m9bz608c1b9ra [2020-03-26] (Nordcurrent)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-16] (Dropbox Inc.)
Fibonacci Sequence in Nature -> C:\Program Files\WindowsApps\Microsoft.FibonacciSequenceinNature_10.0.0.0_neutral__8wekyb3d8bbwe [2018-12-30] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-29] (Fitbit)
Ghost Town by Tracy Hymas -> C:\Program Files\WindowsApps\Microsoft.GhostTownbyTracyHymas_1.0.0.0_neutral__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2018-11-09] (HP Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-12-29] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.39.0_x64__wafk5atnkzcwy [2020-06-05] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10824.5409.0_x64__8wekyb3d8bbwe [2020-09-09] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
PDF to JPEG -> C:\Program Files\WindowsApps\40066DaniyalSyed.PDFtoJPEG_1.2.0.1000_x64__qzfwg6dxbppre [2019-08-17] (Daniyal Syed) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.21.1.0_x64__nfy108tqq3p12 [2020-08-25] (Thumbmunkeys Ltd)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-12-29] (Plex)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-01-25] (CYBERLINKCOM CORP)
Priceline.com: The Best Deals on Hotels, Flights and Rental Cars -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Priceline.comTheBestDealso_2.0.3.0_x64__mgae2k3ys4ra0 [2020-09-11] (Priceline Partner Network)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.20.87.0_x64__kx24dqmazqk8j [2020-08-31] (Random Salad Games LLC)
Store Logo Tool -> C:\Program Files\WindowsApps\19715ShinsukeKobayashi.StoreLogoTool_1.1.4.0_x64__tkd1dncheft0e [2019-08-17] (Shinsuke Kobayashi)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2019-12-22] (WildTangent Games)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-06-29] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-09-17] (McAfee, LLC. -> McAfee, LLC.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.5.39\NavShExt.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.5.39\NavShExt.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-06-29] () [File not signed] [File is in use]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpcontextmenu.dll [2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-04-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.5.39\buShell.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-09-17] (McAfee, LLC. -> McAfee, LLC.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.5.39\NavShExt.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.sl_anet] => C:\Windows\SysWOW64\sl_anet.acm [89088 2001-08-20] (Sipro Lab Telecom Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2001-08-20] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.MP43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2001-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2001-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2001-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [291408 2001-08-20] (Microsoft Corporation) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Lane Family\Desktop\Kim - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Lane Family\Desktop\Kimberly - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Lane Family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Kim's Work - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2019-11-16 12:23 - 2019-11-16 12:23 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-09-08 17:53 - 2020-09-08 17:53 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\29642c0a15a1efe6ee19ee53ba3101a7\BRIDGECommon.ni.dll
2020-09-08 17:54 - 2020-09-08 17:54 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\0afdfc0235959ad807a69332c0e7d6c1\BridgeExtension.ni.dll
2020-09-08 17:54 - 2020-09-08 17:54 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\72922f78c0a99d51799ec8d7f1bafdf6\CleanStartController.ni.dll
2020-09-08 17:54 - 2020-09-08 17:54 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\987aa9ef5bff89c46ea49780c3b7be7a\Interop.IWshRuntimeLibrary.ni.dll
2020-09-08 17:54 - 2020-09-08 17:54 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\43d4df61eff899153e2e8f744bf47c13\RegistrationUtilities.ni.dll
2019-03-10 12:22 - 2014-03-05 10:18 - 000040448 _____ () [File not signed] C:\WINDOWS\System32\pdf995mon64.dll
2020-01-03 19:06 - 2017-11-02 16:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2020-01-03 19:06 - 2017-11-02 16:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2019-03-09 13:51 - 2018-03-07 19:48 - 002286592 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Lane Family\AppData\Local\Amazon Music\QtCore4.dll
2019-03-09 13:51 - 2018-03-07 19:52 - 006324224 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Lane Family\AppData\Local\Amazon Music\QtGui4.dll
2019-03-09 13:51 - 2018-03-07 19:49 - 000808448 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Lane Family\AppData\Local\Amazon Music\QtNetwork4.dll
2020-09-08 17:54 - 2020-09-08 17:54 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\0845e834981b6cea682adf628a0460f5\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-09-08 17:54 - 2020-09-08 17:54 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\27b894899070181d226981fa24fd7aaa\CommonPortable.ni.dll
2018-06-29 15:08 - 2018-06-29 15:08 - 000125952 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-09-08 17:54 - 2020-09-08 17:54 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\8ce80edfba670feaa7213030ea84d46e\NAudio.ni.dll
