Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop infected with virus


  • Please log in to reply

#1
BlueFireDragon

BlueFireDragon

    New Member

  • Member
  • Pip
  • 2 posts

Hi,

 

My laptop is showing symptoms been infected with virus from past 3 days. I frequently get a pop up window on the lower right side of the laptop screen above the bottom bar, stating that my security is risk, McAfee is not disabled, computer is infected with virus please run the scan and so forth.

 

I checked my McAfee account and I have it active with my subscription still ongoing till mid of July.

 

I ran a full scan using McAfee and it removed 1 file. I did run Malwarebytes, and it quarantined around 40 files, but the problem of pop up is still ongoing. 

 

If one of the team members can help with resolving this issue, I will greatly appreciate.

 

FRST Log: 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by MITRUH (administrator) on MITRUH (Dell Inc. Inspiron 15-7569) (21-04-2021 12:29:39)
Running from C:\Users\MITRUH\Downloads
Loaded Profiles: MITRUH
Platform: Windows 10 Home Version 2004 19041.928 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\MITRUH\AppData\Local\WebEx\ciscowebexstart.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\MITRUH\AppData\Local\WebEx\WebEx\Meetings\atmgr.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\MITRUH\AppData\Local\WebEx\WebEx\Meetings_01\atmgr.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\120.4.4598\QtWebEngineProcess.exe <3>
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPDisplayCenter_1.0.25.0_x64__v10z8vjag6ke6\HPDisplayCenter.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Intel® Corporation -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxext.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.0.110.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_12\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(McAfee, LLC. -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MITRUH\AppData\Local\Microsoft\OneDrive\21.052.0314.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MITRUH\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PORTRAIT DISPLAYS, INC. -> ) C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
(PORTRAIT DISPLAYS, INC. -> ) C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
(PORTRAIT DISPLAYS, INC. -> ) C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc) C:\Program Files (x86)\Portrait Displays\HP Display Assistant\dthtml.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Wistron Corporation -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9244152 2017-09-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502712 2017-09-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3885616 2016-03-03] (Wistron Corporation -> Dell Inc.)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502712 2017-09-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [147224 2017-06-27] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [175896 2017-06-27] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [DT HWP] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122336 2016-11-30] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-05-07] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\...\Run: [SendAnywhere] => C:\Program Files\Send Anywhere\Send Anywhere.exe --tray
HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\MITRUH\AppData\Local\WebEx\ciscowebexstart.exe [2841816 2021-04-09] (Cisco WebEx LLC -> Cisco Webex LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09A0FDD7-E12E-4A2F-A6E7-7BD5C17CD044} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {121867B7-CDCB-4E5C-A357-8E8991B27CFD} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [738272 2021-01-14] (McAfee, LLC -> McAfee, LLC)
Task: {1510792B-C5E9-47BC-9A50-BF2C472EC560} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-12-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {3D5AE56A-7F8C-45C5-8AF7-6003286551EA} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {3FCDB8C4-9AA5-440F-88F4-3FB624C285B5} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-01-10] (McAfee, Inc. -> McAfee, LLC.)
Task: {4106CC89-E26D-4FEF-896D-342FADA91CC2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {428DBCA4-10AA-4D41-80DD-CEB682770F7F} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-12-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {4AB3C001-2BD5-4D95-B5AE-7E1608DAD647} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502712 2017-09-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6042BC20-3E9B-43FC-9F46-92490A798672} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {675BE979-FE6A-469A-B5C0-2412F1E23189} - System32\Tasks\WRUStartup => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe [103048 2016-02-24] (Intel® Wireless Display -> )
Task: {7E45BF53-8CEE-4977-9998-5A554BE877EF} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4054696 2021-01-18] (McAfee, LLC -> McAfee, LLC)
Task: {8429F077-37E1-4DBA-9F1E-39C65391313C} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel® Software -> Intel Corporation)
Task: {8DD4A5A7-E6D6-421B-942B-E4104B606500} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {9BE140DA-8E21-4BD8-B323-24CF30A7B696} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-12-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {9E188700-3393-4295-A890-EFAE816BE814} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [993360 2021-01-20] (McAfee, LLC -> McAfee, LLC)
Task: {A8C99BD4-5F2E-4053-A791-9DC351F5C27A} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [439544 2015-12-17] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {B9BC51E8-C694-4BD4-ADA1-FE9CE93B2942} - System32\Tasks\WRU => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe [103048 2016-02-24] (Intel® Wireless Display -> )
Task: {BCA5CE0F-0516-4A71-A92B-CD4D32B640D8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {C14ED784-BB15-49BC-9471-E75127E75F14} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4630104 2021-02-03] (McAfee, LLC -> McAfee, LLC)
Task: {C2AC9A47-94C7-4553-8838-1BE1D256DE51} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {C9A51C23-A203-41F8-B260-198314E8B6F4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F5AB0553-D916-4FDC-BFC9-D27DE33E531E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-05] (Google Inc -> Google Inc.)
Task: {F60FB279-E018-4C9B-8D24-30489643C9D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-05] (Google Inc -> Google Inc.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {F93CEB91-FCDF-4C64-83D1-36CADDDAF505} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [993360 2021-01-20] (McAfee, LLC -> McAfee, LLC)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP MITRUH
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{5a3361f2-a003-418b-b3dc-a5ab24a33bf6}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Edge: 
=======
DownloadDir: C:\Users\MITRUH\Downloads
Edge Notifications: HKU\S-1-5-21-1396299562-1681121779-3916916909-1001 -> hxxps://en.softonic.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\MITRUH\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-21]
Edge DownloadDir: C:\Users\MITRUH\Downloads
Edge Notifications: Default -> hxxps://en.softonic.com; hxxps://t-rex-game.com
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-04-16] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-02-05] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-01-20] (McAfee, LLC -> )
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2021-03-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2021-03-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-01-20] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default [2021-04-21]
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E211US0G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-11]
CHR Extension: (Docs) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-11]
CHR Extension: (Google Drive) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-05]
CHR Extension: (Dashlane - Password Manager) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2021-04-02]
CHR Extension: (Sheets) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-10]
CHR Extension: (Google Docs Offline) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Gmail) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\MITRUH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 Asset Management Daemon; C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe [134624 2016-11-30] (PORTRAIT DISPLAYS, INC. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [41008 2018-01-15] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-04-01] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [142816 2016-11-30] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-07-06] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-07-06] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-04-16] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_12\McApExe.exe [779080 2021-01-15] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.0.110.0\\McCSPServiceHost.exe [2784672 2021-01-05] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1627680 2021-01-20] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4241112 2021-03-29] (McAfee, LLC -> McAfee, LLC)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75712 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
S3 clwvd9; C:\WINDOWS\System32\drivers\clwvd9.sys [60984 2019-09-08] (CyberLink Corp. -> CyberLink Corporation)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corporation -> Wistron Corp.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-04-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-04-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-04-21] (Malwarebytes Inc -> Malwarebytes)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [89112 2021-01-18] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [544704 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [385984 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85944 2020-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522176 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1027520 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [608192 2020-12-17] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107968 2020-12-17] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116672 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252352 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (All) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-04-21 12:29 - 2021-04-21 12:30 - 000031357 _____ C:\Users\MITRUH\Downloads\FRST.txt
2021-04-21 12:28 - 2021-04-21 12:30 - 000000000 ____D C:\FRST
2021-04-21 12:26 - 2021-04-21 12:26 - 002298368 _____ (Farbar) C:\Users\MITRUH\Downloads\Unconfirmed 206140.crdownload
2021-04-21 12:26 - 2021-04-21 12:26 - 002298368 _____ (Farbar) C:\Users\MITRUH\Downloads\FRST64 (1).exe
2021-04-21 12:25 - 2021-04-21 12:25 - 002298368 _____ (Farbar) C:\Users\MITRUH\Downloads\FRST64.exe
2021-04-21 12:24 - 2021-04-21 12:24 - 002298368 _____ (Farbar) C:\Users\MITRUH\Downloads\Unconfirmed 180113.crdownload
2021-04-21 12:23 - 2021-04-21 12:23 - 002298368 _____ (Farbar) C:\Users\MITRUH\Downloads\Unconfirmed 418848.crdownload
2021-04-21 06:55 - 2021-04-21 06:55 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-04-21 06:55 - 2021-04-21 06:55 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-04-21 06:55 - 2021-04-21 06:55 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-04-20 15:24 - 2021-04-21 06:55 - 000000000 ____D C:\ProgramData\McInstTemp0212971618950274
2021-04-19 21:30 - 2021-04-19 21:30 - 000000000 ____D C:\Users\MITRUH\AppData\Local\mbam
2021-04-19 21:30 - 2021-04-19 21:30 - 000000000 ____D C:\Users\MITRUH\AppData\Local\CrashDumps
2021-04-19 21:29 - 2021-04-19 21:29 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-19 21:29 - 2021-04-19 21:29 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-19 21:29 - 2021-04-19 21:29 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-19 21:29 - 2021-04-19 21:29 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-19 21:29 - 2021-04-19 21:29 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-19 21:29 - 2021-04-19 21:29 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-19 21:29 - 2021-04-19 21:29 - 000002023 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-04-19 21:29 - 2021-04-19 21:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-19 21:28 - 2021-04-19 21:28 - 001965536 _____ (Malwarebytes) C:\Users\MITRUH\Downloads\MBSetup-80562.80562-consumer.exe
2021-04-19 21:28 - 2021-04-19 21:28 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-19 21:01 - 2021-04-19 21:01 - 074738640 _____ (McAfee, LLC) C:\Users\MITRUH\Downloads\McAfee_Installer_serial_rR2Fjbur3x8SwQpjTrOQ2_key_affid_0_akey.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 032612872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 031598920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 024272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 023451648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 019870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 018082816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 008239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 007631872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 007547088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 007110656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 006431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 005351440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 004795272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 004311552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 003556568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 003294208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 002660352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 002523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2021-04-16 18:38 - 2021-04-16 18:38 - 002520072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 002254544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2021-04-16 18:38 - 2021-04-16 18:38 - 002205464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 002113568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001880544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001790216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001612288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001570640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 001548624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001542760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001424968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001352744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001185360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001126072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001095168 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 001029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000962232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000951384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSRESM.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSRESM.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000920904 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000805192 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000747856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000680768 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000678200 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000676584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcIsoCtnr.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000600616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2021-04-16 18:38 - 2021-04-16 18:38 - 000441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServerClient.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000414216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSTIFF.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000361056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000308048 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcat.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000267008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXST30.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpresult.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000220496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmdevicehost.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpresult.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2021-04-16 18:38 - 2021-04-16 18:38 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhshl.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2021-04-16 18:38 - 2021-04-16 18:38 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbsapi.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhmanagew.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcwutl.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000129872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PktMon.sys
2021-04-16 18:38 - 2021-04-16 18:38 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvc.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOM.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsrchapi.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOM.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsrchph.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhlisten.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\capiprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhtask.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\adprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapiprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcleanup.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capiprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpapiprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMonApi.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredprovider.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinFax.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000031544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2021-04-16 18:38 - 2021-04-16 18:38 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinFax.dll
2021-04-16 18:38 - 2021-04-16 18:38 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcwrun.exe
