Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by Harley (administrator) on LAPTOP-CDGMUTU5 (Acer Aspire ES1-531) (03-07-2020 20:24:10)
Running from C:\Users\Harley\Desktop
Loaded Profiles: Harley
Platform: Windows 10 Home Version 1903 18362.900 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE
() [File not signed] C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE
(Acer Incorporated -> ) C:\OEM\Preload\FubTracking\FubTracking.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{2249F5F2-EA92-432B-8967-4C188ABFDDB7}\MicrosoftEdge_X64_83.0.478.58_81.0.416.62.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\EDGEMITMP_61B62.tmp\setup.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-04-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2017-09-28] (Acer Incorporated -> )
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7657984 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2143908317-127953287-3357993830-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (the data entry has 102 more characters).
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\WINDOWS\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\WINDOWS\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-23] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-11-21]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\Users\Harley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Find Fast.lnk [2017-10-03]
ShortcutTarget: Microsoft Find Fast.lnk -> C:\Program Files (x86)\Microsoft Office\Office\FINDFAST.EXE () [File not signed]
Startup: C:\Users\Harley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series (Copy 1).lnk [2017-11-02]
ShortcutAndArgument: Monitor Ink Alerts - HP Deskjet 1510 series (Copy 1).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN3CN17H7X05YR;CONNECTION=USB;MONITOR=1;
Startup: C:\Users\Harley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Office Startup.lnk [2017-10-03]
ShortcutTarget: Office Startup.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA.EXE () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {029C151A-C126-4DF9-8AB4-090C27FAAAA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-16] (Google LLC -> Google LLC)
Task: {0FF3BCEF-60EC-4CC3-BA54-0C0271AC5E4C} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E601866-0B0D-40A8-B141-4FDD9DDC7CEA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {2B9DE66C-39DE-4029-864C-2FEA8286AAE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-16] (Google LLC -> Google LLC)
Task: {329CE147-BA97-4402-8DC0-D081D67FAEA4} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {39E304B8-F66C-4057-920C-91E7F68B8906} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {3E5253D1-1D45-4E2B-B05C-DCD90E4B673C} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [379232 2015-07-09] (Acer Incorporated -> Acer Incorporated)
Task: {40F60863-909E-4DDE-BE47-3A47F2A8F6E3} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> )
Task: {484C2704-0DDD-41EA-BF63-595941AD65A0} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384256 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {4EF5732F-3506-440F-98F3-5FDC7CD22560} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-04-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {52489F98-F930-4F9C-8550-E5B2D2F99E36} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1390472 2019-11-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {5F7970FF-11F6-4EC6-8994-3091C8DC564E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {63B22EC6-226F-44AD-A2D5-32D5D8346ADD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-09] (Adobe Inc. -> Adobe)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-10] (Acer Incorporated -> )
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [3438680 2016-09-24] (AVAST Software a.s. -> AVAST Software)
Task: {B9B14FF8-F82E-423F-927F-9BDC75E68E29} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-04-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {CFC884A2-479E-4D58-84FB-D7DECC63B6F1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6cb56c45-36d5-4065-bcbd-f734154b49a8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a46ce1cf-302b-4674-a373-0b7c8276d3b0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2143908317-127953287-3357993830-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2143908317-127953287-3357993830-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2143908317-127953287-3357993830-1001 -> DefaultScope {F02A6038-51E2-4D69-86A7-38258E4572F0} URL =
SearchScopes: HKU\S-1-5-21-2143908317-127953287-3357993830-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2143908317-127953287-3357993830-1001 -> {F02A6038-51E2-4D69-86A7-38258E4572F0} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll => No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Edge:
======
Edge Profile: C:\Users\Harley\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-03]
FireFox:
========
FF DefaultProfile: vir9bmod.default
FF ProfilePath: C:\Users\Harley\AppData\Roaming\Mozilla\Firefox\Profiles\vir9bmod.default [2020-06-16]
FF Extension: (Dashlane) - C:\Users\Harley\AppData\Roaming\Mozilla\Firefox\Profiles\vir9bmod.default\Extensions\
[email protected] [2017-01-05] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Users\Harley\AppData\Roaming\Mozilla\Firefox\Profiles\vir9bmod.default\Extensions\
[email protected] [2016-09-10] [Legacy] [not signed]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\
[email protected] [2015-07-16] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Default [2020-07-02]
CHR Notifications: Default -> hxxps://www.alibaba.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://webstart-page.com/?s=acer&m=home&brw=ch
CHR StartupUrls: Default -> "hxxps://www.bing.com/?PC=XC03"
CHR Extension: (Docs) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Google Drive) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-11]
CHR Extension: (YouTube) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11]
CHR Extension: (XLS Viewer, Editor) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbibndgecbnjegkheljekcmjicebpfmg [2018-08-22]
CHR Extension: (Sheets) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-16]
CHR Profile: C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-07-03]
CHR Extension: (Slides) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-18]
CHR Extension: (Docs) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-18]
CHR Extension: (Google Drive) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-18]
CHR Extension: (YouTube) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-18]
CHR Extension: (Sheets) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-18]
CHR Extension: (Google Docs Offline) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-07]
CHR Extension: (Gmail) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\Harley\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [416072 2018-06-26] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-04-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-04-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated -> Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370640 2019-03-27] (Intel Corporation -> Intel Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] (Huawei Technologies Co., Ltd. -> )
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6828424 2019-11-20] (AVAST Software s.r.o. -> AVAST Software)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [69440 2018-06-26] (Qualcomm Atheros -> Qualcomm)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7409320 2019-03-27] (Intel Corporation -> Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-05-27] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-03 20:24 - 2020-07-03 20:27 - 000027250 _____ C:\Users\Harley\Desktop\FRST.txt
2020-07-03 20:19 - 2020-07-03 20:19 - 002798456 _____ (Sysinternals - www.sysinternals.com) C:\Users\Harley\Desktop\procexp.exe
2020-07-03 20:11 - 2020-07-03 20:11 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-03 20:11 - 2020-07-03 20:11 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-03 20:11 - 2020-07-03 20:11 - 000002280 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-07-03 20:10 - 2020-07-03 20:17 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-07-03 20:10 - 2020-07-03 20:17 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-07-02 22:13 - 2020-07-02 22:37 - 000054358 _____ C:\Users\Harley\Downloads\Addition.txt
2020-07-02 22:04 - 2020-07-02 22:37 - 000089379 _____ C:\Users\Harley\Downloads\FRST.txt
2020-07-02 22:03 - 2020-07-03 20:26 - 000000000 ____D C:\FRST
2020-07-02 22:03 - 2020-07-02 22:03 - 002291712 _____ (Farbar) C:\Users\Harley\Desktop\FRST64.exe
2020-07-02 21:22 - 2020-07-02 21:22 - 000000017 _____ C:\Users\Harley\AppData\Local\resmon.resmoncfg
2020-06-28 13:06 - 2020-06-28 13:07 - 000000000 ____D C:\Users\Harley\Desktop\Barrel King
2020-06-28 13:05 - 2020-06-28 13:05 - 003114905 _____ C:\Users\Harley\Downloads\Barrel King.zip
2020-06-28 13:05 - 2020-06-28 13:05 - 003114905 _____ C:\Users\Harley\Downloads\Barrel King (1).zip
2020-06-28 11:44 - 2020-06-28 21:09 - 000009971 _____ C:\Users\Harley\Documents\Keg Prices.xlsx
2020-06-26 19:24 - 2020-06-26 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-26 10:17 - 2020-06-26 10:17 - 000000165 ____H C:\Users\Harley\Downloads\~$Kegs 2020.xlsx
2020-06-25 18:11 - 2020-06-25 18:11 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-06-25 18:11 - 2020-06-25 18:11 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-06-25 18:11 - 2020-06-25 18:11 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-06-25 18:11 - 2020-06-25 18:11 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-06-24 23:04 - 2020-06-24 23:04 - 000081909 _____ C:\Users\Harley\Downloads\BK01_VECTOR.ai
2020-06-24 09:48 - 2020-06-24 09:48 - 000000165 ____H C:\Users\Harley\Documents\~$bar font cost prices (Autosaved).xlsx
2020-06-22 16:46 - 2020-06-22 16:46 - 000002377 _____ C:\Users\Harley\Desktop\Google Chrome.lnk
2020-06-22 10:58 - 2020-06-22 10:59 - 000000000 ____D C:\Users\Harley\Desktop\Union Pride
2020-06-22 10:57 - 2020-06-22 10:57 - 002106634 _____ C:\Users\Harley\Downloads\Union Pride.zip
2020-06-19 09:03 - 2020-06-19 14:32 - 1347444736 _____ C:\Users\Harley\Downloads\farnsworth v rowland.mov
2020-06-18 22:21 - 2020-06-26 11:20 - 000015346 _____ C:\Users\Harley\Downloads\Kegs 2020.xlsx
2020-06-18 18:22 - 2020-06-19 08:24 - 3633598464 _____ C:\Users\Harley\Downloads\brown v mcnamara.mov
2020-06-17 21:45 - 2019-11-05 12:21 - 000009966 _____ C:\Users\Harley\Desktop\YOUTUBESTATS.xlsx
2020-06-16 20:28 - 2020-06-23 11:41 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-16 20:27 - 2020-06-16 20:27 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-16 20:27 - 2020-06-16 20:27 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-16 10:40 - 2020-06-16 10:40 - 000001479 _____ C:\Users\Harley\Desktop\WinX HD Video Converter Deluxe.lnk
2020-06-16 10:36 - 2020-06-16 10:38 - 054904704 _____ (Digiarty Software, Inc. ) C:\Users\Harley\Downloads\winx-hd-converter-deluxe.exe
2020-06-16 10:21 - 2020-06-16 10:41 - 000000000 ____D C:\Users\Harley\AppData\Roaming\Digiarty
2020-06-16 10:17 - 2020-06-16 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2020-06-16 10:17 - 2020-06-16 20:09 - 000000000 ____D C:\Program Files (x86)\Digiarty
2020-06-16 10:14 - 2020-06-16 10:15 - 031132944 _____ (Digiarty Software, Inc. ) C:\Users\Harley\Downloads\winx-free-video-converter.exe