2020-09-08 17:54 - 2020-09-08 17:54 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\cbd2e9ef65f84c9dd3ff717a97b19d24\Newtonsoft.Json.ni.dll
2020-09-08 17:53 - 2020-09-08 17:53 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\daa0ded155e6d458d65c655739810b66\Newtonsoft.Json.ni.dll
2020-09-08 17:54 - 2020-09-08 17:54 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\39c067a21025ad45e85d05b9d4ee5ca4\log4net.ni.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-04-02 01:31 - 2020-04-02 01:31 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 000173568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 001039872 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-11-16 12:22 - 2019-11-16 12:22 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000289280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000304128 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-11-16 12:23 - 2019-11-16 12:23 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-04-02 01:31 - 2020-04-02 01:31 - 000077824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1344096843-1429473437-65493552-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1344096843-1429473437-65493552-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {F4FF2277-6B22-42A7-A962-3A474EAD2D9F} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {F4FF2277-6B22-42A7-A962-3A474EAD2D9F} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1344096843-1429473437-65493552-1001 -> {F4FF2277-6B22-42A7-A962-3A474EAD2D9F} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealPlayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin64.dll [2020-06-12] (RealNetworks, Inc. -> RealPlayer)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.20.5.39\coIEPlg.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealPlayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin.dll [2020-06-12] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.20.5.39\coIEPlg.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.20.5.39\coIEPlg.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.20.5.39\coIEPlg.dll [2020-07-23] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2019-09-17] (McAfee, LLC. -> McAfee, LLC.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2019-09-17] (McAfee, LLC. -> McAfee, LLC.)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-04-11 17:38 - 2018-04-11 17:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-1344096843-1429473437-65493552-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lane Family\Downloads\Desktop Background (2).jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{58AF8B08-C41D-41E2-932A-96EF3C45EDC5}] => (Allow) C:\Program Files\HP\HP ENVY 5660 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)
FirewallRules: [{FB7EDDD8-6C70-48D7-A4F6-EDA56DEC41C3}] => (Allow) LPort=5357
FirewallRules: [{2C6A6DBD-EE2E-4B01-89D2-8C7AE2FC6EE2}] => (Allow) C:\Program Files\HP\HP ENVY 5660 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.)
FirewallRules: [{17641DF4-838A-4455-91C1-16EBE1BFC104}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16050.11029.20108.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3249AD4B-410B-4F14-8199-5E987DF27707}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{810A79D9-C2B4-406D-9AAC-65B81466C754}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{728B2782-1C24-4D48-985D-CD80897D62C7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{5990D023-716C-4EA0-A669-4CCA3FE53799}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D8B74AE-35A6-4529-BA22-4E0A97E48485}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65841EAA-6685-4438-A7B8-B3E0FAC10C15}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{42BCFD9F-97FE-4719-8419-09349EC8403B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8DA17194-11CA-4256-9A00-964EBE982618}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{837AE716-5581-46EE-8DF4-31B1005A35CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{553E722A-E66F-4ACD-8619-03601B5A35C3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
01-09-2020 03:46:22 Scheduled Checkpoint
08-09-2020 14:41:46 Windows Update
16-09-2020 11:32:23 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/16/2020 03:59:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13244,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/16/2020 05:37:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20148,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/16/2020 03:34:48 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21128,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/15/2020 08:31:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12920,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/15/2020 07:45:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20952,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/15/2020 07:36:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4756,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/15/2020 07:31:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20608,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/15/2020 04:16:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21284,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (08/29/2020 09:37:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IEV2NL5)
Description: The server Windows.Internal.CapabilityAccess.CapabilityAccess did not register with DCOM within the required timeout.
 