2021-04-16 18:38 - 2021-04-16 18:38 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 18:37 - 2021-04-16 18:37 - 017544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 014759936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 010843464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 010352424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 008901912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 008016624 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 007968600 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 007637008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 006363232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 006187008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 006002256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 005749216 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 004743168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 004732928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 004704752 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 004517376 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 004124232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 003938816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 003899904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 003824200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 003817472 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 003815424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 003785544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 003749888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 003597312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 003506992 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 003394048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 003232080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 003063808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002990416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 002919288 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002917888 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 002853712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 002823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002810816 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002750976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002637728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002574848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002473072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002434560 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002350592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002318184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002268976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002251264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002178600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002107864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002024728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 002007360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001977640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001956864 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001951368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001871256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001841152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 18:37 - 2021-04-16 18:37 - 001790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001784496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001767936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001726464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001702416 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001696264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001686528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001663656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001652736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001651200 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001618168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001567560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 001566600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001556192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 001538048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 001510296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001475392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 001461760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001448736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001435648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001415168 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 001394016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001378064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001367040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001331712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001327616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001281968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001258256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001220520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001215792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001189016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 001174864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001128008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001124432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001107968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001089872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 001089296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001075880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001069896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001049528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001041408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001040384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001020416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001016456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001014424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 001000272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000988104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000979792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000967912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000923648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000904528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000896064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000895072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000883728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000873296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000872784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000859392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000852304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000832848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000829496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000825880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000824816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000820560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000799040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000784016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000782656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000764976 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000755080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000754608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000714856 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000707536 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000700368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000688128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000675048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000648712 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000636336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000632536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000625496 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000602448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000598344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000588312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000586064 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000585232 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000577864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000534536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000509232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000507904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000502608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2021-04-16 18:37 - 2021-04-16 18:37 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000475712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000475464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000455480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000454984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000451400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000429696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000420448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000411472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000382792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000379216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000374496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000370888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.DisplayEnhancementOverride.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000360784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000305472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000290616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000264008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000262872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.DisplayEnhancementOverride.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000260944 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000253024 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000250192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\joinutil.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000234296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000229192 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000228680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\joinutil.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000223032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\onex.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000203504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000195680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000195408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000191632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000186976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000186168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000180040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cflapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000160072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000152384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingCSP.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000147280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000147192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000145144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000141128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000132760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000123480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000118600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000118072 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\cxcredprov.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmxmlhelputils.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvHelper.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MuiUnattend.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000102736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000098120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerApi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000097096 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000095608 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000092960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000090960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MuiUnattend.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvHelper.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmxmlhelputils.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000079688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\CEA.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EventAggregation.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000073336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000072312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000069968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000069752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000068432 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000064008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000061776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000059448 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000057672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000057160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\condrv.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000056648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagnosticdataquery.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Apphlpdm.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000031568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Apphlpdm.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000029000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ktmw32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000019776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000017208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000016712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000016704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2021-04-16 18:37 - 2021-04-16 18:37 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2021-04-16 18:37 - 2021-04-16 18:37 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2021-04-16 18:37 - 2021-04-16 18:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2021-04-16 18:24 - 2021-03-26 22:23 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2021-04-16 18:24 - 2021-03-26 22:22 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2021-04-16 18:06 - 2021-04-16 18:06 - 000000000 ____D C:\WINDOWS\PCHEALTH
2021-04-13 16:49 - 2021-04-13 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-04-12 05:51 - 2021-04-12 05:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-04-12 05:51 - 2021-04-12 05:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-04-12 05:51 - 2021-04-12 05:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-04-12 05:51 - 2021-04-12 05:51 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-04-02 14:19 - 2021-04-02 14:19 - 000439154 _____ C:\Users\MITRUH\Downloads\2020_TaxReturn (1).pdf
2021-04-02 14:17 - 2021-04-02 14:18 - 000439154 _____ C:\Users\MITRUH\Downloads\2020_TaxReturn.pdf
2021-03-30 17:52 - 2021-03-30 17:52 - 000080424 _____ C:\Users\MITRUH\Desktop\The Home Depot - Order Confirmation Pergo Laminate Floor.pdf
2021-03-23 16:11 - 2021-03-23 16:11 - 000774144 _____ () C:\Users\MITRUH\Downloads\SkeldLaunch (3).exe
2021-03-22 20:40 - 2021-03-22 20:40 - 000094592 _____ C:\Users\MITRUH\Desktop\AccessDoorsAndPanels.pdf
2021-03-22 14:12 - 2021-03-22 14:12 - 002674688 _____ C:\Users\MITRUH\Downloads\MinecraftInstaller (5).msi
2021-03-22 13:34 - 2021-03-22 13:34 - 000523776 _____ (MCLeaks) C:\Users\MITRUH\Downloads\MCLeaksAuthenticator_4.4.1.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-04-21 12:23 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-21 11:51 - 2020-10-13 19:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-21 10:58 - 2020-10-13 19:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-04-21 08:40 - 2020-10-19 16:23 - 000000000 ____D C:\Users\MITRUH\AppData\Local\Deployment
2021-04-21 07:03 - 2020-10-13 20:00 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-21 07:03 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-21 06:59 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-21 06:57 - 2020-03-19 19:01 - 000000000 ___RD C:\Users\MITRUH\Google Drive
2021-04-21 06:56 - 2020-12-15 17:55 - 000000000 __RSD C:\Users\MITRUH\Documents\McAfee Vaults
2021-04-21 06:56 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-21 06:56 - 2016-11-30 17:49 - 000000000 ___RD C:\Users\MITRUH\OneDrive
2021-04-21 06:56 - 2016-11-30 17:47 - 000000000 __SHD C:\Users\MITRUH\IntelGraphicsProfiles
2021-04-21 06:55 - 2020-10-13 19:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-21 06:55 - 2020-10-13 19:48 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-21 06:55 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-21 06:52 - 2020-07-05 11:16 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-21 06:52 - 2020-07-05 11:16 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-21 06:52 - 2020-07-05 11:16 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-21 06:52 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-21 06:51 - 2016-06-30 14:39 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-21 06:47 - 2020-04-09 11:03 - 000000000 ____D C:\Users\MITRUH\AppData\Local\WebEx
2021-04-20 15:26 - 2020-10-13 19:58 - 000003316 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2021-04-20 14:56 - 2020-10-13 19:58 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 14:56 - 2020-10-13 19:58 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-19 21:35 - 2017-01-01 22:11 - 000000000 ____D C:\Users\MITRUH\AppData\Roaming\PPC-software
2021-04-19 21:29 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-19 21:23 - 2020-09-11 21:17 - 000000000 ____D C:\Users\MITRUH\AppData\Roaming\Send Anywhere
2021-04-19 21:23 - 2020-09-11 21:17 - 000000000 ____D C:\Users\MITRUH\AppData\Roaming\Estmob
2021-04-19 21:21 - 2021-02-20 17:42 - 000000000 ____D C:\Users\MITRUH\AppData\Roaming\JetBrains
2021-04-19 21:21 - 2021-02-20 17:40 - 000000000 ____D C:\Users\MITRUH\Desktop\PythonTyper
2021-04-19 21:21 - 2021-02-20 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PythonTyper
2021-04-19 21:20 - 2021-03-10 17:31 - 000000000 ____D C:\Users\MITRUH\AppData\Local\Bluestacks
2021-04-19 21:20 - 2021-03-07 21:31 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-04-19 21:17 - 2020-06-04 14:11 - 000000000 ____D C:\Users\MITRUH\AppData\Local\Roblox
2021-04-19 20:57 - 2017-05-19 22:11 - 000000000 ____D C:\Users\MITRUH\Desktop\Payments
2021-04-17 10:52 - 2019-12-07 04:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-04-16 19:05 - 2020-10-13 19:48 - 000445984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-16 19:03 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 18:41 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 18:37 - 2020-10-13 19:51 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 18:24 - 2016-12-01 21:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 18:09 - 2016-12-01 21:55 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-14 16:29 - 2017-04-05 15:03 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-14 16:28 - 2017-04-05 15:03 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-04-14 16:28 - 2017-04-05 15:03 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-04-13 16:49 - 2016-06-30 14:44 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-04-12 15:31 - 2020-10-13 20:06 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a1c4c31dbe5f
2021-04-12 15:31 - 2020-10-13 19:58 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-11 19:24 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-11 15:09 - 2018-01-13 22:48 - 000000000 ____D C:\Users\MITRUH\AppData\Local\PlaceholderTileLogoFolder
2021-04-11 12:46 - 2020-04-09 11:03 - 000000000 ____D C:\Users\MITRUH\AppData\LocalLow\WebEx
2021-04-10 11:33 - 2020-10-13 19:58 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2021-04-10 10:09 - 2016-06-30 15:20 - 000000000 ____D C:\ProgramData\Dell
2021-04-10 08:37 - 2020-10-13 19:58 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1396299562-1681121779-3916916909-1001
2021-04-10 08:37 - 2020-10-12 16:31 - 000002372 _____ C:\Users\MITRUH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-05 12:45 - 2021-03-01 18:39 - 000000000 ____D C:\Users\MITRUH\AppData\Roaming\.minecraft
2021-03-24 16:31 - 2020-03-19 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-03-23 16:11 - 2021-03-09 16:33 - 000000000 ____D C:\Users\MITRUH\AppData\Local\skeldlaunch
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
 
Additional Log
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by MITRUH (21-04-2021 12:31:11)
Running from C:\Users\MITRUH\Downloads
Windows 10 Home Version 2004 19041.928 (X64) (2020-10-14 00:58:59)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1396299562-1681121779-3916916909-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1396299562-1681121779-3916916909-503 - Limited - Disabled)
Guest (S-1-5-21-1396299562-1681121779-3916916909-501 - Limited - Disabled)
MITRUH (S-1-5-21-1396299562-1681121779-3916916909-1001 - Administrator - Enabled) => C:\Users\MITRUH
WDAGUtilityAccount (S-1-5-21-1396299562-1681121779-3916916909-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Apple Application Support (64-bit) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
balenaEtcher 1.4.9 (only current user) (HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.4.9 - Balena Inc.)
balenaEtcher 1.5.80 (HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\...\{d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b}) (Version: 1.5.80 - Balena Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\...\ActiveTouchMeetingClient) (Version: 41.1.3 - Cisco Webex LLC)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.9027 - CyberLink Corp.)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Help & Support (HKLM\...\{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6745.47 - Dell)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{E9E87628-7D88-4557-9A80-49B2B4A81460}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{ef6a1215-d616-4e4f-9453-525ed9903031}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Update (HKLM-x32\...\{944FB5B0-9588-45FD-ABE8-73FC879801ED}) (Version: 4.1.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 120.4.4598 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.2.6745.47 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.128 - Google LLC)
HP Display Assistant (HKLM-x32\...\{17B371B7-740F-4C83-BDFE-0C3A2C585103}) (Version: 3.20.016 - Portrait Displays, Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
iCloud (HKLM\...\{F0AD317D-AE18-45D0-BE5B-30074AFE6740}) (Version: 7.19.0.10 - Apple Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.377 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2014.14.0.1540 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{047f2156-ee7f-4a24-b3c2-c0c5c2c81557}) (Version: 1.60.155.0 - Intel Corporation) Hidden
Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel® WiDi (HKLM\...\{E8A2DA8A-CA1A-4F5A-B113-6C34FCC4B6D4}) (Version: 6.0.62.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000110-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{755abcd0-2942-482b-a27d-22921a5849f0}) (Version: 3.0.14.3056 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8909c7f7-2f31-4786-b020-18218d3cabf3}) (Version: 21.40.1 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
Intel® Software Guard Extensions Platform Software (HKLM\...\{D6CE0772-080E-45D4-8CB0-AB2AB9710DFE}) (Version: 1.1.28151.80 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{4a50fa17-2911-43ed-a2a1-d3a34411e2bb}) (Version: 21.110.2.1 - Intel Corporation) Hidden
ISS_Drivers_x64 (HKLM\...\{7E28859E-AD3D-4FC2-8D70-E345F8C87722}) (Version: 3.0.14.3056 - Intel Corporation) Hidden
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R30 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.42 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.35 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8224 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 3.02.002 - Portrait Displays, Inc.) Hidden
Send Anywhere 20.9.10853 (HKLM\...\20db1975-fda0-5740-b262-81be26ba22ab) (Version: 20.9.10853 - Estmob Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
SketchUp 8 (HKLM-x32\...\{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}) (Version: 3.0.15158 - Trimble Navigation Limited)
TEC-IT TBarCode Office 10 (HKLM\...\{B9C3D27C-D72A-4F48-A0A4-8E1758219735}) (Version: 10.9.2.14927 - TEC-IT Datenverarbeitung GmbH)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.585 - McAfee, LLC)
Zoom (HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)
 
Packages:
=========
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2018-04-07] (Adobe Systems Incorporated)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.3.30.0_x86__kgqvnymyfvs32 [2021-04-17] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.191.500.0_x86__kgqvnymyfvs32 [2021-04-17] (king.com)
Dell Shop -> C:\Program Files\WindowsApps\DellInc.DellShop_2.2.1.0_neutral__htrsf667h5kn2 [2021-04-17] (Dell Inc)
HP Display Center -> C:\Program Files\WindowsApps\AD2F1837.HPDisplayCenter_1.0.25.0_x64__v10z8vjag6ke6 [2021-04-17] (HP Inc.) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_126.2.222.0_x64__v10z8vjag6ke6 [2021-04-17] (HP Inc.)
iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_7.0.40.0_x64__a76a11dkgb644 [2021-04-17] (iHeartMedia.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
OverDrive - Library eBooks & Audiobooks -> C:\Program Files\WindowsApps\2FA138F6.OverDriveMediaConsole_3.8.0.5_neutral__daecb9042jmvt [2020-05-16] (OverDrive Inc.)
PDF Reader - View, Edit, Share -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.14.3.0_x64__jhretta7p24aw [2021-04-20] (Kdan Mobile Software Ltd.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-29] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1396299562-1681121779-3916916909-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\MITRUH\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-1396299562-1681121779-3916916909-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\MITRUH\Dropbox [2016-11-30 18:04]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-01-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-05-07] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.47.0.dll [2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-01-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2021-04-21 06:56 - 2021-04-21 06:56 - 000114176 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\_ctypes.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000172544 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\_elementtree.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 002255872 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\_hashlib.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000032256 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\_multiprocessing.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000046080 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\_psutil_windows.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000047616 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\_socket.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 002824704 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\_ssl.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000026112 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\_yappi.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000080896 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\bz2.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000015872 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\common.time34.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000007680 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\hashobjs_ext.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000301568 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\PIL._imaging.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000168448 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\pyexpat.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 001084416 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\pysqlite2._sqlite.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000548864 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\pythoncom27.dll
2021-04-21 06:56 - 2021-04-21 06:56 - 000137728 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\pywintypes27.dll
2021-04-21 06:56 - 2021-04-21 06:56 - 000010752 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\select.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000020992 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\thumbnails_ext.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000689664 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\unicodedata.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000119808 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\usb_ext.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000128512 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32api.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000438784 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32com.shell.shell.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000011776 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32crypt.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000023040 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32event.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000149504 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32file.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000223232 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32gui.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000048128 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32inet.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000029696 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32pdh.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000027648 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32pipe.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000044032 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32process.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000020480 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32profile.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000136192 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32security.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000026624 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\win32ts.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000034304 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\windows.conditional.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000037888 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\windows.connectivity.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000071680 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\windows.device_monitor.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000103936 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\windows.volumes.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000019968 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\windows.winwrap.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 001325056 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wx._controls_.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 001489408 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wx._core_.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 001007104 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wx._gdi_.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000103424 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wx._html2.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 000916992 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wx._misc_.pyd
2021-04-21 06:56 - 2021-04-21 06:56 - 001039872 _____ () [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wx._windows_.pyd
2020-09-02 14:58 - 2002-01-05 03:40 - 000487424 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\MSVCP70.dll
2020-09-02 14:58 - 2002-01-05 03:37 - 000344064 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\MSVCR70.dll
2020-10-13 17:08 - 2020-10-13 17:08 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2020-10-13 17:08 - 2020-10-13 17:08 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2020-10-13 17:07 - 2020-10-13 17:07 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2021-04-21 06:56 - 2021-04-21 06:56 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\python27.dll
2021-04-21 06:56 - 2021-04-21 06:56 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wxbase30u_net_vc90_x64.dll
2021-04-21 06:56 - 2021-04-21 06:56 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wxbase30u_vc90_x64.dll
2021-04-21 06:56 - 2021-04-21 06:56 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wxmsw30u_adv_vc90_x64.dll
2021-04-21 06:56 - 2021-04-21 06:56 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wxmsw30u_core_vc90_x64.dll
2021-04-21 06:56 - 2021-04-21 06:56 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wxmsw30u_html_vc90_x64.dll
2021-04-21 06:56 - 2021-04-21 06:56 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MITRUH\AppData\Local\Temp\_MEI63002\wxmsw30u_webview_vc90_x64.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope {1E6189DA-895A-450F-8A9F-A90985D8EC93} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {1E6189DA-895A-450F-8A9F-A90985D8EC93} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL => No File
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-04-16] (McAfee, LLC -> McAfee, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2021-03-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-04-16] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2021-03-14] (Oracle America, Inc. -> Oracle Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-01-20] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-01-20] (McAfee, LLC -> McAfee, LLC)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 02:24 - 2015-10-30 02:21 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts
 