2020-06-16 10:03 - 2020-06-16 10:03 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2020-06-16 10:02 - 2020-06-16 10:03 - 000000000 ____D C:\Wondershare UniConverter
2020-06-16 10:02 - 2020-06-16 10:02 - 000000000 ____D C:\Users\Harley\AppData\Roaming\Wondershare
2020-06-16 10:01 - 2020-06-16 10:01 - 000000000 ____D C:\ProgramData\GraphicsType
2020-06-16 10:00 - 2020-06-16 10:00 - 000000000 ____D C:\Users\Harley\AppData\Local\Wondershare
2020-06-16 10:00 - 2020-06-16 10:00 - 000000000 ____D C:\ProgramData\Wondershare MediaServer
2020-06-16 09:58 - 2020-06-16 20:13 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-06-16 09:58 - 2020-06-16 10:02 - 000000000 ____D C:\ProgramData\Wondershare
2020-06-16 09:56 - 2020-06-16 09:57 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-06-16 09:56 - 2020-06-16 09:57 - 000000000 ____D C:\ProgramData\Documents\Wondershare
2020-06-16 09:56 - 2020-06-16 09:56 - 000990312 _____ C:\Users\Harley\Downloads\video-converter-ultimate_setup_full975.exe
2020-06-15 16:45 - 2020-06-15 16:46 - 025869248 _____ C:\Users\Harley\Downloads\david funny line.mp4
2020-06-15 12:46 - 2020-06-16 08:23 - 674934784 _____ C:\Users\Harley\Downloads\cunningham v davies.mov
2020-06-15 01:57 - 2020-06-15 12:23 - 588394496 _____ C:\Users\Harley\Downloads\hibbott v day.mov
2020-06-12 01:45 - 2020-06-05 22:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-12 01:45 - 2020-06-05 22:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-11 23:28 - 2020-06-11 23:28 - 000006444 _____ C:\Users\Harley\Downloads\
[email protected] Email Setup.mobileconfig
2020-06-11 12:47 - 2020-06-11 12:47 - 000002419 _____ C:\Users\Harley\Downloads\glass-drinks.svg
2020-06-11 01:06 - 2020-06-11 01:06 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-11 01:06 - 2020-06-11 01:06 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-11 01:06 - 2020-06-11 01:06 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-11 01:06 - 2020-06-11 01:06 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-11 01:06 - 2020-06-11 01:06 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-11 01:05 - 2020-06-11 01:06 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-11 01:05 - 2020-06-11 01:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-11 01:05 - 2020-06-11 01:05 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-11 01:05 - 2020-06-11 01:05 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-11 01:05 - 2020-06-11 01:05 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-11 01:05 - 2020-06-11 01:05 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-11 01:05 - 2020-06-11 01:05 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-11 01:05 - 2020-06-11 01:05 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-11 01:05 - 2020-06-11 01:05 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-11 01:05 - 2020-06-11 01:05 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-11 01:04 - 2020-06-11 01:04 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-11 01:04 - 2020-06-11 01:04 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-11 01:04 - 2020-06-11 01:04 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-11 01:04 - 2020-06-11 01:04 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-11 01:04 - 2020-06-11 01:04 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-11 01:04 - 2020-06-11 01:04 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-11 01:04 - 2020-06-11 01:04 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-11 01:04 - 2020-06-11 01:04 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-11 01:03 - 2020-06-11 01:03 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-11 01:03 - 2020-06-11 01:03 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-11 01:03 - 2020-06-11 01:03 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-11 01:03 - 2020-06-11 01:03 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-11 01:03 - 2020-06-11 01:03 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-11 01:03 - 2020-06-11 01:03 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-11 01:03 - 2020-06-11 01:03 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-11 01:03 - 2020-06-11 01:03 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-11 01:03 - 2020-06-11 01:03 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-11 01:03 - 2020-06-11 01:03 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-11 00:29 - 2020-05-15 05:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-11 00:29 - 2020-05-15 05:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-10 08:47 - 2020-06-10 08:47 - 001955766 _____ C:\Users\Harley\Downloads\IMG_5961.MOV
2020-06-08 10:20 - 2020-06-08 10:20 - 210218195 _____ C:\Users\Harley\Downloads\Jordan Shepherd v Simon Fitzsimmons. FINAL of Taom Shootout 2019 Event 1 Feb 2019 (1).mp4
2020-06-08 10:19 - 2020-06-08 10:21 - 287351156 _____ C:\Users\Harley\Downloads\Jordan Shepherd v Liam Dunster. FINAL of Taom Shootout 2019 Event 2. 20 Apr 19. Murphys Doncaster (1).mp4
2020-06-08 10:18 - 2020-06-08 10:19 - 248623651 _____ C:\Users\Harley\Downloads\Liam Dunster vs Mat Lawrenson _ Final _ Milton Keynes _ Taom Pool Shootout.mp4
2020-06-08 10:13 - 2020-06-08 10:14 - 275564805 _____ C:\Users\Harley\Downloads\Patty McCarron vs Jordan Shepherd _ Final _ Savannas Manchester _ Taom Pool Shootout (2).mp4
2020-06-08 09:53 - 2020-06-12 11:17 - 000011865 _____ C:\Users\Harley\Documents\faroe footie.xlsx
2020-06-08 09:53 - 2020-06-08 09:53 - 000000165 ____H C:\Users\Harley\Documents\~$faroe footie.xlsx
2020-06-07 20:01 - 2020-06-08 19:41 - 000012220 _____ C:\Users\Harley\Documents\vat feb-apr20.xlsx
2020-06-07 20:01 - 2020-06-07 20:01 - 000000165 ____H C:\Users\Harley\Documents\~$vat feb-apr20.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-03 20:29 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-03 20:17 - 2019-09-23 03:31 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-03 20:17 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-03 20:13 - 2017-11-09 19:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-07-03 20:13 - 2016-05-20 19:41 - 000000000 __SHD C:\Users\Harley\IntelGraphicsProfiles
2020-07-03 20:10 - 2019-09-23 03:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-03 20:01 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-07-03 16:32 - 2019-09-23 03:19 - 000000000 ____D C:\Users\Harley
2020-07-03 16:13 - 2019-09-23 03:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-03 10:41 - 2016-05-20 19:41 - 000000000 ____D C:\Users\Harley\AppData\Local\VirtualStore
2020-07-02 21:40 - 2019-09-23 03:43 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2143908317-127953287-3357993830-1001
2020-07-02 21:40 - 2019-09-23 03:19 - 000002370 _____ C:\Users\Harley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-02 21:40 - 2016-05-20 19:48 - 000000000 ___RD C:\Users\Harley\OneDrive
2020-07-02 21:37 - 2018-07-12 23:01 - 000000000 ____D C:\Users\Harley\AppData\Local\D3DSCache
2020-07-02 21:24 - 2019-03-19 05:52 - 000000000 ____D C:\PerfLogs
2020-07-02 16:55 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-28 11:42 - 2018-03-20 22:44 - 000000000 ____D C:\Users\Harley\AppData\Local\Power Query Telemetry
2020-06-26 19:26 - 2020-04-08 15:43 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-26 00:14 - 2019-11-19 12:13 - 000004294 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2020-06-25 00:35 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-25 00:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-24 10:07 - 2020-05-14 15:16 - 000012295 _____ C:\Users\Harley\Documents\bar font cost prices (Autosaved).xlsx
2020-06-22 16:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-06-20 21:16 - 2020-03-21 16:58 - 000000000 ____D C:\Users\Harley\AppData\Local\PokerStars.UK
2020-06-20 21:10 - 2020-03-21 16:58 - 000000000 ____D C:\Program Files (x86)\PokerStars.UK
2020-06-17 11:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-06-17 00:46 - 2019-02-11 02:42 - 000000000 ____D C:\Users\Harley\Documents\Orange Media Files
2020-06-16 20:27 - 2016-09-11 01:04 - 000000000 ____D C:\Program Files (x86)\Google
2020-06-16 19:52 - 2019-09-23 03:07 - 000474328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-12 01:45 - 2018-03-02 09:01 - 000000000 ___RD C:\Users\Harley\3D Objects
2020-06-12 01:45 - 2016-02-13 18:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-12 01:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-12 01:36 - 2019-03-19 12:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-12 01:36 - 2019-03-19 12:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-12 01:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-12 01:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-12 00:09 - 2020-04-08 15:50 - 000000000 ___RD C:\Users\Harley\Dropbox
2020-06-11 01:03 - 2019-09-23 03:12 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-09 20:55 - 2019-09-23 03:43 - 000004602 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-06-09 20:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-09 20:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-04 16:59 - 2018-03-02 03:07 - 000000000 ____D C:\Users\Harley\AppData\Local\Packages
==================== Files in the root of some directories ========
2019-04-01 19:26 - 2019-04-01 19:26 - 000009659 _____ () C:\Users\Harley\AppData\Local\recently-used.xbel
2020-07-02 21:22 - 2020-07-02 21:22 - 000000017 _____ () C:\Users\Harley\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2020
Ran by Harley (03-07-2020 20:32:10)
Running from C:\Users\Harley\Desktop
Windows 10 Home Version 1903 18362.900 (X64) (2019-09-23 02:44:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2143908317-127953287-3357993830-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2143908317-127953287-3357993830-503 - Limited - Disabled)
Guest (S-1-5-21-2143908317-127953287-3357993830-501 - Limited - Disabled)
Harley (S-1-5-21-2143908317-127953287-3357993830-1001 - Administrator - Enabled) => C:\Users\Harley
WDAGUtilityAccount (S-1-5-21-2143908317-127953287-3357993830-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-428eae2c-9e05-492a-985a-f36ddac22115) (Version: 3.0.2.118 - WildTangent) Hidden
7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
AI Viewer (HKLM-x32\...\{8C8292F3-7D93-4D40-9738-B24165D7E7CD}_is1) (Version: - IdeaMK)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Dino Storm (HKLM-x32\...\WildTangentGDF-acer-dinostorm) (Version: 13.0.0.6 - WildTangent) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 100.4.409 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Home Makeover (HKLM-x32\...\WTA-f2bf7eb9-e377-484f-8cde-dbb7152c6ea8) (Version: 3.0.2.59 - WildTangent) Hidden
HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5070 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-b9eca6f0-f350-409b-80b6-7cfb979d1682) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-d55a4c69-9aca-46c0-bd47-30a8aafd5860) (Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-4f8f4d42-f753-460a-acd0-d2dc96643b21) (Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 81.0.416.62 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 97, Professional Edition (HKLM-x32\...\Office8.0) (Version: - )
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2143908317-127953287-3357993830-1001\...\OneDriveSetup.exe) (Version: 20.114.0607.0001 - Microsoft Corporation)