Error: (07/20/2020 07:14:12 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.
 
Error: (07/20/2020 07:13:41 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.
 
Error: (07/20/2020 07:13:17 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.
 
Error: (07/20/2020 07:12:59 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.
 
Error: (07/20/2020 07:12:46 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.
 
Error: (07/20/2020 07:12:37 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.
 
Error: (07/20/2020 07:12:33 PM) (Source: Schannel) (EventID: 4116) (User: NT AUTHORITY)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The TLS connection request has failed. The attached data contains the server certificate.
 
 
CodeIntegrity:
===================================
 
Date: 2020-09-16 14:17:42.315
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
 
Date: 2020-09-16 14:17:42.310
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2020-09-16 14:17:42.305
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
 
Date: 2020-09-16 14:17:42.301
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2020-09-16 14:17:42.255
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
 
Date: 2020-09-16 14:17:42.248
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2020-09-16 05:34:21.957
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
 
Date: 2020-09-16 05:34:21.953
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.5.39\symamsi.dll that did not meet the Windows signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: AMI F.12 08/02/2018
Motherboard: HP 843B
Processor: Intel® Core™ i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 59%
Total physical RAM: 12187.26 MB
Available physical RAM: 4976.58 MB
Total Virtual: 16283.26 MB
Available Virtual: 3995.71 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:913.42 GB) (Free:830.53 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.85 GB) (Free:1.95 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{51161ad2-f45c-40f3-8fde-d2873e6dc835}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.5 GB) NTFS
\\?\Volume{cbae8987-9a04-45db-a41d-95ce11b8c94a}\ () (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,142 posts
  • MVP
CHR Extension: (Bing Homepage & Search Engine) - C:\Users\Lane Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2019-08-02]

 

This appears to be the cause.  Go into Chrome and click on the the three dots in the upper right.  Click on More Tools then on Extensions.  Find Bing Homepage & Search Engine then turn it off by clicking on the blue slider.  Hit Remove.  Restart Chrome.  You may need to go back in and reset the home page and search engine (three dots then Settings.  Scroll down to Search Engine and to On Startup and set them to google.  Restart Chrome)

 

There is also a suspicious task from HP
 

Task: {D338218C-E09A-46DC-A77D-9E3CBC5BA4D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [519000 2020-09-09] (HP Inc. -> HP Inc.)

 

 

so if it comes back after a reboot I would search for:

task scheduler

hit Enter

Click on the arrow in front of Task Scheduler Library then on the arrow in front of : Hewlett-Packard

Then on the arrow in front of HP Support Framework

Then click on arrow in front of Resources.  Right click on BingPopup and delete.  If that doesn't work to remove the task post a new FRST scan and I will create a fixlist for you to remove it.

For what it is worth you are running McAfee & Norton.  Even tho only Norton is active McAfee is still using up CPU cycles and slowing you down.  Best to Uninstall McAfee LifeSave and since McAfee's uninstaller doesn't work that well also download The McAfee Consumer  Product Removal Tool - mcpr.exe

http://us.mcafee.com...s/mcpr/mcpr.asp

Save and then right click and Run As Admin.

 

You are also a bit behind in your Windows Version.  You are at 1903 and the latest is 2004.  You can force the update:  Go to https://www.microsof...nload/windows10

click on Update Now.  Download, Save and right click and Run As Admin then follow the prompts.


  • 0

#3
KimberlyFayeLane

KimberlyFayeLane

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

Thank you for responding.  I followed the instructions on deleting the extension, however the Bing Homepage & Search Engine was not listed in my extensions list for me to remove.  Instead, I had to access my %appData% file and delete it from there.  I restarted my computer and it seems to have worked for now.  I hope it will continue to work, but the extension did not show up in the extensions menu.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP