Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-12-2023 Ran by Lin (administrator) on DESKTOP-TB9AP1R (Dell Inc. OptiPlex 790) (08-12-2023 13:51:37) Running from C:\Users\Lin\Desktop\FRST64.exe Loaded Profiles: Lin Platform: Microsoft Windows 10 Home Version 22H2 19045.3758 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (explorer.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (explorer.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (explorer.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <17> (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21752.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21752.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Lin\AppData\Local\Microsoft\OneDrive\23.226.1031.0003\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (Canon Inc. -> CANON INC.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-1976587878-1381545113-1953759822-1003\...\Run: [MicrosoftEdgeAutoLaunch_2A9AA68EC7A79356B9193EA1B23153EB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-29] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon MG2100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAQ.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2100 series: C:\Windows\system32\CNMLMAQ.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2100 series XPS: C:\Windows\system32\CNMXLMAQ.DLL [385536 2011-05-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {42C24B5D-993A-45F9-AD76-77B0B846AD17} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [256512 2023-12-06] (Microsoft Windows -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{93de2c58-ffe8-42f6-9b9d-302fb1219e53}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{e5f92500-5178-4e85-a38d-e9d831f827d5}: [DhcpNameServer] 209.18.47.62 4.2.2.6 208.67.222.222 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Lin\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-08] Edge Extension: (Google Docs Offline) - C:\Users\Lin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-04] Edge Extension: (Edge relevant text changes) - C:\Users\Lin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-06] FireFox: ======== FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.) [File not signed] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 GameInputSvc; C:\Windows\System32\GameInputSvc.exe [50168 2023-12-06] (Microsoft Corporation -> Microsoft Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] (Canon Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9344352 2023-12-08] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2954424 2023-12-08] (Malwarebytes Inc. -> Malwarebytes) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed] R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222784 2023-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [200104 2023-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2023-12-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188008 2023-12-08] (Malwarebytes Inc. -> Malwarebytes) S4 UCPD; C:\Windows\System32\drivers\UCPD.sys [29184 2023-12-06] (Microsoft Windows -> Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2023-12-08 13:06 - 2023-12-08 13:06 - 000188008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2023-12-08 11:29 - 2023-12-08 11:29 - 000001233 _____ C:\Users\Lin\Documents\mwb log file.txt 2023-12-08 08:35 - 2023-12-08 13:47 - 000000000 ____D C:\Users\Lin\AppData\Local\Malwarebytes 2023-12-08 08:35 - 2023-12-08 08:35 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-12-08 08:35 - 2023-12-08 08:35 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2023-12-08 08:34 - 2023-12-08 08:34 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-12-08 08:34 - 2023-12-08 08:34 - 000000000 ____D C:\Program Files\Malwarebytes 2023-12-08 08:31 - 2023-12-08 08:31 - 000001144 _____ C:\Users\Lin\Desktop\mb5setup-5.5-50000.50000.exe - Shortcut.lnk 2023-12-08 08:28 - 2023-12-08 08:28 - 002586176 _____ (Malwarebytes) C:\Users\Lin\Downloads\mb5setup-5.5-50000.50000.exe 2023-12-08 08:27 - 2023-12-08 08:23 - 000001780 _____ C:\Users\Lin\Desktop\AdwCleaner[S00].txt 2023-12-08 08:10 - 2023-12-08 08:10 - 000001018 _____ C:\Users\Lin\Desktop\AdwCleaner.exe - Shortcut.lnk 2023-12-08 08:08 - 2023-12-08 12:46 - 000000000 ____D C:\AdwCleaner 2023-12-08 08:07 - 2023-12-08 08:07 - 008791352 _____ (Malwarebytes) C:\Users\Lin\Downloads\AdwCleaner.exe 2023-12-07 18:03 - 2023-12-07 18:02 - 000001074 _____ C:\Users\Lin\Desktop\eset - Copy.txt 2023-12-07 18:02 - 2023-12-07 18:02 - 000001074 _____ C:\Users\Lin\Desktop\eset.txt 2023-12-07 13:32 - 2023-12-07 13:32 - 001798272 _____ C:\Users\Lin\Downloads\KeyScrambler_Setup.exe 2023-12-07 12:35 - 2023-12-07 12:35 - 000008440 _____ C:\Users\Lin\Downloads\Fixlog.txt 2023-12-07 11:44 - 2023-12-07 11:44 - 000001274 _____ C:\Users\Lin\Desktop\ESET Online Scanner.lnk 2023-12-07 11:43 - 2023-12-07 11:43 - 015274968 _____ (ESET) C:\Users\Lin\Downloads\esetonlinescanner (1).exe 2023-12-07 11:42 - 2023-12-07 11:42 - 015274968 _____ (ESET) C:\Users\Lin\Downloads\esetonlinescanner.exe 2023-12-07 11:30 - 2023-12-07 11:44 - 000001380 _____ C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2023-12-07 11:30 - 2023-12-07 11:30 - 000000000 ____D C:\Users\Lin\AppData\Local\ESET 2023-12-07 10:59 - 2023-12-07 10:59 - 000022748 _____ C:\Users\Lin\Downloads\Addition (1).txt 2023-12-07 10:56 - 2023-12-07 10:56 - 000036107 _____ C:\Users\Lin\Downloads\FRST (1).txt 2023-12-07 09:57 - 2023-12-08 13:28 - 000000000 ____D C:\Users\Lin\Desktop\FRST-OlderVersion 2023-12-07 09:57 - 2023-12-07 11:15 - 000008440 _____ C:\Users\Lin\Desktop\Fixlog.txt 2023-12-07 09:57 - 2023-12-07 09:57 - 000003093 _____ C:\Users\Lin\Desktop\ohrvhlotbd.txt 2023-12-06 14:24 - 2023-12-06 14:24 - 000022748 _____ C:\Users\Lin\Downloads\Addition.txt 2023-12-06 14:19 - 2023-12-06 14:19 - 000036107 _____ C:\Users\Lin\Downloads\FRST.txt 2023-12-06 14:04 - 2023-12-08 13:34 - 000023623 _____ C:\Users\Lin\Desktop\Addition.txt 2023-12-06 13:59 - 2023-12-08 13:52 - 000009295 _____ C:\Users\Lin\Desktop\FRST.txt 2023-12-06 13:55 - 2023-12-06 13:55 - 000000000 ____D C:\Users\Lin\Downloads\FRST-OlderVersion 2023-12-06 13:54 - 2023-12-08 13:52 - 000000000 ____D C:\FRST 2023-12-06 13:54 - 2023-12-08 13:28 - 002384896 _____ (Farbar) C:\Users\Lin\Desktop\FRST64.exe 2023-12-06 10:13 - 2023-12-06 10:13 - 000000000 ____D C:\Windows\InboxApps 2023-12-06 10:03 - 2023-12-06 10:03 - 000016707 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json 2023-12-06 09:42 - 2023-12-06 09:42 - 000000000 ___HD C:\$WinREAgent 2023-12-01 14:17 - 2023-12-01 14:17 - 000355203 _____ C:\Users\Lin\Downloads\[No Subject].zip 2023-12-01 14:16 - 2023-12-01 14:17 - 000513399 _____ C:\Users\Lin\Downloads\mail.eml 2023-11-22 11:55 - 2023-11-22 11:56 - 000000000 _____ C:\Users\Lin\Downloads\PrivacyPolicy.pdf 2023-11-21 13:09 - 2023-11-21 13:09 - 000841678 _____ C:\Users\Lin\Downloads\Used Sold 17″ x 45″ Clausing Metosa EL-1745CS CNC Tool Room Lathe W_Fagor 800T CNC Control at Mac....html 2023-11-21 13:09 - 2023-11-21 13:09 - 000000000 ____D C:\Users\Lin\Downloads\Used Sold 17″ x 45″ Clausing Metosa EL-1745CS CNC Tool Room Lathe W_Fagor 800T CNC Control at Mac..._files 2023-11-13 12:35 - 2023-11-13 12:35 - 004445075 _____ C:\Users\Lin\Downloads\Bridgeport-Vertical-Mill-Manual.pdf 2023-11-13 11:17 - 2023-12-05 07:35 - 000000022 _____ C:\Users\Lin\Downloads\MS532-18N.zip ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2023-12-08 13:21 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\AppReadiness 2023-12-08 13:21 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-12-08 13:10 - 2021-10-21 06:26 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI 2023-12-08 13:10 - 2019-12-07 04:13 - 000000000 ____D C:\Windows\INF 2023-12-08 13:08 - 2021-10-27 08:04 - 000000000 ___RD C:\Users\Lin\OneDrive 2023-12-08 13:06 - 2021-10-21 06:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-12-08 13:06 - 2021-10-21 06:15 - 000008192 ___SH C:\DumpStack.log.tmp 2023-12-08 13:05 - 2021-10-27 07:58 - 000000000 ____D C:\Users\Lin 2023-12-08 13:05 - 2019-12-07 04:03 - 000786432 _____ C:\Windows\system32\config\BBI 2023-12-08 10:24 - 2022-09-22 11:15 - 000004164 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{74CF8895-A983-4CB3-AD47-5387A8A57C41} 2023-12-08 10:21 - 2021-10-21 06:15 