2020-09-02 20:48 - 2020-09-02 20:48 - 000000500 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 MitRuh.mshome.net # 2025 9 2 2 1 48 36 870
192.168.137.132 MWD38B-17278c.mshome.net # 2020 9 4 10 1 48 36 870
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\TEC-IT\TBarCode\10.2\;C:\Program Files\Common Files\TEC-IT\TBarCode\10.2\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL
HKU\S-1-5-21-1396299562-1681121779-3916916909-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\dell\bluelava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_rgb.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{07A5A5DB-859C-41F0-B524-86E1FF1375A1}] => (Allow) C:\Users\MITRUH\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EE752B51-6C39-47B7-B0D8-C564F3A07464}] => (Allow) C:\Users\MITRUH\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0FD22CFE-ADD1-4A9D-8034-FA74FE35940A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File
FirewallRules: [{C0C8DFB5-FAFD-4623-B53D-F18AE6DDE679}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File
FirewallRules: [{4CDE48C9-C762-4850-90E5-BFBB9F1C224A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File
FirewallRules: [{A41D3A59-C24E-42E9-AA08-B988002EAE40}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File
FirewallRules: [{29E6290F-7181-4AEF-B436-FC5CFB5B7ABF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe => No File
FirewallRules: [{3ABA0549-96B4-49CE-BDE5-F49BFFDE1AD4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1FB137EF-2295-4634-9733-F9B42A765FD6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D65E953F-83F0-488A-BA09-C456F29ED6ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B5A4EE65-2C8E-401F-B52E-BB9D6198B8B8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{907FC698-A4CF-4D96-815F-B6D301D51189}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{CB18D345-FC55-4791-8D24-468BB11F7751}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{59680C1A-3FCA-4241-93EC-EAFC6469089C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{EAE010BE-D60C-454E-87A8-534A6B3E0E23}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{8EC7A80A-AA47-47EE-B226-3173010006AE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{0694443C-4790-4DA9-9CAC-9CE1E6649C2D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{F9B3D2EF-1F6E-4302-94DE-68AC1F071ED1}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{1649CB16-2265-4319-9876-9F0293523333}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{BBD9B460-2904-42AA-A31E-EB104D28C35A}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{31956E24-EF1B-4EE4-9DC9-765B6FB921E8}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{D51B2029-F60D-41E2-95F1-238E1FF49144}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{82605FAB-389F-4411-9407-FE70BA9DC483}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6FF0748D-A3D7-4F2C-97C4-A8F54C3E321B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{30035A8A-C403-43C0-9189-653A1D8569B9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{BAA6F9A1-C31A-42A6-BE30-BFE04605EC4F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{F490DB27-B8DC-429E-9642-F5B641CB2150}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{BD6D04A3-7DC8-4788-899B-D1799E6E9F1D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{47D208BF-84AA-4BDD-A48F-55F24733019D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{7149FDAE-9FCC-42B1-A6A2-2B26E4E6974B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CB1F68-3CFF-4478-BBAA-9E9B7D36DA8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{678A6C8B-06FC-4C7F-BA1A-0E4463661CFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB7580B2-4DBF-4112-AAC7-DBA3E9556BFE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Restore Points =========================
 