Microsoft Power Query for Excel (x64) (HKLM\...\{E68A5B31-8D5D-463C-929A-2C6CA5F3C0F8}) (Version: 2.54.4970.321 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23824 (HKLM-x32\...\{aa0a3183-d329-4308-b8eb-4ed9fbe0a010}) (Version: 14.0.23824.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.25.00.21 - Huawei Technologies Co.,Ltd)
Movavi Video Suite 16 (HKLM-x32\...\Movavi Video Suite 16) (Version: 16.5.0 - Movavi)
Movavi Video Suite 18 (HKU\S-1-5-21-2143908317-127953287-3357993830-1001\...\Movavi Video Suite 18) (Version: 18.2.0 - Movavi)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-34fb3df7-7fa1-468d-b159-6c215f62b392) (Version: 3.0.2.59 - WildTangent) Hidden
Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{35DB2630-846E-47C5-AF84-9D6AC3629F55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rory's Restaurant (HKLM-x32\...\WTA-50fce378-1db4-4ede-903b-d8bba2a72c0d) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-a45a3a05-8eaf-448a-b0c5-1c16a11f485c) (Version: 3.0.2.126 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SimpleMind desktop Pro 1.23.2d (HKLM-x32\...\SMPRO1_is1) (Version: 1.23.2d - ModelMaker Tools BV)
Telegram Desktop version 1.2.6 (HKU\S-1-5-21-2143908317-127953287-3357993830-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.2.6 - Telegram Messenger LLP)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden
Virtual Pool 4 Online (HKLM-x32\...\{87EFFD60-AA79-4CF3-B3A6-3AEC47E493E6}) (Version: 4.5.4.0 - Celeris)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.16 - WildTangent) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Driver Package - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Windows Driver Package - Intel Corporation (iai2ce) System (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Windows Driver Package - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinX HD Video Converter Deluxe 5.15.6 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-08-11] (Acer Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.170.800.0_x86__kgqvnymyfvs32 [2020-06-18] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-18] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa [2020-05-23] (Apple Inc.) [Startup Task]
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2016-05-21] (AMZN Mobile LLC)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2018-12-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2018-12-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad]
MineSweeper (Free) -> C:\Program Files\WindowsApps\50834ZAppsStudio.MineSweeperFree_1.1.27.0_x64__fr8j70y4p4pst [2020-06-22] (Z Apps Studio) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-17] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-11] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-23] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-26] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.135.458.0_x86__zpdnekdrzrea0 [2020-06-23] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2143908317-127953287-3357993830-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Harley\Dropbox [2020-04-08 15:50]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Harley\Desktop\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-27] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Harley\Desktop\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.40.0.dll [2020-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Users\Harley\Desktop\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Harley\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Harley\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Orange (
[email protected]) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
1996-11-21 00:00 - 1996-11-21 00:00 - 003774224 _____ () [File not signed] C:\Program Files (x86)\Microsoft Office\Office\MSO97.DLL
2018-03-03 19:51 - 2018-01-28 16:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Users\Harley\Desktop\7-Zip\7-zip.dll
1996-11-21 00:00 - 1996-11-21 00:00 - 000005904 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Microsoft Office\Office\osaintl.dll
2019-11-20 00:15 - 2019-11-20 00:14 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2143908317-127953287-3357993830-1001\...\amazon.co.uk -> hxxps://amazon.co.uk
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2143908317-127953287-3357993830-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Launch BetTrader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "isa"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2143908317-127953287-3357993830-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E252DCF6-CD52-4BF6-8A7E-26F10DF98D31}] => (Allow) C:\Program Files (x86)\ModelMakerTools\SimpleMind\1.23.2\iPhoneLink.exe (SimpleApps -> SimpleApps)
FirewallRules: [{47207378-CE51-49CF-97E0-CE9E155ED936}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{B857FA43-9973-4E29-A247-8CC9AAF4F0B5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{8ED2EACC-863B-43AF-AFED-247AFAE53E24}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{07E2E778-89FE-49DA-A222-5B83D39F9457}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{88378351-27F3-48B5-BCFA-624DE4120830}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{AF52775A-5F90-4421-97C0-117B15D77E88}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{D08DD7C6-D871-4D07-AB76-480B40340346}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{279BDFBC-3138-4C7E-99A7-7BCFB2AD3CA5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [UDP Query User{27D43001-28C8-42EA-9F4B-5A3AAA7C28B2}C:\users\harley\desktop\stellite wallet\stellite cli\stellite 1.2.4.2\stellited.exe] => (Allow) C:\users\harley\desktop\stellite wallet\stellite cli\stellite 1.2.4.2\stellited.exe () [File not signed]