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-12-08 08:35 - 2019-12-07 04:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2023-12-07 09:58 - 2021-11-01 14:37 - 000000000 ____D C:\Users\Lin\AppData\LocalLow\Temp 2023-12-06 10:18 - 2021-10-27 08:02 - 000000000 ____D C:\Users\Lin\AppData\Local\Packages 2023-12-06 10:15 - 2021-10-21 06:15 - 000268824 _____ C:\Windows\system32\FNTCACHE.DAT 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SystemResources 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\oobe 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\lv-LV 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\lt-LT 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\et-EE 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\es-MX 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Dism 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\ShellExperiences 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\Provisioning 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-12-06 10:13 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\bcastdvr 2023-12-06 10:13 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\servicing 2023-12-06 10:12 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\CbsTemp 2023-12-06 10:11 - 2019-12-07 04:52 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll 2023-12-06 10:11 - 2019-12-07 04:52 - 000020827 _____ C:\Windows\system32\OEMDefaultAssociations.xml 2023-12-06 10:02 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-12-06 09:38 - 2021-10-31 13:06 - 000000000 ____D C:\ProgramData\CanonIJPLM 2023-12-06 09:22 - 2021-10-21 06:16 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-12-06 09:05 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\NDF 2023-12-05 00:39 - 2021-10-21 06:17 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-12-05 00:39 - 2021-10-21 06:17 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-11-23 11:53 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\LiveKernelReports 2023-11-20 11:38 - 2021-12-11 06:23 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1976587878-1381545113-1953759822-1003 2023-11-20 11:38 - 2021-10-27 08:04 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1976587878-1381545113-1953759822-1003 2023-11-20 11:38 - 2021-10-27 08:04 - 000002377 _____ C:\Users\Lin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\UNP 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\F12 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\Com 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Sysprep 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\ShellExperiences 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\setup 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\migwiz 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Com 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\appraiser 2023-11-16 18:58 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2023-11-16 18:57 - 2019-12-07 04:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-11-16 18:57 - 2019-12-07 04:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-11-16 18:57 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\PrintDialog 2023-11-16 18:57 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\ShellComponents 2023-11-16 18:57 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\IME 2023-11-16 18:57 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-11-16 18:57 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System 2023-11-16 18:57 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-11-16 14:31 - 2019-12-07 04:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2023-11-16 14:31 - 2019-12-07 04:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll 2023-11-16 14:06 - 2021-10-21 06:18 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-11-16 11:52 - 2021-10-27 19:38 - 000000000 ____D C:\Windows\system32\MRT 2023-11-16 11:48 - 2021-10-27 19:38 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Files in the root of some directories ======== 2023-06-11 11:27 - 2023-06-11 11:27 - 000007606 _____ () C:\Users\Lin\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================