19-04-2021 21:19:47 Removed Minecraft Launcher
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (04/21/2021 11:51:12 AM) (Source: Service1) (EventID: 0) (User: )
Description: Failed in handling the PowerEvent. The error that occurred was: System.ArgumentOutOfRangeException: Time-out interval must be less than 2^32-2.
Parameter name: dueTm
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, TimeSpan dueTime, TimeSpan period)
   at OTBSurvey.Controller.SetSurveyRequestTimer()
   at OTBSurvey.OTBSurveyService.OnPowerEvent(PowerBroadcastStatus powerStatus)
   at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).
 
Error: (04/21/2021 11:51:11 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.3.10209.6897) TYPE: ERROR MODULE: DPTF TIME 17757481 ms
 
DPTF Build Version:  8.3.10209.6897
DPTF Build Date:  Aug 21 2018 21:44:24
Source File:  ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function:  PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:  
DPTF Build Version:  8.3.10209.6897
DPTF Build Date:  Aug 21 2018 21:44:24
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function:  EsifServices::primitiveExecuteSetAsUInt32
Message:  Error returned from ESIF services interface function call
Participant:  TCPU [0]
Domain:  CPU [1]
ESIF Primitive:  SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_ACPI_EVAL_FAILURE [1105]
 
 
Policy:  Passive Policy [2]
 
Error: (04/21/2021 11:51:11 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.3.10209.6897) TYPE: ERROR MODULE: DPTF TIME 17757475 ms
 
DPTF Build Version:  8.3.10209.6897
DPTF Build Date:  Aug 21 2018 21:44:24
Source File:  ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function:  PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:  
DPTF Build Version:  8.3.10209.6897
DPTF Build Date:  Aug 21 2018 21:44:24
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function:  EsifServices::primitiveExecuteSetAsUInt32
Message:  Error returned from ESIF services interface function call
Participant:  TCPU [0]
Domain:  CPU [1]
ESIF Primitive:  SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_ACPI_EVAL_FAILURE [1105]
 
 
Policy:  Passive Policy [2]
 
Error: (04/21/2021 08:06:37 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {bf6b99db-5c6d-4aa4-901a-b96420eb9bac}
 
Error: (04/21/2021 08:04:14 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {bf6b99db-5c6d-4aa4-901a-b96420eb9bac}
 