FirewallRules: [TCP Query User{4D528A9A-5382-4F45-A202-08744A5D2E50}C:\users\harley\desktop\stellite wallet\stellite cli\stellite 1.2.4.2\stellited.exe] => (Allow) C:\users\harley\desktop\stellite wallet\stellite cli\stellite 1.2.4.2\stellited.exe () [File not signed]
FirewallRules: [UDP Query User{D636A50D-535F-4854-8922-5F2BDB432737}C:\users\harley\desktop\stellite wallet\stellite gui wallet 1.0.2\stellite-wallet-gui.exe] => (Allow) C:\users\harley\desktop\stellite wallet\stellite gui wallet 1.0.2\stellite-wallet-gui.exe () [File not signed]
FirewallRules: [TCP Query User{1D1D2179-2FDC-44DD-980F-A9BF8853867C}C:\users\harley\desktop\stellite wallet\stellite gui wallet 1.0.2\stellite-wallet-gui.exe] => (Allow) C:\users\harley\desktop\stellite wallet\stellite gui wallet 1.0.2\stellite-wallet-gui.exe () [File not signed]
FirewallRules: [UDP Query User{5F43A9BE-E685-43BB-B7AB-CE00582FB02D}C:\users\harley\desktop\stellite wallet\stellite gui wallet 1.0.2\stellited.exe] => (Allow) C:\users\harley\desktop\stellite wallet\stellite gui wallet 1.0.2\stellited.exe => No File
FirewallRules: [TCP Query User{B911AF0D-8ACB-4622-8856-2DE5C4ADA3C2}C:\users\harley\desktop\stellite wallet\stellite gui wallet 1.0.2\stellited.exe] => (Allow) C:\users\harley\desktop\stellite wallet\stellite gui wallet 1.0.2\stellited.exe => No File
FirewallRules: [UDP Query User{C79C781D-74FA-423E-9FB1-527A91BBE1E4}C:\users\harley\desktop\turtlecoin\turtlecoin-v0.3.2-windows\turtlecoin-v0.3.2\turtlecoind.exe] => (Allow) C:\users\harley\desktop\turtlecoin\turtlecoin-v0.3.2-windows\turtlecoin-v0.3.2\turtlecoind.exe () [File not signed]
FirewallRules: [TCP Query User{957C65B2-EAF5-4D72-892E-92B4E34F3CBF}C:\users\harley\desktop\turtlecoin\turtlecoin-v0.3.2-windows\turtlecoin-v0.3.2\turtlecoind.exe] => (Allow) C:\users\harley\desktop\turtlecoin\turtlecoin-v0.3.2-windows\turtlecoin-v0.3.2\turtlecoind.exe () [File not signed]
FirewallRules: [UDP Query User{557402EF-0059-4F23-9B35-EEF2AB6DEA18}C:\users\harley\desktop\intense\intensecoin.exe] => (Allow) C:\users\harley\desktop\intense\intensecoin.exe () [File not signed]
FirewallRules: [TCP Query User{729A7B16-45D0-4DF6-9142-ACBF060C31F4}C:\users\harley\desktop\intense\intensecoin.exe] => (Allow) C:\users\harley\desktop\intense\intensecoin.exe () [File not signed]
FirewallRules: [UDP Query User{5DFC2757-E094-4842-96FF-D09D991C2231}C:\users\harley\desktop\sld\sld\sldd.exe] => (Allow) C:\users\harley\desktop\sld\sld\sldd.exe () [File not signed]
FirewallRules: [TCP Query User{342443B1-B982-48FA-87A6-ABBA6106D45F}C:\users\harley\desktop\sld\sld\sldd.exe] => (Allow) C:\users\harley\desktop\sld\sld\sldd.exe () [File not signed]
FirewallRules: [UDP Query User{B4203E30-489E-4B64-93B9-CDA1ED593AF7}C:\users\harley\appdata\roaming\paccoin\paccoin-qt.exe] => (Allow) C:\users\harley\appdata\roaming\paccoin\paccoin-qt.exe => No File
FirewallRules: [TCP Query User{C2D21A60-D215-4E43-98CE-4E96770AED44}C:\users\harley\appdata\roaming\paccoin\paccoin-qt.exe] => (Allow) C:\users\harley\appdata\roaming\paccoin\paccoin-qt.exe => No File
FirewallRules: [UDP Query User{A84D201A-551B-4427-8ABB-43944E92B834}C:\users\harley\desktop\steelite\bin\stellited.exe] => (Allow) C:\users\harley\desktop\steelite\bin\stellited.exe () [File not signed]
FirewallRules: [TCP Query User{284D21D5-E181-46FD-96DF-364E6918AD05}C:\users\harley\desktop\steelite\bin\stellited.exe] => (Allow) C:\users\harley\desktop\steelite\bin\stellited.exe () [File not signed]
FirewallRules: [UDP Query User{194A15EE-167E-4D6C-ADBC-4AF9FDE8D0E9}C:\program files (x86)\digital pandacoin\digital pandacoin\pandacoin-qt.exe] => (Allow) C:\program files (x86)\digital pandacoin\digital pandacoin\pandacoin-qt.exe => No File
FirewallRules: [TCP Query User{DF7FF793-09F0-4577-AEE1-E47F0BB1FE2F}C:\program files (x86)\digital pandacoin\digital pandacoin\pandacoin-qt.exe] => (Allow) C:\program files (x86)\digital pandacoin\digital pandacoin\pandacoin-qt.exe => No File
FirewallRules: [UDP Query User{A49B3E29-B253-436E-A55E-D3E992655245}C:\program files\royalties foundation\royalties wallet\royaltieswallet.exe] => (Allow) C:\program files\royalties foundation\royalties wallet\royaltieswallet.exe => No File
FirewallRules: [TCP Query User{22D396FE-C3A7-4AE9-AA84-CB270774ED84}C:\program files\royalties foundation\royalties wallet\royaltieswallet.exe] => (Allow) C:\program files\royalties foundation\royalties wallet\royaltieswallet.exe => No File
FirewallRules: [UDP Query User{3B9ABB0C-8571-4E29-8FAA-24F1DF741610}C:\program files (x86)\verium\verium-qt.exe] => (Allow) C:\program files (x86)\verium\verium-qt.exe => No File
FirewallRules: [TCP Query User{8B6FB2A8-7A22-4D3A-AEC7-BB1712A1A23A}C:\program files (x86)\verium\verium-qt.exe] => (Allow) C:\program files (x86)\verium\verium-qt.exe => No File
FirewallRules: [UDP Query User{15D06793-8EEA-4BF6-BCA9-9CEDC640EC8B}C:\users\harley\desktop\sumokoin\sumokoin gui wallet\resources\bin\sumokoind.exe] => (Allow) C:\users\harley\desktop\sumokoin\sumokoin gui wallet\resources\bin\sumokoind.exe => No File
FirewallRules: [TCP Query User{3A41663D-C9A2-4169-B70E-408C65ECB1CF}C:\users\harley\desktop\sumokoin\sumokoin gui wallet\resources\bin\sumokoind.exe] => (Allow) C:\users\harley\desktop\sumokoin\sumokoin gui wallet\resources\bin\sumokoind.exe => No File
FirewallRules: [UDP Query User{37264926-FD30-4A7E-8EE8-EDE1FEDC6F53}C:\users\harley\downloads\win-x64-0.11.0.0\electroneumd.exe] => (Allow) C:\users\harley\downloads\win-x64-0.11.0.0\electroneumd.exe () [File not signed]
FirewallRules: [TCP Query User{0233A213-B530-43FB-A64A-DDBFC5D01794}C:\users\harley\downloads\win-x64-0.11.0.0\electroneumd.exe] => (Allow) C:\users\harley\downloads\win-x64-0.11.0.0\electroneumd.exe () [File not signed]
FirewallRules: [{40A80B5D-625C-4C13-8A2F-FEB4E656A2AD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BB54926F-7F46-4830-A1AF-F2185D406AF3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{AF65013F-5C54-466D-9FF0-D4163E449AD1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BDBCBAB3-2D5E-40DC-AF89-8AA75AB6751F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{57241F91-7D8B-4B06-9DE8-6145935875AA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe => No File
FirewallRules: [{D16315B2-0E42-4221-B384-34947AF6BB78}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{929A420A-1C86-4F1F-8444-0E96726A92F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{6A2A7A49-489A-4AB1-9541-4DD3CB6F84DA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9FF3FBF5-D1CF-4571-B35D-EFBDA6F58640}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7BAAEB53-752D-4EC4-B61A-892C298D58D0}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{7A71B1E4-A4C0-4F89-ABB4-64D8C8AABFEF}C:\users\harley\desktop\ipbc\ipbc-wallet\ipbc-wallet.exe] => (Allow) C:\users\harley\desktop\ipbc\ipbc-wallet\ipbc-wallet.exe => No File
FirewallRules: [UDP Query User{2EE5D8F4-B661-432C-B322-73F0FA198F84}C:\users\harley\desktop\ipbc\ipbc-wallet\ipbc-wallet.exe] => (Allow) C:\users\harley\desktop\ipbc\ipbc-wallet\ipbc-wallet.exe => No File
FirewallRules: [TCP Query User{7A2F82A1-56DC-4B77-B048-8EEC13FE0617}C:\users\harley\desktop\masari\masari-win-x64-v0.1.4.0\masarid.exe] => (Allow) C:\users\harley\desktop\masari\masari-win-x64-v0.1.4.0\masarid.exe () [File not signed] [File is in use]
FirewallRules: [UDP Query User{5E2962D8-7533-4617-B537-9BAADBBE0A91}C:\users\harley\desktop\masari\masari-win-x64-v0.1.4.0\masarid.exe] => (Allow) C:\users\harley\desktop\masari\masari-win-x64-v0.1.4.0\masarid.exe () [File not signed] [File is in use]
FirewallRules: [TCP Query User{C6908363-855B-4891-8F2A-FA52DF430B55}C:\users\harley\desktop\stellite chromium\stellited.exe] => (Allow) C:\users\harley\desktop\stellite chromium\stellited.exe () [File not signed] [File is in use]
FirewallRules: [UDP Query User{315D8B75-7C6C-4526-87D0-71DCAEBFF72B}C:\users\harley\desktop\stellite chromium\stellited.exe] => (Allow) C:\users\harley\desktop\stellite chromium\stellited.exe () [File not signed]
FirewallRules: [TCP Query User{4407A745-D23E-4598-9BDE-D60C7A9F7B3A}C:\users\harley\desktop\stellite gui\stelliteguiwallet\resources\bin\stellited.exe] => (Allow) C:\users\harley\desktop\stellite gui\stelliteguiwallet\resources\bin\stellited.exe () [File not signed]
FirewallRules: [UDP Query User{BB156E1F-79B0-47E4-89DC-4DBC155D4D26}C:\users\harley\desktop\stellite gui\stelliteguiwallet\resources\bin\stellited.exe] => (Allow) C:\users\harley\desktop\stellite gui\stelliteguiwallet\resources\bin\stellited.exe () [File not signed]
FirewallRules: [TCP Query User{F08B45FC-BD08-4BD9-AF84-FFB10828A44D}C:\users\harley\desktop\turtlecoin v0.4.2\turtlecoin-v0.4.2\turtlecoind.exe] => (Allow) C:\users\harley\desktop\turtlecoin v0.4.2\turtlecoin-v0.4.2\turtlecoind.exe () [File not signed]
FirewallRules: [UDP Query User{24DCBE84-19DC-4F60-BED5-329B51D63894}C:\users\harley\desktop\turtlecoin v0.4.2\turtlecoin-v0.4.2\turtlecoind.exe] => (Allow) C:\users\harley\desktop\turtlecoin v0.4.2\turtlecoin-v0.4.2\turtlecoind.exe () [File not signed]
FirewallRules: [TCP Query User{0E3EC75E-CCEC-48A7-AE2F-07B8C0E06350}C:\users\harley\appdata\local\temp\temp1_windows-x64-1.2.3.2.zip\bin\stellited.exe] => (Allow) C:\users\harley\appdata\local\temp\temp1_windows-x64-1.2.3.2.zip\bin\stellited.exe => No File
FirewallRules: [UDP Query User{5E42D516-5968-4CAF-AB21-968FAA41D6B5}C:\users\harley\appdata\local\temp\temp1_windows-x64-1.2.3.2.zip\bin\stellited.exe] => (Allow) C:\users\harley\appdata\local\temp\temp1_windows-x64-1.2.3.2.zip\bin\stellited.exe => No File
FirewallRules: [TCP Query User{FAA08C76-0CC7-415D-94AE-E46AE3B5EE62}C:\users\harley\desktop\stellitegui-win-v0.0.8-1\stellite-wallet-gui.exe] => (Allow) C:\users\harley\desktop\stellitegui-win-v0.0.8-1\stellite-wallet-gui.exe () [File not signed]
FirewallRules: [UDP Query User{130D1B75-01F0-44CE-90C0-8E449DE51D23}C:\users\harley\desktop\stellitegui-win-v0.0.8-1\stellite-wallet-gui.exe] => (Allow) C:\users\harley\desktop\stellitegui-win-v0.0.8-1\stellite-wallet-gui.exe () [File not signed]
FirewallRules: [TCP Query User{DC6C4F91-3444-4C2D-AFA7-69B5EB9B6891}C:\users\harley\desktop\stellitegui-win-v0.0.8-1\stellited.exe] => (Allow) C:\users\harley\desktop\stellitegui-win-v0.0.8-1\stellited.exe => No File
FirewallRules: [UDP Query User{15FC10D0-596E-4879-B4EF-4E077C560C0C}C:\users\harley\desktop\stellitegui-win-v0.0.8-1\stellited.exe] => (Allow) C:\users\harley\desktop\stellitegui-win-v0.0.8-1\stellited.exe => No File
FirewallRules: [{8CC32C87-C545-433D-93F5-77BE63FDF337}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{44DA802F-EA50-4F7A-BE26-A95DD2FC386E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{975F4E47-579F-431C-A690-72E83D7D1CFB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1ACEDFEC-7C5E-48C5-A87A-8FD2B243B65E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BDCA43CE-9C18-4B39-B834-D4B352D3B94B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9BB2AE52-83EA-4663-89F7-F89BDA58823F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B95FFFC-90D2-44CB-9E79-A9B624E4C264}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{91F4FE3D-469A-430E-8D3D-7BDEB18F092D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{43D5491A-3AE1-43BE-A0A4-44EEC08F7343}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DC133020-D12D-4669-8000-79ADD310CAC5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.135.458.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF6110DB-F73F-4D50-B131-182A10C5DB3A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.135.458.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94ABC911-ED31-492A-B0BC-D189D0ECFF06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.135.458.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{92AA7684-2BAD-4F2B-ACE9-20F59D0FC84E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.135.458.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9B78ADC-828C-42A2-964F-E3D150D0597D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.135.458.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B730A273-EDE9-48DD-9CB9-D17149758A57}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.135.458.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9BE66C2E-DC95-446D-8150-85D19C72DF14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.135.458.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FB991F36-5809-4D99-BA0C-63B268DF36BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.135.458.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C429B9EF-C99F-4250-8C51-DAFCB77D7627}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/03/2020 08:28:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2916,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (07/03/2020 08:19:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4368,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (07/03/2020 08:01:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (07/03/2020 08:01:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (07/03/2020 08:01:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (07/03/2020 08:01:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (07/03/2020 04:31:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 808: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Error: (07/03/2020 04:31:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 800: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
System errors:
=============
Error: (07/03/2020 08:10:58 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (d0:2b:20:8a:9c:d1) failed.
Error: (07/03/2020 08:01:32 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume C:.
A corruption was found in a file system index structure. The file reference number is 0x9000000000009. The name of the file is "<unable to determine file name>". The corrupted index attribute is ":$SDH:$INDEX_ALLOCATION".
Error: (07/03/2020 08:01:29 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a pre-shutdown control.
Error: (07/03/2020 08:01:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
The file or directory is corrupted and unreadable.
Error: (07/03/2020 08:01:08 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (d0:2b:20:8a:9c:d1) failed.
Error: (07/03/2020 08:00:35 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume C:.
A corruption was found in a file system index structure. The file reference number is 0x9000000000009. The name of the file is "<unable to determine file name>". The corrupted index attribute is ":$SDH:$INDEX_ALLOCATION".
Error: (07/03/2020 08:00:35 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: C:\Device\HarddiskVolume33
Error: (07/03/2020 04:33:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SecureLine service.
Windows Defender:
===================================
Date: 2020-06-17 01:53:57.784
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8A9CFFD5-C9D2-4186-99CD-CB3A4B5B9B3A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-05-27 22:35:06.317
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {008DD60A-96BC-48FD-A231-3E6E0B70FDA7}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-07-03 20:21:50.949
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.233.2750.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13303.0
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2020-07-03 20:21:50.948
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.233.2750.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13303.0
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2020-07-03 20:21:50.947
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.233.2750.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13303.0
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2020-07-03 20:11:59.516
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.233.2750.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13303.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2020-07-03 20:11:59.515
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.233.2750.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13303.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-09-24 07:13:44.931
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-24 07:13:44.873
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-24 07:13:44.817
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-24 07:13:44.767
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-24 07:13:44.715
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-24 07:13:44.658
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-24 07:13:44.597
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-09-24 07:13:13.919
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.11 07/21/2015
Motherboard: Acer Aspire ES1-531
Processor: Intel® Pentium® CPU N3700 @ 1.60GHz
Percentage of memory in use: 60%
Total physical RAM: 3919.27 MB
Available physical RAM: 1548.78 MB
Total Virtual: 5775.27 MB
Available Virtual: 3004.31 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:930.56 GB) (Free:240.08 GB) NTFS
\\?\Volume{eb88537d-90fc-4642-89b1-4db67334c203}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS
\\?\Volume{a25475be-858f-400f-a944-b4cc97ab6ddd}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CF41E9AD)
Partition: GPT.
==================== End of Addition.txt =======================