Error: (04/21/2021 06:57:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DeliveryService.exe, version: 3.5.2013.0, time stamp: 0x5d025c33
Faulting module name: KERNELBASE.dll, version: 10.0.19041.906, time stamp: 0x26452a2a
Exception code: 0xe0434352
Fault offset: 0x0012a6e2
Faulting process id: 0x4240
Faulting application start time: 0x01d736a5921a4f8b
Faulting application path: C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 90446bb8-6aec-46f4-a6f3-8fda957949d5
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/21/2021 06:57:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DeliveryService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at Dell.ClientFulfillmentService.ClientFulfillmentService.RetrieveAppConfig()
   at Dell.ClientFulfillmentService.ClientFulfillmentService.ProcessAppConfig()
   at Dell.ClientFulfillmentService.ClientFulfillmentService.InitializeService(System.Object)
   at System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.TimerQueueTimer.CallCallback()
   at System.Threading.TimerQueueTimer.Fire()
   at System.Threading.TimerQueue.FireNextTimers()
   at System.Threading.TimerQueue.AppDomainTimerCallback(Int32)
 
Error: (04/21/2021 06:56:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname MitRuh.local already in use; will try MitRuh-2.local instead
 
 
System errors:
=============
Error: (04/21/2021 06:58:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/21/2021 06:55:29 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The IntelAudioService service terminated with the following service-specific error: 
The operation completed successfully.
 
Error: (04/21/2021 06:52:41 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Malwarebytes Service service did not shut down properly after receiving a preshutdown control.
 
Error: (04/21/2021 06:52:27 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error: (04/21/2021 06:52:27 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error: (04/21/2021 06:52:27 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error: (04/21/2021 06:52:27 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error: (04/21/2021 06:52:27 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
 
CodeIntegrity:
===============
Date: 2021-04-21 10:29:02
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.23.0 01/19/2021
Motherboard: Dell Inc. 094N21
Processor: Intel® Core™ i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 71%
Total physical RAM: 8051.63 MB
Available physical RAM: 2280.86 MB
Total Virtual: 9331.63 MB
Available Virtual: 1562.82 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:227.26 GB) (Free:70.54 GB) NTFS
 
\\?\Volume{9a3af194-2ac1-4910-a2bd-913d689dfbf3}\ () (Fixed) (Total:0.85 GB) (Free:0.4 GB) NTFS
\\?\Volume{2ba15135-6fea-41d2-a55c-bc2ba86c044b}\ (Image) (Fixed) (Total:9.75 GB) (Free:0.65 GB) NTFS
\\?\Volume{c125f094-f778-44b5-8d41-47f450d7fa78}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 19813340)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 
 
 

  • 0

Advertisements


#2
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,634 posts

Hello.

Welcome to GTG Forums. EPFGbk7.gif

I will be assisting you regarding your computer's issues. Here, we will check your computer for malware.

Please, adhere to the guidelines below, and then carefully follow, with the same order, all the instructions after:

1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

4. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

5. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.

 

 

================================

 

I am currently reviewing your logs. I will be back to you soon.


  • 0

#3
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,634 posts

Hello.
 
Here are my first comments/instructions regarding your logs:
 
1. Take a screenshot
 
Please take a screenshot of the pop-up you are getting and attach it in your next reply. If you need to see how to do that, here is a useful article. Use Method 2.
 
2. Google Drive Sync at Start-up
 
Do you want this feature to be enabled at Start-up? With this enabled, many temporary files are created in the Temp folder every time you log in Windows. This is fine if you don't have a disk space problem. Tell me if you would like to disable it.
 
3. Outdated Java
 
You have an old version of Java, and this is a security risk. I recommend you to completely uninstall Java and install the latest version of the product only if you really need it. This can be done at the end of the cleaning procedure.
 
To uninstall Java:

  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following program on the list:
Java 8 Update 261
  • Select the above program and click Uninstall.
  • Restart the computer.

 

4. FRST fix

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
SearchScopes: HKLM -> DefaultScope {1E6189DA-895A-450F-8A9F-A90985D8EC93} URL =
SearchScopes: HKLM-x32 -> DefaultScope {1E6189DA-895A-450F-8A9F-A90985D8EC93} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL => No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
FirewallRules: [{0FD22CFE-ADD1-4A9D-8034-FA74FE35940A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File
FirewallRules: [{C0C8DFB5-FAFD-4623-B53D-F18AE6DDE679}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File
FirewallRules: [{4CDE48C9-C762-4850-90E5-BFBB9F1C224A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File
FirewallRules: [{A41D3A59-C24E-42E9-AA08-B988002EAE40}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File
FirewallRules: [{29E6290F-7181-4AEF-B436-FC5CFB5B7ABF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe => No File
FirewallRules: [{31956E24-EF1B-4EE4-9DC9-765B6FB921E8}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{6FF0748D-A3D7-4F2C-97C4-A8F54C3E321B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{30035A8A-C403-43C0-9189-653A1D8569B9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{BAA6F9A1-C31A-42A6-BE30-BFE04605EC4F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{F490DB27-B8DC-429E-9642-F5B641CB2150}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{BD6D04A3-7DC8-4788-899B-D1799E6E9F1D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{47D208BF-84AA-4BDD-A48F-55F24733019D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {4106CC89-E26D-4FEF-896D-342FADA91CC2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C2AC9A47-94C7-4553-8838-1BE1D256DE51} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E211US0G0&p={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

 

In your next reply please post:

  1. The pop-up screenshot
  2. Your reply about Google Drive Sync
  3. Your decision about Java
  4. The fixlog.txt

  • 1

#4
BlueFireDragon

BlueFireDragon

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
  • The pop-up screenshot  >>> I am unable to insert pictures in the box as it gives me message "You are not allowed to use that image extension on this community." Also I do not see an attachment button  on my tool bar to separately attach pics to this string. Please guide me how to share.
  • Your reply about Google Drive Sync >>> don't need google drive to sync at start-up. I just want it to sync when I make a change.
  • Your decision about Java >>> yes I am willing to remove the dated version. I can install the latest version. Have not removed yet, will wait for your call when to do it.
  • The fixlog.txt >>> below 

    

 
 
Fixlog Txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by MITRUH (21-04-2021 17:53:25) Run:1
Running from C:\Users\MITRUH\Downloads
Loaded Profiles: MITRUH
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
SearchScopes: HKLM -> DefaultScope {1E6189DA-895A-450F-8A9F-A90985D8EC93} URL =
SearchScopes: HKLM-x32 -> DefaultScope {1E6189DA-895A-450F-8A9F-A90985D8EC93} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Update Health Tools\Office14\GROOVEEX.DLL => No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
FirewallRules: [{0FD22CFE-ADD1-4A9D-8034-FA74FE35940A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File
FirewallRules: [{C0C8DFB5-FAFD-4623-B53D-F18AE6DDE679}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File
FirewallRules: [{4CDE48C9-C762-4850-90E5-BFBB9F1C224A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File
FirewallRules: [{A41D3A59-C24E-42E9-AA08-B988002EAE40}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File
FirewallRules: [{29E6290F-7181-4AEF-B436-FC5CFB5B7ABF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe => No File
FirewallRules: [{31956E24-EF1B-4EE4-9DC9-765B6FB921E8}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{6FF0748D-A3D7-4F2C-97C4-A8F54C3E321B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{30035A8A-C403-43C0-9189-653A1D8569B9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{BAA6F9A1-C31A-42A6-BE30-BFE04605EC4F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{F490DB27-B8DC-429E-9642-F5B641CB2150}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{BD6D04A3-7DC8-4788-899B-D1799E6E9F1D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{47D208BF-84AA-4BDD-A48F-55F24733019D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {4106CC89-E26D-4FEF-896D-342FADA91CC2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C2AC9A47-94C7-4553-8838-1BE1D256DE51} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=E211US0G0&p={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
EmptyTemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub) => removed successfully
HKLM\Software\Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub) => removed successfully
HKLM\Software\Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) => removed successfully
HKLM\Software\Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder) => removed successfully
HKLM\Software\Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark) => removed successfully
HKLM\Software\Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => removed successfully
HKLM\Software\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0FD22CFE-ADD1-4A9D-8034-FA74FE35940A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0C8DFB5-FAFD-4623-B53D-F18AE6DDE679}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CDE48C9-C762-4850-90E5-BFBB9F1C224A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A41D3A59-C24E-42E9-AA08-B988002EAE40}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29E6290F-7181-4AEF-B436-FC5CFB5B7ABF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{31956E24-EF1B-4EE4-9DC9-765B6FB921E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FF0748D-A3D7-4F2C-97C4-A8F54C3E321B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30035A8A-C403-43C0-9189-653A1D8569B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BAA6F9A1-C31A-42A6-BE30-BFE04605EC4F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F490DB27-B8DC-429E-9642-F5B641CB2150}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD6D04A3-7DC8-4788-899B-D1799E6E9F1D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47D208BF-84AA-4BDD-A48F-55F24733019D}" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4106CC89-E26D-4FEF-896D-342FADA91CC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4106CC89-E26D-4FEF-896D-342FADA91CC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2AC9A47-94C7-4553-8838-1BE1D256DE51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2AC9A47-94C7-4553-8838-1BE1D256DE51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
HKLM\System\CurrentControlSet\Services\DBUtilDrv2 => removed successfully
DBUtilDrv2 => service removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 60135833 B
Java, Flash, Steam htmlcache => 11707 B
Windows/system/drivers => 2008643 B
Edge => 2023886481 B
Chrome => 122014210 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 599336 B
systemprofile32 => 599336 B
LocalService => 709894 B
NetworkService => 717188 B
MITRUH => 1580591727 B
 
RecycleBin => 0 B
EmptyTemp: => 3.5 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 18:04:41 ====


  • 0

#5
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,634 posts

Hi, BlueFireDragon.
 
Yes, if you decided to uninstall Java, do that now. If you need it, you are going to install the latest version at the end of the cleaning procedure here.
 

The pop-up screenshot  >>> I am unable to insert pictures in the box as it gives me message "You are not allowed to use that image extension on this community." Also I do not see an attachment button  on my tool bar to separately attach pics to this string. Please guide me how to share.

 
Have you used the snipping tool and saved the screenshot on your Desktop?
 
Then, start replying to my post here, making sure that you have selected the More Reply Options, so the Attach Files option appears.
 
Browse for the saved screenshot and press the Attach This File button.

 

After that...


1. Run AdwCleaner (Scan mode)

Download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan Now.
    • When the scan has finished, a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab.
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.

 

2. Run Malwarebytes (Scan mode)

  • Open Malwarebytes you have already installed.
  • Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
    Under the title Scan Options, all the options are checked.
    Under the title Windows Security Center (Premium only) the option is NOT CHECKED.
    Under the title Potentially unwanted items all options are set to Always.
  • Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
  • When finished, you will see the Threat Scan Summary window open.

 

If threats are not found, click View Report and proceed to the two last steps below.

If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below.

  • Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
  • Find the report with the most recent date and double click on it.
  • Click on Export and then Copy to Clipboard.
  • Paste its content here, in your next reply.

 

 

In your next reply, please post:

  • The screenshot with the popup (if it appears)
  • The AdwCleaner[S0*].txt
  • The Malwarebytes report

Attached Thumbnails

  • Reply1.JPG
  • Reply2.JPG

  • 0






Similar Topics

4 user(s) are reading this topic

1 members, 3 guests, 0 anonymous users


    BlueFireDragon

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP