Rick
-
Content Count
10 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by Rick
-
-
# Run at 3/15/2021 5:53:33 PM
# KpRm (Kernel-panik) version 2.9
# Website https://kernel-panik.me/tool/kprm/
# Run by eades from C:\Users\eades\Downloads
# Computer Name: DESKTOP-B748AG0
# OS: Windows 10 X64 (19041)
# Number of passes: 1- Checked options -
~ Registry Backup
~ Delete Tools
~ Restore System Settings
~ UAC Restore
~ Delete Restore Points
~ Create Restore Point
~ Delete Quarantines- Create Registry Backup -
~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
~ [OK] Hive C:\Users\eades\NTUSER.dat backed up[OK] Registry Backup: C:\KPRM\backup\2021-03-15-17-53-33
- Delete Tools -
## AdwCleaner
[OK] C:\Users\eades\Downloads\AdwCleaner (1).exe deleted
[OK] C:\Users\eades\Downloads\AdwCleaner.exe deleted
[OK] C:\AdwCleaner deleted## OTL
[OK] Process OTL.exe killed
[OK] C:\Users\eades\Desktop\OTL.Txt deleted
[OK] C:\Users\eades\Downloads\OTL.exe deleted
[OK] C:\Users\eades\Downloads\OTL.Txt deleted
[OK] C:\_OTL deleted- Restore System Settings -
[OK] Reset WinSock
[OK] FLUSHDNS
[OK] Hide Hidden file.
[OK] Show Extensions for known file types
[OK] Hide protected operating system files- Restore UAC -
[OK] Set EnableLUA with default (1) value
[OK] Set ConsentPromptBehaviorAdmin with default (5) value
[OK] Set ConsentPromptBehaviorUser with default (3) value
[OK] Set EnableInstallerDetection with default (0) value
[OK] Set EnableSecureUIAPaths with default (1) value
[OK] Set EnableUIADesktopToggle with default (0) value
[OK] Set EnableVirtualization with default (1) value
[OK] Set FilterAdministratorToken with default (0) value
[OK] Set PromptOnSecureDesktop with default (1) value
[OK] Set ValidateAdminCodeSignatures with default (0) value- Clear Restore Points -
~ [OK] RP named Scheduled Checkpoint created at 03/10/2021 18:05:17 deleted
~ [OK] RP named AdwCleaner_BeforeCleaning_14/03/2021_19:31:08 created at 03/15/2021 01:31:13 deleted
[OK] All system restore points have been successfully deleted- Create Restore Point -
[OK] System Restore Point created
- Display System Restore Point -
~ [I] RP named KpRm created at 03/16/2021 00:01:34
-- KPRM finished in 547.40s --
-
how do we look?
-
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ not found.
HKEY_USERS\S-1-5-21-2408870077-2760889140-2630364754-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2408870077-2760889140-2630364754-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ not found.
Registry key HKEY_USERS\S-1-5-21-2408870077-2760889140-2630364754-1001\Software\Microsoft\Internet Explorer\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: eades
User: Public
User: TEMP
User: TEMP.DESKTOP-B748AG0
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: eades
->Flash cache emptied: 49244631 bytes
User: Public
User: TEMP
User: TEMP.DESKTOP-B748AG0
Total Flash Files Cleaned = 47.00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: eades
->Temp folder emptied: 63423806 bytes
->Temporary Internet Files folder emptied: 6986430 bytes
->Flash cache emptied: 0 bytes
User: Public
User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: TEMP.DESKTOP-B748AG0
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 8192 bytes
%systemroot% .tmp files removed: 608192 bytes
%systemroot%\System32 .tmp files removed: 11746704 bytes
%systemroot%\System32 (64bit) .tmp files removed: 124890488 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7962897 bytes
RecycleBin emptied: 8760716 bytes
Total Files Cleaned = 214.00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 03152021_171440Files\Folders moved on Reboot...
File\Folder C:\Users\eades\AppData\Local\Temp\3f259471-68cf-45c6-8ce7-da59ff1b6132.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\685dd429-3dae-4ef4-b371-e5f560e44266.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\6be74cb4-1f44-41f3-8183-c3f719a89395.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\726193bf-5b70-498c-a0ec-90c90541a4c4.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\7c6f6cf8-6dd6-4932-b621-aca884d393f4.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\87e4fd79-94d2-40d3-9eae-c4a978396f91.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\93d59bfd-9b23-4654-aef8-0ed6cca4d609.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\9ca4e88e-d6fc-4c04-912c-95bbd1a83434.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\b471a7f2-29d5-4a68-b83d-145c84f7150c.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\b53f458d-1c8f-4136-95f5-0ab61329b15a.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\b8e16a36-9473-466f-b0f9-78b29c170b74.tmp not found!
File\Folder C:\DumpStack.log.tmp not found!
C:\WINDOWS\temp\DESKTOP-B748AG0-20210314-2040.log moved successfully.
File\Folder C:\WINDOWS\temp\mcafee_vYIpaIE4kYsuQ2E not found!
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(20210314204043B88).log not found!PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
Yes I'm using McAfree. and this is Windows 10 home. Do I need to do anything else ?
-
OTL Extras logfile created on: 3/14/2021 9:38:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\eades\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.45 Gb Total Physical Memory | 0.52 Gb Available Physical Memory | 15.10% Memory free
10.20 Gb Paging File | 6.67 Gb Available in Paging File | 65.40% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = 😄 | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive 😄 | 911.70 Gb Total Space | 829.82 Gb Free Space | 91.02% Space Free | Partition Type: NTFS
Drive 😧 | 18.51 Gb Total Space | 2.39 Gb Free Space | 12.93% Space Free | Partition Type: NTFS
Computer Name: DESKTOP-B748AG0 | User Name: eades | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{9D4501E6-72F6-2877-C789-89AF6F535B2C}]
"GUID" = {9D4501E6-72F6-2877-C789-89AF6F535B2C}
"DISPLAYNAME" = McAfee VirusScan
"STATE" = 462848
"PRODUCTEXE" = C:\Program Files\McAfee.com\Agent\mcupdate.exe -- (McAfee, LLC)
"REPORTINGEXE" = C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe -- (McAfee, LLC)
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
"DISPLAYNAME" = Windows Defender
"STATE" = 393472
"PRODUCTEXE" = windowsdefender://
"REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation)
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{A57E80C3-3899-292F-ECD6-209A91801C57}]
"GUID" = {A57E80C3-3899-292F-ECD6-209A91801C57}
"DISPLAYNAME" = McAfee Firewall
"STATE" = 462848
"PRODUCTEXE" = C:\Program Files\McAfee.com\Agent\mcupdate.exe -- (McAfee, LLC)
"REPORTINGEXE" = C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe -- (McAfee, LLC)
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 42 4A D3 C2 96 98 D6 01 [binary data]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21C79A9F-B580-4CBA-B29A-9E72597A6605}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edgewebview\application\89.0.774.54\msedgewebview2.exe |
"{77C57B8E-14D1-4E86-9781-DC267A2485A0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edge\application\msedge.exe |
"{CE587BC1-D833-40B2-B089-D94D32A124D2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\root\office16\outlook.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EA97C5-33C8-4788-8778-182995D459B1}" = dir=out | name=@{microsoft.bingweather_4.46.22322.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{040AF957-9C97-4509-A01C-59BBC1493EB6}" = dir=out | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{056746BC-ACC4-498D-BA4D-6E5B40493A56}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{08A2429A-CF01-4CF2-A73A-F025BE07A191}" = dir=out | name=@{microsoft.xboxapp_48.69.18001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{08D04BC1-B93D-473F-BAB6-85AEB6FE458F}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs0e17\hpdiagnosticcoreui.exe |
"{0B9F4EF4-AB85-461C-9203-61C01CCECC46}" = dir=out | name=cortana |
"{0BAC6C98-226D-4FDF-B406-D7AA004A0BF3}" = dir=out | name=@{microsoft.bingfinance_4.45.22111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{0C099345-77F2-43BF-AC07-7FEE78568203}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{0DFDE5F8-D567-4957-A11F-236BD573A163}" = dir=in | name=xbox game bar |
"{0E37B220-612B-4103-8769-F54A4CCCD1B0}" = protocol=17 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.64.80.0_x86__kzf8qxf38zg5c\skype\skype.exe |
"{0EF173C0-C570-4F68-8E4B-6749BFB271D1}" = dir=in | app=c:\program files\common files\mcafee\mmsshost\mmsshost.exe |
"{0F9263BB-5C58-4DAC-B4EF-273AE8590FFB}" = dir=out | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{10EFF59A-7691-4D76-ACA6-334F5D68E54E}" = dir=in | name=netflix |
"{143D6217-EC59-4793-A174-B4126879DE14}" = dir=out | name=ncsiuwpapp |
"{14F2A906-3348-489B-8F82-1FD52DF030F8}" = dir=in | name=@{microsoft.win32webviewhost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{193174E9-33E1-44AC-B514-DD81C3F6C53E}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{1DC4AA31-0DCC-45C5-B23A-80EE5DEFE90C}" = dir=out | name=windows_ie_ac_001 |
"{1DCF37FA-0C69-4EA5-AD91-024D5C3BD8E4}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs646b\hpdiagnosticcoreui.exe |
"{1E5D5A4D-3B7F-4C3B-B941-C6D861AC4E13}" = dir=in | app=c:\program files (x86)\dropbox\client\dropbox.exe |
"{1F87B018-DA12-47B7-95A1-2C084ADEFCF4}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs435e\hpdiagnosticcoreui.exe |
"{20600810-3C1B-4F1E-8AA3-A18C88A4985F}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{229E766A-891E-4E9A-8DCB-F99FD69A6FA6}" = dir=out | name=netflix |
"{2366632A-3428-4631-9151-C9C31D895155}" = dir=out | name=sway |
"{26671BFB-BE6D-47A6-B2AD-DDC1F11BB360}" = dir=out | name=tripadvisor hotels flights restaurants |
"{26B7695A-5916-42E8-BFF3-7E837ACB2661}" = dir=out | name=the weather channel for hp |
"{26FA5377-15C7-41B2-B7FE-BA7DDCEC86AD}" = dir=out | name=@{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{2836DD02-DB21-4BB6-9D88-707F5D33CF60}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{28C649B7-31A0-410C-9955-05C767E821E4}" = dir=in | name=@{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{2A512DAA-75AD-40B3-B37A-30B5E6101D90}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3177\hpdiagnosticcoreui.exe |
"{2B6128D0-1913-4D25-822B-34D2F232865B}" = dir=out | name=hp smart |
"{30707157-6A0F-4ED0-82C5-471EC2E8F260}" = dir=in | name=@{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{3075BCFE-6207-4A43-A739-EE6435168539}" = dir=out | name=@{microsoft.lockapp_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{32F99F5C-D793-451B-82C6-9443ABAF4DB8}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{33C28AA5-A431-4017-9C6D-54AEC85B4CE9}" = dir=out | name=@{microsoft.accountscontrol_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{35330DE6-F3BC-4292-B5D3-D4D9D584F453}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{368A74ED-04E5-4449-A1D4-0480EA994A65}" = dir=out | name=@{a278ab0d.disneymagickingdoms_5.3.0.0_x86__h6adky7gbf63m?ms-resource://a278ab0d.disneymagickingdoms/resources/applicationname} |
"{3DF3E6CE-C504-4F92-9C94-13F12CE04EDA}" = dir=in | name=@{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{3E1D90A1-AB2A-4F34-87AD-524B8E70BE88}" = dir=out | name=microsoft pay |
"{3F4C5485-959B-4F94-878F-5D487C27D51E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\powerdvd.exe |
"{40A4E914-E0AB-4D2C-8934-A4A817B8188B}" = dir=in | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{40C49F2B-E089-41E6-8D3D-80CA5BB8EFFD}" = dir=in | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{4147BF59-B7A1-491F-AACD-4A8F284FFA4F}" = dir=in | name=@{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{423190F4-812D-445E-A233-9A8318D3340F}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{437F5189-320F-4096-9E41-7901B94C0D2A}" = dir=in | name=@{microsoft.yourphone_1.20091.84.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{44F8361E-4F6F-4D0B-8534-297EF7851DA3}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3705\hpdiagnosticcoreui.exe |
"{463E93D5-B80B-4B3C-BCB9-3CA2B3EB50E0}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{4A64EAB5-3639-4D04-9DD0-701360E90AA6}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs272c\hpdiagnosticcoreui.exe |
"{4BE4E064-A5DC-4372-82C7-42329DF9D4A2}" = dir=in | name=@{microsoft.windowsstore_12009.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{534B01D1-CC48-4931-8AAC-63F6F605AAB4}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{56078FAF-46A5-4BB9-9847-ADDC47C0F0B7}" = dir=out | name=@{microsoft.bingnews_4.53.22541.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithtagline} |
"{5755AD1E-57B8-4B64-A86A-2516574018FF}" = dir=out | name=3d builder |
"{575D224E-BC44-4B80-ADB9-CB7BC83A0E6D}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{5B59F84A-D8BA-4538-89B7-2B8EE54C06A8}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{5C47756F-22B5-455A-85F0-BEB3AE489CEF}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{5CBFFDAC-4DE9-4970-938F-B8FD791514A4}" = dir=out | name=@{microsoft.xboxidentityprovider_12.67.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{5EB0F5A0-16FC-4CD0-A729-825A991C065D}" = dir=out | name=@{microsoft.lockapp_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{60F66BE3-F474-4A61-BE7D-29BD526929FB}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{61B91C7C-340F-46D5-BA4C-7A50916E4BB2}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{622F4006-B908-4E3D-AC5A-004F20142B6A}" = dir=out | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{63331CA7-EE58-4414-B6F0-E6501BC1D894}" = dir=in | name=@{microsoft.xboxapp_48.69.18001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{636CD29F-C92A-4266-9A37-F9D28E23E707}" = dir=in | name=cortana |
"{63845DAA-2872-4497-BCB0-0ABABE868BD1}" = dir=out | name=@{microsoft.oneconnect_5.2006.1691.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{63A0370C-F1A4-4986-9A2E-5D98C4978CA3}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1907.3152.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{63B3BB6D-F16F-416D-B847-98EB40613575}" = dir=out | name=@{microsoft.storepurchaseapp_12009.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{66FF8386-9EBE-42DF-A0D0-3F69CEA00823}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.19041.423_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{68D889E3-26F4-44EB-92E2-19FA0118D2BF}" = dir=out | name=@{microsoft.windowscalculator_10.2008.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{6E774103-6AB1-4CA2-8320-E72DD002496D}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{6ED47C25-F2C8-452B-9F68-DD279D8D4D15}" = dir=in | name=onenote for windows 10 |
"{6F75A401-FF31-4817-9E0F-52EC761138D4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\powerdvd14agent.exe |
"{6FC475B9-4CBD-4AEB-A6FF-6CE272D33C42}" = dir=out | name=print 3d |
"{6FCC8128-41BA-4101-A10F-3EB9B435DBAD}" = dir=out | name=@{microsoft.bingsports_4.36.20714.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{706646D0-0BCD-46DE-AE21-ACB9B317067F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\movie\powerdvd cinema\powerdvdcinema.exe |
"{71D30853-1577-4AFF-B194-B5ADC6972EE3}" = dir=out | name=twitter |
"{71FC28F8-6AB6-48A1-98CD-5DA6B2C09B17}" = dir=out | name=@{microsoft.accountscontrol_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{725AAAA0-A4AC-48D7-B6C1-ED39D8A14898}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{72932008-F9DB-4477-8F9A-7A1F039B20CE}" = dir=out | name=@{microsoft.lockapp_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{72C98386-F9EA-47ED-BAEE-F5B059BF0CD3}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{744B791E-F7C4-4294-A8AA-B5FCBA222643}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3652\hpdiagnosticcoreui.exe |
"{74BF0FD4-8117-420E-9C47-C064B6661A20}" = dir=out | name=@{microsoft.windowsstore_12009.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{74D72D3A-01AE-44C8-983B-0AA01861C8CC}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{75AA6FFD-A71A-4290-86A1-A1CD8FEE4A7C}" = dir=out | name=xbox game bar |
"{7613EF76-B5E9-4DC1-9E05-4D9AE91FE841}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs0e17\hpdiagnosticcoreui.exe |
"{7625195D-784A-4A49-BBB7-D795E10D574C}" = dir=in | name=@{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{7647D3BE-366E-43F3-B80D-F60EA84DC2D9}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{787A9B01-B6E6-4C1E-BDD9-2F773233EA30}" = dir=out | name=@{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{78995CEF-27AF-4D11-A414-44C6A52C62DE}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{795A0354-1417-4FF9-BEBE-3CE741260A5C}" = dir=in | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{7B48CDF4-7E1B-4CC0-8BAE-807F0ED49817}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{7BE1846A-EC81-467F-AC0D-DC061B126ACA}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{7C075230-7E91-4AD9-915B-CA30F4BCCCB5}" = dir=out | name=@{microsoft.mixedreality.portal_2000.20081.1312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{7DA45EEE-66E5-47B6-B782-5FFD7F9E17A2}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{80F0C936-3667-4D18-AE6B-328F14C0A8B1}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs311f\hpdiagnosticcoreui.exe |
"{82BF4F73-4EC3-40FB-9DD3-36FC1C47FD83}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{8336438F-44D5-4511-B78A-CAD1E7BECBB9}" = dir=in | name=@{microsoft.oneconnect_5.2006.1691.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{85C99AC4-57D9-479F-9349-3830FACBE503}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3177\hpdiagnosticcoreui.exe |
"{86181C5D-B54A-45FE-9B86-6EA7B4986A58}" = dir=in | name=hp smart |
"{8619ADB8-2261-42EB-B734-892634326BF7}" = dir=out | name=@{microsoft.mspaint_6.2009.30067.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{868B695F-0B7D-4240-A970-536FB6176756}" = dir=out | name=@{microsoft.microsoft3dviewer_7.2009.29132.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{86D4D176-3251-4CD8-ABB3-E45E01C2422E}" = dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{89C026BB-14E1-4C82-BE3E-339DB9704E10}" = dir=out | name=snapfish |
"{8B80FEC3-B057-44F7-A60A-71C56F787C58}" = dir=in | app=c:\program files\cyberlink\powerdirector12\pdr10.exe |
"{8D78BB01-FB46-480E-9548-5DB551559321}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{8D80ABC7-DD30-4661-9E13-85BA17039EE2}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{8EB5C78C-C105-4B4C-8009-E23BEFDB482F}" = dir=out | name=@{microsoft.getstarted_9.9.32102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{8F126CD1-9BF7-489E-BB00-B022DECBF6BC}" = dir=out | name=@{king.com.bubblewitch3saga_6.13.6.0_x86__kgqvnymyfvs32?ms-resource://king.com.bubblewitch3saga/resources/appname} |
"{8F65EB77-B4C2-4F76-8BB1-2A1D2F4FFB04}" = dir=out | name=microsoft solitaire collection |
"{904A0448-EA0B-4208-B36B-4F7ABAFB1224}" = dir=out | name=@{microsoft.win32webviewhost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{906DEA1E-F960-4681-BD04-3AFFA157FDFC}" = dir=out | name=@{microsoft.windowscamera_2020.504.60.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{90BCD017-619A-4623-95D7-77EC33790089}" = dir=out | name=amazon |
"{9484354B-CB4C-4A1B-ACEF-EC5CC97E0FE3}" = dir=in | name=@{microsoft.zunevideo_10.20032.16211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{967763C2-2987-4D3B-8901-195E2BAF990B}" = dir=out | name=@{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{9D4B6B13-06A7-407B-9536-D1759E75924A}" = dir=out | name=skype |
"{9DE121D8-681C-49D8-B933-8CA655A80D7F}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{9DF3CA8F-F997-4948-A525-5222510ECE64}" = dir=out | name=@{microsoft.gethelp_10.2004.31291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{A07CB343-89C0-4888-8878-A727C15A33A6}" = dir=out | name=@{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{A18FD8AD-53F1-479B-A505-40A8F30643A8}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{A1B6C0CB-E42A-49F9-B360-8FA04FB8F420}" = dir=out | name=onenote for windows 10 |
"{A25FD4EF-F96D-4274-AD5A-266EA1DEA7A0}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{A2902A16-19B8-43C2-BB85-B6E7E96B9C08}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{A51F3030-20D5-4580-AAF0-DBCB9CF9CC7E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A573E876-F3AB-47C9-82C5-9D1861B635AE}" = dir=out | name=@{26720randomsaladgamesllc.simplesolitaire_6.20.87.0_x64__kx24dqmazqk8j?ms-resource://26720randomsaladgamesllc.simplesolitaire/resources/gamename} |
"{A703C32C-B7B5-42E0-8C9D-B989D9F9B7C4}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{AA0B76FD-B8E1-4166-A8F6-2A8C04F8EE1C}" = dir=out | name=windows feature experience pack |
"{AB532FDF-C9D2-4F55-8266-F98F9D86CC63}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{AD04901A-7839-4CAF-BF22-CBBAF21EA497}" = dir=in | name=skype |
"{AFB4EE39-823A-4E69-84FE-9778319F52A5}" = dir=in | name=3d builder |
"{B13B0680-D47A-44D8-8D6B-433D0CDA884A}" = protocol=6 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.64.80.0_x86__kzf8qxf38zg5c\skype\skype.exe |
"{B1E8DE91-63EE-4F64-9CD1-22E43E1F5B20}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs646b\hpdiagnosticcoreui.exe |
"{B1F04BDA-52B0-45D7-9FFB-C1B72ABEE5C0}" = dir=in | name=@{microsoft.zunemusic_10.20082.10421.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{B5A7CB92-E2BC-4798-B256-AC3CD2976162}" = dir=out | name=candy crush soda saga |
"{B7880547-2B20-4CDC-A885-10C918E63891}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{B8335507-EDB7-4CBD-BFA9-F292FDDF854F}" = dir=out | name=@{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{B9075567-A484-45E6-A234-0099A327DB8F}" = protocol=6 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.64.80.0_x86__kzf8qxf38zg5c\skype\skype.exe |
"{B961CDD9-6A12-4CC8-8E16-7BCE24B07145}" = dir=out | name=@{microsoft.zunevideo_10.20032.16211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{BA4AD37A-0BEF-4C0E-BF4A-0030266B002B}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{BEF6DAD1-83A3-4991-81F9-2D9B4B953539}" = dir=out | name=@{26720randomsaladgamesllc.heartsdeluxe_6.7.33.0_x64__kx24dqmazqk8j?ms-resource://26720randomsaladgamesllc.heartsdeluxe/resources/gametitle} |
"{C3B501F5-5904-4B44-957E-F89526F0B877}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C6703085-C9AE-459C-86E5-132C06B6A6C2}" = dir=in | app=c:\program files (x86)\common files\mcafee\mmsshost\mmsshost.exe |
"{C6804EE4-F9AB-45A2-B82D-EB851F860145}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{C96E6F7D-D16C-47E1-A902-E5553E812A06}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\movie\powerdvdmovie.exe |
"{CA32BA3D-96EB-49AF-9C71-21CD9B325861}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{CA69D229-44B5-4FD7-85CF-74B470406166}" = protocol=17 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.64.80.0_x86__kzf8qxf38zg5c\skype\skype.exe |
"{CDAD6217-7DC1-45C0-B328-229801471E7B}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{CECC04A4-2D32-4DB6-987F-51015488968C}" = dir=out | name=@{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{CF1C0C25-90CE-4B97-939C-AFF38A4BA084}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs435e\hpdiagnosticcoreui.exe |
"{D09A4C1F-A763-4DC5-9AE0-9194A65D7022}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3652\hpdiagnosticcoreui.exe |
"{D2820D46-1232-4519-AC65-504BC40CE9AA}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs311f\hpdiagnosticcoreui.exe |
"{D38C7FEF-8ACA-4C6F-914F-E67227CA9202}" = dir=out | name=xbox game bar plugin |
"{D7EFF413-C1E5-4F4A-93FA-C58835EB0736}" = dir=out | name=@{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{D7FF85E0-6CC3-4DF0-A9C0-1455D9EF5AC2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D89BD08F-1D41-46AA-A7DA-B9F12D9E18DB}" = dir=in | name=@{26720randomsaladgamesllc.simplesolitaire_6.20.87.0_x64__kx24dqmazqk8j?ms-resource://26720randomsaladgamesllc.simplesolitaire/resources/gamename} |
"{D9E3A458-0E95-4A71-B5D8-3B2B566A4E04}" = dir=out | name=@{microsoft.people_10.1909.10841.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{DBED7F25-0437-4693-8413-A24D86917428}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{DC5A8BAA-DCCE-4CA1-B406-F17DAC284AB7}" = dir=out | name=windows_ie_ac_001 |
"{DD5E553B-5138-497A-9FF6-60E9BF8CC08A}" = dir=out | name=@{microsoft.zunemusic_10.20082.10421.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{DE08308C-076C-46AA-8117-E5920C43C96C}" = dir=out | name=xbox tcui |
"{DE89D580-3DDB-4252-BAEC-7DEC28E8BBDA}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe |
"{DFCDDA24-B7F6-4417-B8B4-D08553113D93}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe |
"{E02994F8-2D2A-4E1C-9A4F-AC8EB7443D51}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\devicesetup.exe |
"{E12921AD-2076-4416-93F1-A7DAB9B56BEC}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs272c\hpdiagnosticcoreui.exe |
"{E2DF2B57-3DAF-452A-8BC1-8C02FCF381F7}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3705\hpdiagnosticcoreui.exe |
"{E30F62F8-67E7-40CF-B0F3-7C0006059CBD}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{E40DC6A8-A47A-4E1B-BCA6-8C33E5587DA2}" = dir=in | name=print 3d |
"{EC49EA90-B10C-40E8-B891-51D283A51E70}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{EDBF5A04-DF74-484A-8074-D1F188DFBFA4}" = dir=in | name=@{a278ab0d.disneymagickingdoms_5.3.0.0_x86__h6adky7gbf63m?ms-resource://a278ab0d.disneymagickingdoms/resources/applicationname} |
"{EE67BCA7-78AF-4729-BB16-AC586B16F112}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{EF34546B-BB58-4822-9AB3-E1152FBAB1C6}" = dir=out | name=office |
"{F1CEAC3B-DFEE-4B09-B37B-C582EA8B1D2E}" = dir=in | name=microsoft solitaire collection |
"{F3635857-5C55-4E9E-95A1-CEFF7B5D8424}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{F4DECE14-A015-40FC-89FB-C08F308C382F}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F71BD949-3CE8-4F24-B50B-84324813A1D4}" = dir=out | name=@{microsoft.windowsmaps_10.2008.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{F9CCFD71-DD72-4E38-ACD6-B99E84592950}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{FA9994F2-C2B4-40AB-8C62-0DAC138C31A0}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{FE31AA78-AEEB-4F8F-BE34-CC2665676D5D}" = dir=out | name=@{microsoft.yourphone_1.20091.84.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{FF098A88-4F3B-4886-8251-CA2BFAFC02C5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\kernel\dms\clmsserverpdvd14.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0101153A-CA07-4E2C-EF5E-D411604CF036}" = Catalyst Control Center Next Localization DE
"{155ABE97-ABF9-EE58-3270-334EF950F3A9}" = Catalyst Control Center Next Localization CHS
"{178B916E-BCCA-464A-82B1-16FBCE86E30B}" = AMD Settings - Branding
"{1D12B9AD-21F1-791A-6A85-47F27406282C}" = Catalyst Control Center Next Localization DA
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21134089-9B59-34C8-BE11-929D26AD5207}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24123
"{2F028509-06B7-9869-5FD6-1F367A0B5827}" = Catalyst Control Center Next Localization FI
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3A82ED68-3D39-2AC7-718F-C6CFAFD28736}" = AMD Radeon Settings
"{3BBAB5EA-62DA-2431-3A1F-3F89BBAE739D}" = Catalyst Control Center Next Localization EL
"{3BC36736-66B5-4C48-AF0A-C41C335ABCB0}" = HP ePrint Windows Driver
"{4166E94C-7758-3D0E-1518-05BF181FBA21}" = Catalyst Control Center Next Localization PL
"{44167DA6-B26A-A06B-213E-A481135FCBF0}" = Catalyst Control Center Next Localization CHT
"{4BE67694-29C6-6A69-85E4-D06EFCA12846}" = Catalyst Control Center Next Localization SV
"{54603A0D-55EB-44D8-0D79-4B7CB94AD6B7}" = Catalyst Control Center Next Localization TR
"{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}" = CyberLink PhotoDirector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{665B0E99-0560-6850-876C-259CC785D49A}" = Catalyst Control Center Next Localization IT
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{791D3241-C6A4-417F-82E6-00543B6E5012}" = HP Deskjet 3510 series Product Improvement Study
"{7B1A228A-7D97-3209-B386-AA878D3555C5}" = Catalyst Control Center Next Localization TH
"{7F20F2D1-C425-4432-96BA-EBD0C2181493}" = HP Deskjet 3510 series Basic Device Software
"{807BBD2A-B4C2-030B-C22F-D97FA460FF79}" = AMD Problem Report Wizard
"{8191CEE4-C7AB-5A02-4587-9D12B6B443F2}" = Catalyst Control Center Next Localization JA
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{85EC2DC7-901A-C7A8-69CC-D14B5311C057}" = Catalyst Control Center Next Localization BR
"{8831C53E-B6FA-3DE6-FB39-66BD5019F083}" = Catalyst Control Center Next Localization NL
"{8A5107B8-9CC4-141F-141D-B1952B84A62A}" = Catalyst Control Center Next Localization FR
"{90160000-008F-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-00DD-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component 64-bit Registration
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9432C606-FE2A-7F88-5E59-9A33FB1D876D}" = ccc-utility64
"{975476BF-784B-0C34-09B3-AE6DC25C2B3C}" = Catalyst Control Center Next Localization ES
"{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}" = Microsoft Update Health Tools
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BFDF75E6-EBBE-FD30-7DED-A80A072A0452}" = Catalyst Control Center Next Localization HU
"{CB203E05-4AAA-9076-7D8B-5D7CAD7F0D39}" = Catalyst Control Center Next Localization NO
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{E1646825-D391-42A0-93AA-27FA810DA093}" = CyberLink PowerDirector 12
"{E2D25167-8913-E00E-6755-270D9010DF62}" = Catalyst Control Center Next Localization RU
"{E3D88B8D-BB11-D376-C3C6-EF7D0F8DD725}" = Catalyst Control Center Next Localization KO
"{ED204021-2012-F4F3-E495-F4AFD74D66FF}" = Catalyst Control Center Next Localization CS
"{EDF66320-A8A5-967C-1B69-484DAD822143}" = AMD Software
"{FDBE9DB4-7A91-3A28-B27E-705EF7CFAE57}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24123
"AMD Catalyst Install Manager" = AMD Software
"HP_Documentation" = HP Documentation
"O365HomePremRetail - en-us" = Microsoft 365 - en-us
"VulkanRT1.0.51.0" = Vulkan Run Time Libraries 1.0.51.0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{099218A5-A723-43DC-8DB5-6173656A1E94}" = Dropbox Update Helper
"{0A6C62F1-963D-EBAF-2613-48D52B7330E3}" = Catalyst Control Center Localization All
"{0C4C1DFF-3F58-F9DD-CCA5-D0EA50D941D1}" = CCC Help Italian
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15DFB235-D734-0DBA-FB06-DE5CAF1E3747}" = AMD Settings
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21C21B71-DBC5-888E-3142-6A9C0F9876A3}" = CCC Help Greek
"{25D2A37E-1C94-3CC2-D805-0F0B736ABE57}" = CCC Help Portuguese
"{283CC77F-6CA0-17CC-6344-A18B6BD931D6}" = CCC Help Korean
"{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123
"{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}" = CyberLink Power Media Player 14
"{33BA2D47-95FE-07FC-D910-7D57E3DC0881}" = CCC Help Polish
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.36
"{47A35F86-8578-FA6B-75F3-DC0F58BB239C}" = CCC Help Dutch
"{48947098-A67C-46D4-90C5-9F2F6F0F96FE}" = Citrix Online Launcher
"{5460D71D-9DF4-EFDD-FE9B-6503EF8B26A2}" = CCC Help English
"{587371BD-41EA-46AE-182F-17143173A48B}" = CCC Help Norwegian
"{597A58EC-42D6-4940-8739-FB94491B013C}" = Dropbox 25 GB
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{6189B85F-0DFD-0F50-95AE-999864B4CB1A}" = CCC Help Japanese
"{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}" = HP Recovery Manager
"{67386FCC-6EBB-D6F0-886B-DE66DEC68FB5}" = CCC Help Hungarian
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{6DD9EA14-4BE5-2271-C82F-AB5685DBA9B4}" = CCC Help Russian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78875E02-1E2E-6627-19F0-6D348C3AC8A1}" = CCC Help Chinese Traditional
"{7A6644E8-81F5-BCBC-E888-4D2E3362BDC4}" = CCC Help Czech
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89102AB4-6000-43B3-883A-5ED8650D3E40}" = HP ESU for Microsoft Windows 10
"{90160000-008C-0000-0000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0409-0000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}" = HP Deskjet 3510 series Help
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A318B4F3-65DD-E1CC-E399-F0808EEDD1D4}" = CCC Help Swedish
"{A5107464-AA9B-4177-8129-5FF2F42DD322}" = REALTEK Wireless LAN Driver
"{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}" = CyberLink YouCam
"{AC76BA86-0804-1033-1959-000182442176}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2E6D81D-6041-5653-60EC-319F618F835D}" = CCC Help Finnish
"{B3985FEC-32AB-BB10-1F9A-D6849B906286}" = Catalyst Control Center Graphics Previews Common
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BBF4F212-F995-117E-3357-5570A40DB833}" = CCC Help German
"{BD2CDEAF-8D83-4553-A3B3-8B614CC6C96E}" = HP PC Hardware Diagnostics Windows
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C01C2E69-F11A-B71D-F01E-52CA199232B0}" = CCC Help French
"{C7E0D59D-253B-7CA2-3B8D-32E474248FAA}" = Catalyst Control Center - Branding
"{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}" = HP Customer Experience Enhancements
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CE66FC84-F15D-A37F-2C26-F86D27F5C1C9}" = CCC Help Chinese Standard
"{D5C69738-B486-402E-85AC-2456D98A64E4}" = Windows 10 Upgrade Assistant
"{D7D5F438-26EF-45AB-AB89-C476FBCF8584}" = HP Support Solutions Framework
"{DD43EA67-DAF3-4879-BFF7-E534675BDEA5}" = HP PC Hardware Diagnostics UEFI
"{DF675B7B-8407-DC1A-A81F-3A86BB1B804A}" = CCC Help Spanish
"{E07D56BB-0433-77AC-4860-88CD25255EDD}" = CCC Help Danish
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C845FB-AEC8-781F-3AB6-DB2C88F54F70}" = CCC Help Thai
"{F4B5AF40-BE6A-511A-ECAA-1DEBE1D5342C}" = CCC Help Turkish
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"Dropbox" = Dropbox
"HP Photo Creations" = HP Photo Creations
"InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}" = CyberLink PhotoDirector
"InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}" = CyberLink PowerDirector 12
"Microsoft Edge" = Microsoft Edge
"Microsoft Edge Update" = Microsoft Edge Update
"Microsoft EdgeWebView" = Microsoft Edge WebView2 Runtime
"MSC" = McAfee LiveSafe
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Connect 9 Add-in" = Adobe Connect 9 Add-in
"GoToMeeting" = GoToMeeting 10.15.0.19228
"OneDriveSetup.exe" = Microsoft OneDrive
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 3/14/2021 8:10:13 PM | Computer Name = DESKTOP-B748AG0 | Source = Application Error | ID = 1000
Description = Faulting application name: RadeonSettings.exe, version: 10.1.1.1680,
time stamp: 0x597135e8 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000000000000 Faulting process
id: 0x1d4c Faulting application start time: 0x01d7192eaeaab0be Faulting application
path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Faulting module path:
unknown Report Id: dd94870b-70b4-4f34-9f88-ec36dd55f57a Faulting package full name:
? Faulting package-relative application ID: ?
Error - 3/14/2021 8:29:37 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description =
Error - 3/14/2021 9:31:34 PM | Computer Name = DESKTOP-B748AG0 | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image
of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied.
.
Error - 3/14/2021 9:37:21 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description =
Error - 3/14/2021 9:40:58 PM | Computer Name = DESKTOP-B748AG0 | Source = Application Error | ID = 1000
Description = Faulting application name: PowerDVD14Agent.exe, version: 14.0.1.5418,
time stamp: 0x55826aab Faulting module name: EvoParser.dll_unloaded, version: 1.2.0.7602,
time stamp: 0x551d0eff Exception code: 0xc0000005 Fault offset: 0x00022e78 Faulting
process id: 0x26b0 Faulting application start time: 0x01d7193c38cd146f Faulting application
path: C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe Faulting module
path: EvoParser.dll Report Id: 2ffc3fa7-37be-426c-bced-27786b28a40a Faulting package
full name: ? Faulting package-relative application ID: ?
Error - 3/14/2021 9:48:57 PM | Computer Name = DESKTOP-B748AG0 | Source = Application Error | ID = 1000
Description = Faulting application name: RadeonSettings.exe, version: 10.1.1.1680,
time stamp: 0x597135e8 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000000000000 Faulting process
id: 0x99c Faulting application start time: 0x01d7193c32a85ee2 Faulting application
path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Faulting module path:
unknown Report Id: fe446323-5cad-4715-9f62-7c6c940788a1 Faulting package full name:
? Faulting package-relative application ID: ?
Error - 3/14/2021 10:04:33 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description =
Error - 3/14/2021 10:47:30 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description =
Error - 3/14/2021 10:52:41 PM | Computer Name = DESKTOP-B748AG0 | Source = Application Error | ID = 1000
Description = Faulting application name: RadeonSettings.exe, version: 10.1.1.1680,
time stamp: 0x597135e8 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000000000000 Faulting process
id: 0x2aa8 Faulting application start time: 0x01d71945458213a2 Faulting application
path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Faulting module path:
unknown Report Id: 65fb3215-e245-43d8-b0d7-64cfcd869767 Faulting package full name:
? Faulting package-relative application ID: ?
Error - 3/14/2021 11:10:12 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description =
[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 3/14/2021 10:39:19 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description =
Error - 3/14/2021 10:39:19 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description =
Error - 3/14/2021 10:39:19 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description =
Error - 3/14/2021 10:39:19 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description =
Error - 3/14/2021 10:39:58 PM | Computer Name = DESKTOP-B748AG0 | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the AMD External Events Utility service.
Error - 3/14/2021 10:40:13 PM | Computer Name = DESKTOP-B748AG0 | Source = TPM | ID = 15
Description = The device driver for the Trusted Platform Module (TPM) encountered
a non-recoverable error in the TPM hardware, which prevents TPM services (such
as data encryption) from being used. For further help, please contact the computer
manufacturer.
Error - 3/14/2021 10:42:15 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description =
Error - 3/14/2021 10:46:10 PM | Computer Name = DESKTOP-B748AG0 | Source = Service Control Manager | ID = 7022
Description = The HP Support Solutions Framework Service service hung on starting.
Error - 3/14/2021 10:46:10 PM | Computer Name = DESKTOP-B748AG0 | Source = Service Control Manager | ID = 7000
Description = The HP Touchpoint Analytics service failed to start due to the following
error: %%2
Error - 3/14/2021 10:46:15 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description =
< End of report >
-
OTL logfile created on: 3/14/2021 9:38:56 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\eades\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.45 Gb Total Physical Memory | 0.52 Gb Available Physical Memory | 15.10% Memory free
10.20 Gb Paging File | 6.67 Gb Available in Paging File | 65.40% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = 😄 | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive 😄 | 911.70 Gb Total Space | 829.82 Gb Free Space | 91.02% Space Free | Partition Type: NTFS
Drive 😧 | 18.51 Gb Total Space | 2.39 Gb Free Space | 12.93% Space Free | Partition Type: NTFS
Computer Name: DESKTOP-B748AG0 | User Name: eades | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - File not found --
PRC - [2021/03/14 20:51:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\eades\Downloads\OTL.exe
PRC - [2021/03/12 23:15:23 | 001,943,400 | ---- | M] (Microsoft Corporation) -- C:\Users\eades\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2021/03/02 21:17:12 | 000,407,272 | ---- | M] (The Qt Company Ltd.) -- C:\Program Files (x86)\Dropbox\Client\117.4.378\QtWebEngineProcess.exe
PRC - [2021/03/02 21:16:04 | 007,992,032 | ---- | M] (Dropbox, Inc.) -- C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
PRC - [2021/02/09 13:57:27 | 000,686,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2021/01/25 22:55:56 | 000,169,672 | ---- | M] (Adobe Inc.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2021/01/08 00:07:09 | 001,889,696 | ---- | M] (McAfee, LLC.) -- C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe
PRC - [2020/09/17 23:48:25 | 090,951,528 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
PRC - [2016/01/10 13:55:05 | 000,307,456 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
PRC - [2016/01/10 13:55:00 | 001,407,744 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
PRC - [2015/07/01 01:41:45 | 000,515,512 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2021/03/10 23:52:14 | 000,611,952 | ---- | M] () -- C:\Windows\SysWOW64\TextShaping.dll
MOD - [2021/03/02 21:17:42 | 000,034,024 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\_yappi.cp38-win32.pyd
MOD - [2021/03/02 21:17:40 | 000,141,552 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\_cffi_backend.cp38-win32.pyd
MOD - [2021/03/02 21:17:38 | 000,125,160 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\_bowbow.cp38-win32.pyd
MOD - [2021/03/02 21:17:38 | 000,035,056 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\wrapt._wrappers.cp38-win32.pyd
MOD - [2021/03/02 21:17:36 | 000,244,456 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winxpgui.cp38-win32.pyd
MOD - [2021/03/02 21:17:36 | 000,029,424 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winshell_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:36 | 000,019,704 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winverifysignature_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:34 | 000,027,896 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winrpcserver_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:34 | 000,019,192 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winscreenshot_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:34 | 000,018,160 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winreindex_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:32 | 000,087,800 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\wininternetcheckapi.cp38-win32.pyd
MOD - [2021/03/02 21:17:32 | 000,022,264 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\wininfinitedrivers_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:30 | 000,039,672 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winenumhandles_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:30 | 000,020,208 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winhttp_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:28 | 000,036,600 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\windisplaytoast_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:28 | 000,028,904 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32ts.cp38-win32.pyd
MOD - [2021/03/02 21:17:28 | 000,024,816 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\wind3d11_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:26 | 000,104,688 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32security.cp38-win32.pyd
MOD - [2021/03/02 21:17:26 | 000,047,856 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32service.cp38-win32.pyd
MOD - [2021/03/02 21:17:26 | 000,024,816 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32profile.cp38-win32.pyd
MOD - [2021/03/02 21:17:24 | 000,058,088 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32print.cp38-win32.pyd
MOD - [2021/03/02 21:17:24 | 000,041,712 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32process.cp38-win32.pyd
MOD - [2021/03/02 21:17:22 | 000,158,440 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32gui.cp38-win32.pyd
MOD - [2021/03/02 21:17:22 | 000,024,808 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32job.cp38-win32.pyd
MOD - [2021/03/02 21:17:22 | 000,024,296 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32pipe.cp38-win32.pyd
MOD - [2021/03/02 21:17:20 | 000,114,408 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32file.cp38-win32.pyd
MOD - [2021/03/02 21:17:20 | 000,060,144 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32evtlog.cp38-win32.pyd
MOD - [2021/03/02 21:17:20 | 000,024,808 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32event.cp38-win32.pyd
MOD - [2021/03/02 21:17:18 | 000,314,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32com.shell.shell.cp38-win32.pyd
MOD - [2021/03/02 21:17:18 | 000,095,976 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32api.cp38-win32.pyd
MOD - [2021/03/02 21:17:18 | 000,023,792 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32clipboard.cp38-win32.pyd
MOD - [2021/03/02 21:17:16 | 000,098,536 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\tprt.cp38-win32.pyd
MOD - [2021/03/02 21:17:16 | 000,020,208 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\user32_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:14 | 000,021,744 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\shell32_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:14 | 000,016,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\shlwapi_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:14 | 000,015,600 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\tornado.speedups.cp38-win32.pyd
MOD - [2021/03/02 21:17:12 | 000,017,136 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\shcore_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:54 | 000,102,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\pywintypes38.dll
MOD - [2021/03/02 21:16:52 | 000,356,064 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\pythoncom38.dll
MOD - [2021/03/02 21:16:50 | 003,705,072 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWidgets.cp38-win32.pyd
MOD - [2021/03/02 21:16:50 | 000,094,952 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.sip.cp38-win32.pyd
MOD - [2021/03/02 21:16:50 | 000,091,376 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWinExtras.cp38-win32.pyd
MOD - [2021/03/02 21:16:48 | 000,186,104 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWebEngineWidgets.cp38-win32.pyd
MOD - [2021/03/02 21:16:48 | 000,082,680 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWebEngineCore.cp38-win32.pyd
MOD - [2021/03/02 21:16:46 | 000,667,888 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtQuick.cp38-win32.pyd
MOD - [2021/03/02 21:16:46 | 000,049,904 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWebEngine.cp38-win32.pyd
MOD - [2021/03/02 21:16:46 | 000,035,568 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWebChannel.cp38-win32.pyd
MOD - [2021/03/02 21:16:44 | 000,536,304 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtNetwork.cp38-win32.pyd
MOD - [2021/03/02 21:16:44 | 000,351,984 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtQml.cp38-win32.pyd
MOD - [2021/03/02 21:16:44 | 000,195,832 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtPrintSupport.cp38-win32.pyd
MOD - [2021/03/02 21:16:42 | 001,893,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtGui.cp38-win32.pyd
MOD - [2021/03/02 21:16:42 | 001,844,976 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtCore.cp38-win32.pyd
MOD - [2021/03/02 21:16:40 | 000,065,272 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\psutil._psutil_windows.cp38-win32.pyd
MOD - [2021/03/02 21:16:38 | 000,050,416 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\nucleus_python.cp38-win32.pyd
MOD - [2021/03/02 21:16:36 | 002,858,208 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\libGLESv2.dll
MOD - [2021/03/02 21:16:36 | 000,021,224 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\mmapfile.cp38-win32.pyd
MOD - [2021/03/02 21:16:34 | 000,024,816 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\kernel32_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:34 | 000,022,752 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\libEGL.dll
MOD - [2021/03/02 21:16:34 | 000,016,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\gdi32_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:32 | 002,609,896 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_watchdog.dll
MOD - [2021/03/02 21:16:32 | 000,071,912 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\fastpath.cp38-win32.pyd
MOD - [2021/03/02 21:16:32 | 000,021,216 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_tprt.dll
MOD - [2021/03/02 21:16:30 | 024,578,784 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_core.dll
MOD - [2021/03/02 21:16:30 | 000,016,104 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_sqlite_ext.dll
MOD - [2021/03/02 21:16:26 | 002,103,048 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\cryptography.hazmat.bindings._openssl.cp38-win32.pyd
MOD - [2021/03/02 21:16:26 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dbghelp_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:26 | 000,017,160 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\cryptography.hazmat.bindings._padding.cp38-win32.pyd
MOD - [2021/03/02 21:16:24 | 000,018,672 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\crashpad_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:24 | 000,017,136 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\cpuid_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:18 | 000,113,904 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\allocator_metrics.cp38-win32.pyd
MOD - [2021/03/02 21:16:18 | 000,040,680 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\apex._apex.cp38-win32.pyd
MOD - [2021/03/02 21:16:18 | 000,016,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\advapi32_native.cp38-win32.pyd
MOD - [2021/03/02 21:12:28 | 000,636,136 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_crashpad.dll
MOD - [2021/01/12 22:14:17 | 000,455,680 | ---- | M] () -- C:\Windows\SysWOW64\WindowManagementAPI.dll
MOD - [2020/10/13 12:01:40 | 000,047,472 | ---- | M] () -- C:\Windows\SysWOW64\umpdc.dll
MOD - [2020/09/17 23:47:57 | 000,474,984 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\uwp_credentials_fetcher.node
MOD - [2020/09/17 23:47:57 | 000,142,200 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\wam.node
MOD - [2020/09/17 23:47:56 | 007,755,616 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\slimcore.node
MOD - [2020/09/17 23:47:56 | 002,601,312 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\skypert.dll
MOD - [2020/09/17 23:47:55 | 000,100,192 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\sharing-indicator.node
MOD - [2020/09/17 23:47:52 | 000,718,176 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\RtmPal.dll
MOD - [2020/09/17 23:47:52 | 000,116,576 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\RtmControl.dll
MOD - [2020/09/17 23:47:51 | 000,141,168 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\keytar.node
MOD - [2020/09/17 23:47:51 | 000,114,040 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\electron_utility.node
MOD - [2020/09/17 23:47:43 | 006,903,808 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\libGLESv2.dll
MOD - [2020/09/17 23:47:43 | 000,310,784 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\libEGL.dll
MOD - [2020/09/17 23:47:42 | 002,072,064 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\ffmpeg.dll
MOD - [1999/12/31 18:00:00 | 000,029,200 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\libffi-7.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe -- (HPTouchpointAnalyticsService)
SRV:[b]64bit:[/b] - [2021/03/10 23:55:52 | 000,442,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2021/03/10 23:53:56 | 002,246,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:53:54 | 000,995,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2021/03/10 23:53:03 | 000,036,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2021/03/10 23:52:03 | 000,205,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2021/03/10 23:51:32 | 001,019,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:51:28 | 001,479,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2021/03/10 23:51:09 | 003,901,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:50:37 | 000,567,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usosvc.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:50:34 | 000,601,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:50:27 | 005,858,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2021/03/10 23:50:22 | 002,437,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:52 | 000,288,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:50 | 002,111,488 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\windowsudk.shellcommon.dll -- (UdkUserSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:46 | 000,388,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc_60a11)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:46 | 000,388,888 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:37 | 000,443,904 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\AarSvc.dll -- (AarSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:35 | 000,937,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dll -- (WManSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:35 | 000,072,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2021/03/02 21:12:28 | 000,044,272 | ---- | M] (Dropbox, Inc.) [Auto | Running] -- C:\Windows\SysNative\DbxSvc.exe -- (DbxSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:58:35 | 000,487,424 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:58:34 | 000,651,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2021/02/09 13:57:53 | 000,124,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:57:52 | 000,237,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:57:41 | 001,024,000 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:57:36 | 001,384,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:54 | 000,182,272 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:46 | 000,866,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:40 | 003,815,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:33 | 000,988,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:30 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:29 | 000,598,016 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:28 | 000,223,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:58 | 001,094,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:56 | 001,522,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:51 | 000,611,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:51 | 000,482,816 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:48 | 001,924,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:47 | 000,751,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:46 | 000,382,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:45 | 001,270,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:45 | 001,049,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2021/02/05 21:04:00 | 000,326,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Update Health Tools\uhssvc.exe -- (uhssvc)
SRV:[b]64bit:[/b] - [2021/01/20 05:32:38 | 001,627,680 | ---- | M] (McAfee, LLC) [Auto | Running] -- C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe -- (ModuleCoreService)
SRV:[b]64bit:[/b] - [2021/01/15 13:56:46 | 000,779,080 | ---- | M] (McAfee, LLC) [Auto | Running] -- C:\Program Files\Common Files\McAfee\VSCore_20_12\mcapexe.exe -- (McAPExe)
SRV:[b]64bit:[/b] - [2021/01/12 22:19:29 | 000,734,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2021/01/12 22:19:16 | 000,351,744 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:18:27 | 000,134,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:52 | 000,876,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:52 | 000,307,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:26 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:36 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:23 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe -- (perceptionsimulation)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:22 | 001,295,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:22 | 001,190,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll -- (DisplayEnhancementService)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:21 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\autotimesvc.dll -- (autotimesvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:12:49 | 001,265,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2021/01/12 22:12:44 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:12:33 | 000,860,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2021/01/12 22:12:00 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2021/01/12 22:11:51 | 000,986,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:58 | 000,489,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:51 | 000,245,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:51 | 000,085,504 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:50 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:40 | 001,554,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:39 | 001,191,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:39 | 000,196,096 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:38 | 000,281,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:38 | 000,051,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:28 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:27 | 001,494,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:27 | 001,223,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:26 | 000,371,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:18 | 000,770,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:17 | 000,391,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:16 | 000,240,688 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:15 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:53 | 000,159,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:32 | 000,995,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:27 | 000,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:16 | 000,938,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:04 | 000,957,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:04 | 000,238,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:03 | 000,418,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MitigationClient.dll -- (TroubleshootingSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:03 | 000,302,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:03 | 000,091,648 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:02 | 001,253,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:01 | 001,023,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:01 | 000,500,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:01 | 000,392,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:08:59 | 003,596,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2021/01/08 03:56:22 | 004,240,160 | ---- | M] (McAfee, LLC) [Auto | Running] -- C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe -- (PEFService)
SRV:[b]64bit:[/b] - [2021/01/05 22:54:54 | 002,784,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\CSP\4.0.110.0\\McCSPServiceHost.exe -- (mccspsvc)
SRV:[b]64bit:[/b] - [2020/12/10 21:36:08 | 000,645,736 | ---- | M] (McAfee, LLC) [On_Demand | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2020/12/10 21:36:08 | 000,645,736 | ---- | M] (McAfee, LLC) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe -- (mfemms)
SRV:[b]64bit:[/b] - [2020/12/10 21:36:08 | 000,645,736 | ---- | M] (McAfee, LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:49 | 000,247,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:48 | 000,179,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:47 | 000,251,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:45 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:34 | 000,924,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:28 | 000,842,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2020/10/13 12:02:11 | 000,379,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\DispBroker.Desktop.dll -- (DispBrokerDesktopSvc)
SRV:[b]64bit:[/b] - [2020/10/13 12:02:07 | 000,329,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:43 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UdkUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DeviceAssociationBrokerSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (AarSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/02 03:34:34 | 000,096,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:[b]64bit:[/b] - [2020/10/02 03:32:55 | 000,304,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2020/10/02 03:32:55 | 000,304,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2020/10/02 03:32:26 | 000,087,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2020/10/02 03:30:41 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2020/10/02 03:30:08 | 000,466,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2020/10/02 03:29:32 | 002,242,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2020/10/02 03:29:31 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:54 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:51 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:37 | 000,028,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:33 | 000,341,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:33 | 000,066,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:32 | 000,625,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:54 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:52 | 000,171,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:52 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:52 | 000,058,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:33 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:27 | 000,094,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:27 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:22 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:13 | 000,675,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:05 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2019/10/15 07:50:00 | 000,384,512 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:[b]64bit:[/b] - [2018/05/31 17:03:56 | 001,508,656 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe -- (ClientAnalyticsService)
SRV:[b]64bit:[/b] - [2016/01/10 13:55:05 | 000,307,456 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:[b]64bit:[/b] - [2016/01/10 13:31:19 | 000,255,504 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2014/04/14 20:59:04 | 000,389,896 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2021/03/10 23:56:03 | 000,494,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2021/03/10 23:54:22 | 000,033,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2021/03/10 23:52:45 | 000,715,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2021/03/10 23:52:41 | 000,630,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2021/03/10 23:52:34 | 005,424,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2021/03/10 23:52:17 | 001,843,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2021/03/10 23:52:05 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\AarSvc.dll -- (AarSvc)
SRV - [2021/03/10 02:32:33 | 001,559,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.50\elevation_service.exe -- (MicrosoftEdgeElevationService)
SRV - [2021/02/09 13:58:36 | 000,345,600 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2021/02/09 13:57:34 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2021/02/09 13:57:13 | 001,234,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2021/01/25 22:55:56 | 000,169,672 | ---- | M] (Adobe Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2021/01/12 22:18:44 | 000,104,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV - [2021/01/12 22:14:26 | 000,188,536 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV - [2021/01/12 22:14:24 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2021/01/12 22:14:15 | 000,962,048 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2021/01/12 22:13:08 | 000,751,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2021/01/12 22:12:54 | 000,733,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\BTAGService.dll -- (BTAGService)
SRV - [2021/01/12 22:08:59 | 003,596,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2020/10/03 00:12:46 | 002,343,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe -- (WdNisSvc)
SRV - [2020/10/03 00:12:46 | 000,128,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe -- (WinDefend)
SRV - [2020/10/02 03:34:36 | 000,075,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2020/08/20 09:33:42 | 000,379,736 | ---- | M] (HP Inc.) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2020/07/11 00:22:03 | 000,224,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdatem)
SRV - [2020/07/11 00:22:03 | 000,224,160 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdate)
SRV - [2019/12/07 04:31:59 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2017/04/05 16:09:10 | 000,317,400 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/12/24 20:27:43 | 000,143,144 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdatem)
SRV - [2015/12/24 20:27:43 | 000,143,144 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdate)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2021/03/10 23:51:27 | 000,403,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:33 | 000,202,544 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:33 | 000,149,328 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:33 | 000,093,184 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:33 | 000,091,136 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\cimfs.sys -- (CimFS)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:29 | 000,180,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:45 | 000,958,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:36 | 000,259,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:34 | 000,677,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:34 | 000,155,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:34 | 000,051,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:33 | 000,329,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:45 | 000,207,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:31 | 000,495,104 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:30 | 002,004,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:19 | 000,321,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:19 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2021/02/09 13:55:44 | 000,305,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2021/02/09 13:55:44 | 000,060,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2021/01/18 03:58:42 | 000,089,112 | ---- | M] (McAfee, LLC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)
DRV:[b]64bit:[/b] - [2021/01/12 22:09:00 | 000,639,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2021/01/12 22:08:59 | 000,255,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2020/12/17 07:02:22 | 000,608,192 | ---- | M] (McAfee LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:[b]64bit:[/b] - [2020/12/17 07:02:22 | 000,107,968 | ---- | M] (McAfee LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:48 | 000,522,176 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:48 | 000,252,352 | ---- | M] (McAfee, LLC) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:48 | 000,116,672 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeplk.sys -- (mfeplk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:48 | 000,075,712 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:46 | 001,027,520 | ---- | M] (McAfee, LLC) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:46 | 000,544,704 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeaack.sys -- (mfeaack)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:46 | 000,385,984 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:46 | 000,085,944 | ---- | M] (McAfee, LLC) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:[b]64bit:[/b] - [2020/12/09 07:20:08 | 000,031,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2020/12/09 07:19:49 | 000,095,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2020/12/09 07:18:59 | 000,233,800 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2020/12/09 07:18:16 | 000,602,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2020/12/09 07:18:16 | 000,418,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2020/12/09 07:18:16 | 000,168,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2020/11/25 00:21:28 | 000,104,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon)
DRV:[b]64bit:[/b] - [2020/11/25 00:19:47 | 000,250,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2020/10/13 12:00:57 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2020/10/13 12:00:23 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2020/10/13 12:00:05 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2020/10/13 11:58:46 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2020/10/13 11:58:42 | 000,026,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\IntelTA.sys -- (Telemetry)
DRV:[b]64bit:[/b] - [2020/10/03 00:12:47 | 000,069,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2020/10/03 00:12:46 | 000,428,256 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2020/10/03 00:12:46 | 000,048,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2020/10/02 03:31:10 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:[b]64bit:[/b] - [2020/10/02 03:30:40 | 000,322,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msquic.sys -- (MsQuic)
DRV:[b]64bit:[/b] - [2020/10/02 03:30:08 | 000,113,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:42 | 000,183,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:14 | 000,159,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:07 | 000,386,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:01 | 000,647,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:01 | 000,185,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:01 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:01 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:00 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2020/05/26 01:11:56 | 000,218,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:[b]64bit:[/b] - [2019/12/07 03:52:38 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2019/12/07 03:52:37 | 000,090,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:48 | 000,072,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPing.sys -- (NDKPing)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:37 | 000,095,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:34 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\spaceparser.sys -- (spaceparser)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:33 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:33 | 000,088,080 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:05 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:05 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:49 | 000,347,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:49 | 000,033,592 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:46 | 000,990,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:41 | 000,097,080 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:41 | 000,078,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:39 | 000,023,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,188,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,160,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,092,984 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,087,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,076,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,076,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,040,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:36 | 000,173,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:36 | 000,086,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:36 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\portcfg.sys -- (portcfg)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:16 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,415,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Acx01000.sys -- (Acx01000)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,259,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,139,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,059,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,059,392 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,042,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:05 | 000,057,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:05 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,089,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,059,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,041,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,035,128 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,027,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,023,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,019,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys -- (VirtualRender)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,110,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,103,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,056,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,055,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,041,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,033,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,029,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,018,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 001,853,752 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 001,131,320 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,884,752 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,558,904 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,537,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,319,800 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,305,464 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,168,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,158,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,146,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,138,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,079,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,073,016 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,064,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,043,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,036,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 001,135,416 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,259,384 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,209,720 | ---- | M] (Microsemi Corportation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\SmartSAMD.sys -- (SmartSAMD)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,172,344 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,135,992 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,124,216 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,107,320 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,105,480 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,083,256 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,082,744 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,081,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,068,408 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,064,312 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,063,800 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,058,680 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,034,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,031,032 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,026,936 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,016,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 003,418,936 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,533,816 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,260,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio2.sys -- (usbaudio2)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,124,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,035,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,018,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,279,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthA2dp.sys -- (BthA2dp)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,177,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys -- (iaLPSS2i_I2C_GLK)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,177,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys -- (iaLPSS2i_I2C_CNL)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,144,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthHfEnum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,112,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys -- (iaLPSS2i_GPIO2_CNL)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys -- (iaLPSS2i_GPIO2_GLK)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,093,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,091,136 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,066,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,045,568 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdi2c.sys -- (amdi2c)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,036,352 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelpmax.sys -- (intelpmax)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,018,432 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdgpio2.sys -- (amdgpio2)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2019/06/27 09:14:58 | 000,138,064 | ---- | M] (Advanced Micro Devices, Inc. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdpsp.sys -- (amdpsp)
DRV:[b]64bit:[/b] - [2019/05/28 08:07:36 | 009,625,384 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane02.sys -- (RTWlanE02)
DRV:[b]64bit:[/b] - [2017/06/12 05:07:20 | 000,095,080 | ---- | M] (Advanced Micro Devices, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdkmcsp.sys -- (amdkmcsp)
DRV:[b]64bit:[/b] - [2017/04/26 01:09:04 | 000,110,088 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWT6.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2016/08/18 06:41:28 | 000,049,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:[b]64bit:[/b] - [2016/02/17 17:27:02 | 000,896,768 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2016/01/10 13:31:19 | 021,645,320 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2016/01/10 13:31:19 | 000,676,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (AMDKMDAP)
DRV:[b]64bit:[/b] - [2015/06/04 09:07:46 | 000,073,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:[b]64bit:[/b] - [2015/06/01 19:44:53 | 000,301,784 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:[b]64bit:[/b] - [2013/10/29 01:26:46 | 000,041,704 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd6.sys -- (clwvd6)
DRV - [2020/10/02 03:32:11 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2020/10/02 03:29:01 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys -- (BasicRender)
DRV - [2019/12/07 03:07:57 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys -- (VirtualRender)
DRV - [2019/12/07 03:07:56 | 000,110,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys -- (UfxChipidea)
DRV - [2019/12/07 03:07:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys -- (UrsChipidea)
DRV - [2019/12/07 03:07:56 | 000,029,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys -- (UrsSynopsys)
DRV - [2019/12/07 03:07:56 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys -- (genericusbfn)
DRV - [2019/12/07 03:07:54 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys -- (BasicDisplay)
DRV - [2019/12/07 03:07:53 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys -- (umbus)
DRV - [2019/12/07 03:07:53 | 000,034,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys -- (UEFI)
DRV - [2019/12/07 03:07:50 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys -- (CompositeBus)
DRV - [2019/12/07 03:07:50 | 000,018,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys -- (swenum)
[color=#E56717]========== Standard Registry (All) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKLM\..\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = E8 D7 83 EE EB 40 D1 01 [binary data]
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 48 00 00 00 8A 10 0C 41 4D 61 71 D3 6E 1C 0B D7 A8 7A 35 4E 0D 0E 98 8D 16 07 E3 1B 3B F1 C2 96 DD 54 43 3D FC B4 68 84 22 F7 2B B0 F2 D1 70 39 D2 E8 EF 54 C1 44 B9 A0 91 1F EF EA 65 DC 4C 06 0C 39 AC B1 A7 8E 44 CA C4 B7 0B 73 02 00 00 00 0E 00 00 00 30 77 71 6F 76 67 38 6D 70 56 63 25 33 64 [Binary data over 200 bytes]
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\eades\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\wss.mcafee.chrome.extension\\: C:\PROGRAM FILES\MCAFEE\MSC\WSS.MCAFEE.FIREFOX.EXTENSION.JSON [2021/01/20 11:08:44 | 000,000,239 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\MCAFEE\MSKHKLM
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\wss.mcafee.chrome.extension\\: C:\Program Files\mcafee\MSC\wss.mcafee.firefox.extension.json [2021/01/20 11:08:44 | 000,000,239 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2021/02/15 23:53:05 | 000,000,000 | ---D | M]
[color=#E56717]========== Chrome ==========[/color]
O1 HOSTS File: ([2017/02/08 18:36:48 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.50\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.50\BHO\ie_to_edge_bho.dll (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PowerDVD14Agent] C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\Run: [HP Deskjet 3510 series (NET)] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\Run: [MicrosoftEdgeAutoLaunch_F26A7C5FFE1ED957283F3B8688899C87] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\Run: [OneDrive] C:\Users\eades\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..Trusted Domains: sharepoint.com ([bgh2-files] https in Trusted sites)
O15 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..Trusted Domains: sharepoint.com ([bgh2-myfiles] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1823a591-e8d5-4763-b630-a92b04f795a8}: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25d0363f-a606-4b41-8dbd-fbccca3e23f2}: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, LLC)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, LLC)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2021/03/14 19:18:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2021/03/14 18:22:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2021/03/10 23:56:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cngkeyhelper.dll
[2021/03/10 23:55:59 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2021/03/10 23:55:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2021/03/10 23:55:57 | 004,272,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2021/03/10 23:55:57 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConsoleLogon.dll
[2021/03/10 23:55:57 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConsoleLogon.dll
[2021/03/10 23:55:57 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinBioDataModelOOBE.exe
[2021/03/10 23:55:56 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinBioDataModel.dll
[2021/03/10 23:55:51 | 004,824,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2021/03/10 23:55:51 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WalletService.dll
[2021/03/10 23:55:06 | 002,339,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2021/03/10 23:55:06 | 000,951,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2021/03/10 23:54:50 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVXENCD.DLL
[2021/03/10 23:54:49 | 001,014,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2021/03/10 23:54:49 | 000,176,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\COLORCNV.DLL
[2021/03/10 23:54:49 | 000,100,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VIDRESZR.DLL
[2021/03/10 23:54:48 | 003,557,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2021/03/10 23:54:48 | 001,301,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2021/03/10 23:54:48 | 001,126,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2021/03/10 23:54:48 | 001,092,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSI.PCShell.dll
[2021/03/10 23:54:48 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Analog.Shell.Broker.dll
[2021/03/10 23:54:45 | 024,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2021/03/10 23:54:45 | 002,453,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2021/03/10 23:54:44 | 002,520,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2021/03/10 23:54:44 | 000,689,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVXENCD.DLL
[2021/03/10 23:54:44 | 000,423,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2021/03/10 23:54:44 | 000,203,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\COLORCNV.DLL
[2021/03/10 23:54:44 | 000,114,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VIDRESZR.DLL
[2021/03/10 23:54:43 | 004,795,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2021/03/10 23:54:43 | 001,956,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2021/03/10 23:54:43 | 001,352,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2021/03/10 23:54:42 | 000,530,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2021/03/10 23:54:35 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\provplatformdesktop.dll
[2021/03/10 23:54:35 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2021/03/10 23:54:34 | 007,109,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2021/03/10 23:54:34 | 001,314,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2021/03/10 23:54:33 | 001,548,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2021/03/10 23:54:33 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\opengl32.dll
[2021/03/10 23:54:33 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glu32.dll
[2021/03/10 23:54:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msimsg.dll
[2021/03/10 23:54:32 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbnetlib.dll
[2021/03/10 23:54:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2021/03/10 23:54:30 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2021/03/10 23:54:29 | 000,379,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2021/03/10 23:54:29 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2021/03/10 23:54:27 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2021/03/10 23:54:26 | 000,837,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2021/03/10 23:54:24 | 019,870,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2021/03/10 23:54:23 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2021/03/10 23:54:22 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2021/03/10 23:54:22 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\net1.exe
[2021/03/10 23:54:22 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\udhisapi.dll
[2021/03/10 23:54:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XInput1_4.dll
[2021/03/10 23:54:22 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\upnpcont.exe
[2021/03/10 23:54:21 | 002,495,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2021/03/10 23:54:21 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PayloadRestrictions.dll
[2021/03/10 23:54:21 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2021/03/10 23:54:21 | 000,033,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smphost.dll
[2021/03/10 23:53:57 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provplatformdesktop.dll
[2021/03/10 23:53:56 | 002,246,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2021/03/10 23:53:56 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2021/03/10 23:53:56 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2021/03/10 23:53:56 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFolders.exe
[2021/03/10 23:53:56 | 000,018,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshhyperv.dll
[2021/03/10 23:53:55 | 000,361,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2021/03/10 23:53:55 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2021/03/10 23:53:54 | 008,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2021/03/10 23:53:54 | 002,040,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2021/03/10 23:53:54 | 001,721,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2021/03/10 23:53:53 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2021/03/10 23:53:53 | 000,995,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2021/03/10 23:53:53 | 000,149,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Profile.HardwareId.dll
[2021/03/10 23:53:52 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glu32.dll
[2021/03/10 23:53:51 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\opengl32.dll
[2021/03/10 23:53:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msimsg.dll
[2021/03/10 23:53:50 | 003,293,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2021/03/10 23:53:49 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbnetlib.dll
[2021/03/10 23:53:49 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2021/03/10 23:53:48 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IESettingSync.exe
[2021/03/10 23:53:48 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2021/03/10 23:53:47 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2021/03/10 23:53:46 | 004,901,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2021/03/10 23:53:45 | 007,784,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2021/03/10 23:53:44 | 000,887,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2021/03/10 23:53:44 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2021/03/10 23:53:41 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2021/03/10 23:53:41 | 000,944,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2021/03/10 23:53:37 | 026,273,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2021/03/10 23:53:35 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2021/03/10 23:53:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2021/03/10 23:53:04 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XInput1_4.dll
[2021/03/10 23:53:03 | 000,036,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smphost.dll
[2021/03/10 23:53:02 | 003,178,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2021/03/10 23:53:02 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2021/03/10 23:53:02 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2021/03/10 23:53:02 | 000,086,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spaceman.exe
[2021/03/10 23:53:01 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\net1.exe
[2021/03/10 23:52:58 | 001,314,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2021/03/10 23:52:58 | 000,805,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2021/03/10 23:52:58 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2021/03/10 23:52:58 | 000,218,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2021/03/10 23:52:57 | 001,570,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2021/03/10 23:52:57 | 001,268,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2021/03/10 23:52:57 | 000,171,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2021/03/10 23:52:57 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\udhisapi.dll
[2021/03/10 23:52:56 | 000,973,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PayloadRestrictions.dll
[2021/03/10 23:52:56 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upnpcont.exe
[2021/03/10 23:52:55 | 001,720,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2021/03/10 23:52:54 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2021/03/10 23:52:53 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2021/03/10 23:52:53 | 000,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2021/03/10 23:52:53 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtm.dll
[2021/03/10 23:52:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtprio.dll
[2021/03/10 23:52:52 | 001,044,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2021/03/10 23:52:52 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2021/03/10 23:52:52 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvsetup.dll
[2021/03/10 23:52:52 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spfileq.dll
[2021/03/10 23:52:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2021/03/10 23:52:50 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2021/03/10 23:52:50 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3r.dll
[2021/03/10 23:52:49 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2021/03/10 23:52:48 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll
[2021/03/10 23:52:48 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2021/03/10 23:52:47 | 008,899,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2021/03/10 23:52:47 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2021/03/10 23:52:47 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2021/03/10 23:52:45 | 000,948,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2021/03/10 23:52:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DMAlertListener.ProxyStub.dll
[2021/03/10 23:52:44 | 000,715,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2021/03/10 23:52:44 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2021/03/10 23:52:44 | 000,410,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2021/03/10 23:52:44 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovs.dll
[2021/03/10 23:52:44 | 000,174,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\omadmapi.dll
[2021/03/10 23:52:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmpushproxy.dll
[2021/03/10 23:52:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2021/03/10 23:52:44 | 000,020,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerEnc.dll
[2021/03/10 23:52:43 | 001,494,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2021/03/10 23:52:43 | 000,482,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2021/03/10 23:52:43 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2021/03/10 23:52:43 | 000,151,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2021/03/10 23:52:42 | 000,896,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2021/03/10 23:52:42 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2021/03/10 23:52:41 | 002,635,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2021/03/10 23:52:41 | 000,630,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2021/03/10 23:52:41 | 000,603,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2021/03/10 23:52:40 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2021/03/10 23:52:39 | 000,965,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2021/03/10 23:52:39 | 000,734,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2021/03/10 23:52:39 | 000,456,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2021/03/10 23:52:39 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2021/03/10 23:52:39 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtutil.exe
[2021/03/10 23:52:39 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2021/03/10 23:52:38 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2021/03/10 23:52:37 | 002,750,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2021/03/10 23:52:37 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2021/03/10 23:52:37 | 000,092,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2021/03/10 23:52:36 | 001,587,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2021/03/10 23:52:36 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2021/03/10 23:52:36 | 000,179,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Management.Workplace.dll
[2021/03/10 23:52:36 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2021/03/10 23:52:36 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml6r.dll
[2021/03/10 23:52:35 | 003,824,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2021/03/10 23:52:35 | 000,602,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2021/03/10 23:52:35 | 000,583,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StateRepository.Core.dll
[2021/03/10 23:52:35 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2021/03/10 23:52:35 | 000,176,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2021/03/10 23:52:35 | 000,099,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
[2021/03/10 23:52:35 | 000,042,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryCore.dll
[2021/03/10 23:52:34 | 005,424,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2021/03/10 23:52:34 | 000,759,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2021/03/10 23:52:34 | 000,126,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\profext.dll
[2021/03/10 23:52:33 | 006,361,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2021/03/10 23:52:33 | 001,695,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2021/03/10 23:52:33 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2021/03/10 23:52:18 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2021/03/10 23:52:17 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2021/03/10 23:52:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TileDataRepository.dll
[2021/03/10 23:52:17 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fidocredprov.dll
[2021/03/10 23:52:16 | 002,602,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2021/03/10 23:52:16 | 000,754,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2021/03/10 23:52:16 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2021/03/10 23:52:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2021/03/10 23:52:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2021/03/10 23:52:15 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2021/03/10 23:52:15 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2021/03/10 23:52:15 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2021/03/10 23:52:14 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2021/03/10 23:52:14 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2021/03/10 23:52:14 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2021/03/10 23:52:13 | 001,055,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2021/03/10 23:52:13 | 000,654,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2021/03/10 23:52:13 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d9on12.dll
[2021/03/10 23:52:13 | 000,468,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11on12.dll
[2021/03/10 23:52:13 | 000,061,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2021/03/10 23:52:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AssignedAccessRuntime.dll
[2021/03/10 23:52:12 | 001,391,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2021/03/10 23:52:11 | 014,762,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2021/03/10 23:52:10 | 000,943,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2021/03/10 23:52:10 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2021/03/10 23:52:09 | 000,264,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2021/03/10 23:52:09 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2021/03/10 23:52:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winrscmd.dll
[2021/03/10 23:52:09 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManMigrationPlugin.dll
[2021/03/10 23:52:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmprovhost.exe
[2021/03/10 23:52:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2021/03/10 23:52:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmRes.dll
[2021/03/10 23:52:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2021/03/10 23:52:09 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmplpxy.dll
[2021/03/10 23:52:08 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2021/03/10 23:52:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2021/03/10 23:52:08 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2021/03/10 23:52:07 | 004,743,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2021/03/10 23:52:07 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcext.dll
[2021/03/10 23:52:07 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2021/03/10 23:52:07 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2021/03/10 23:52:07 | 000,312,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2021/03/10 23:52:06 | 004,123,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2021/03/10 23:52:06 | 000,922,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll
[2021/03/10 23:52:06 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2021/03/10 23:52:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCertResources.dll
[2021/03/10 23:52:05 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntimewindows.dll
[2021/03/10 23:52:05 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntime.dll
[2021/03/10 23:52:05 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.ConversationalAgent.dll
[2021/03/10 23:52:05 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AarSvc.dll
[2021/03/10 23:52:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2021/03/10 23:52:03 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2021/03/10 23:52:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2021/03/10 23:52:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardBi.dll
[2021/03/10 23:51:59 | 002,204,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2021/03/10 23:51:59 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2021/03/10 23:51:59 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.FileExplorer.Common.dll
[2021/03/10 23:51:58 | 000,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2021/03/10 23:51:58 | 000,702,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2021/03/10 23:51:58 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.FileExplorer.dll
[2021/03/10 23:51:57 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2021/03/10 23:51:57 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2021/03/10 23:51:57 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2021/03/10 23:51:57 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtprio.dll
[2021/03/10 23:51:56 | 001,335,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2021/03/10 23:51:56 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2021/03/10 23:51:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2021/03/10 23:51:56 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtm.dll
[2021/03/10 23:51:55 | 004,650,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2021/03/10 23:51:55 | 000,326,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2021/03/10 23:51:55 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spfileq.dll
[2021/03/10 23:51:54 | 003,938,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2021/03/10 23:51:54 | 001,434,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2021/03/10 23:51:54 | 001,240,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_IME.dll
[2021/03/10 23:51:53 | 002,179,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2021/03/10 23:51:53 | 000,554,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2021/03/10 23:51:53 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2021/03/10 23:51:52 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2021/03/10 23:51:52 | 000,379,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2021/03/10 23:51:52 | 000,362,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2021/03/10 23:51:51 | 001,751,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2021/03/10 23:51:51 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2021/03/10 23:51:50 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml3r.dll
[2021/03/10 23:51:36 | 000,765,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFx02000.dll
[2021/03/10 23:51:36 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2021/03/10 23:51:36 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AxInstUI.exe
[2021/03/10 23:51:35 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockController.dll
[2021/03/10 23:51:35 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockHostingFramework.dll
[2021/03/10 23:51:35 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2021/03/10 23:51:35 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2021/03/10 23:51:35 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2021/03/10 23:51:34 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2021/03/10 23:51:33 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2021/03/10 23:51:33 | 001,068,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2021/03/10 23:51:33 | 000,288,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2021/03/10 23:51:33 | 000,133,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2021/03/10 23:51:32 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2021/03/10 23:51:32 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2021/03/10 23:51:32 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmclient.exe
[2021/03/10 23:51:32 | 000,223,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmapi.dll
[2021/03/10 23:51:32 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2021/03/10 23:51:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2021/03/10 23:51:32 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmprc.exe
[2021/03/10 23:51:32 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2021/03/10 23:51:32 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMAlertListener.ProxyStub.dll
[2021/03/10 23:51:31 | 001,787,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2021/03/10 23:51:31 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2021/03/10 23:51:30 | 000,544,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMPushRouterCore.dll
[2021/03/10 23:51:30 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmpushproxy.dll
[2021/03/10 23:51:29 | 000,873,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2021/03/10 23:51:29 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\configmanager2.dll
[2021/03/10 23:51:29 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2021/03/10 23:51:29 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2021/03/10 23:51:29 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovs.dll
[2021/03/10 23:51:29 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2021/03/10 23:51:28 | 001,479,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2021/03/10 23:51:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntlanman.dll
[2021/03/10 23:51:27 | 001,129,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2021/03/10 23:51:27 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2021/03/10 23:51:27 | 000,502,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2021/03/10 23:51:27 | 000,403,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2021/03/10 23:51:27 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_G18030.DLL
[2021/03/10 23:51:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_IS2022.DLL
[2021/03/10 23:51:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\c_GSM7.DLL
[2021/03/10 23:51:26 | 000,115,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profapi.dll
[2021/03/10 23:51:25 | 010,842,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2021/03/10 23:51:24 | 002,024,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2021/03/10 23:51:24 | 000,488,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2021/03/10 23:51:24 | 000,171,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2021/03/10 23:51:24 | 000,024,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerEnc.dll
[2021/03/10 23:51:24 | 000,017,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2021/03/10 23:51:23 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2021/03/10 23:51:23 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2021/03/10 23:51:23 | 000,568,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2021/03/10 23:51:23 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2021/03/10 23:51:23 | 000,260,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2021/03/10 23:51:23 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2021/03/10 23:51:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pacjsworker.exe
[2021/03/10 23:51:22 | 001,425,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2021/03/10 23:51:22 | 001,393,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2021/03/10 23:51:21 | 003,507,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2021/03/10 23:51:21 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2021/03/10 23:51:21 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2021/03/10 23:51:20 | 010,352,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2021/03/10 23:51:20 | 000,531,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2021/03/10 23:51:19 | 003,592,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2021/03/10 23:51:19 | 000,764,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2021/03/10 23:51:19 | 000,522,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2021/03/10 23:51:18 | 000,412,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2021/03/10 23:51:17 | 001,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2021/03/10 23:51:17 | 001,555,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2021/03/10 23:51:17 | 001,394,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2021/03/10 23:51:17 | 001,198,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2021/03/10 23:51:16 | 000,389,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2021/03/10 23:51:16 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Win32CompatibilityAppraiserCSP.dll
[2021/03/10 23:51:15 | 002,007,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2021/03/10 23:51:15 | 001,213,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2021/03/10 23:51:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2021/03/10 23:51:15 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tier2punctuations.dll
[2021/03/10 23:51:14 | 003,852,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2021/03/10 23:51:13 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Language.dll
[2021/03/10 23:51:13 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Region.dll
[2021/03/10 23:51:11 | 001,215,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2021/03/10 23:51:11 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2021/03/10 23:51:11 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2021/03/10 23:51:10 | 001,767,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2021/03/10 23:51:09 | 003,901,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2021/03/10 23:51:09 | 002,454,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2021/03/10 23:50:47 | 001,139,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2021/03/10 23:50:47 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2021/03/10 23:50:46 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winrscmd.dll
[2021/03/10 23:50:46 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManMigrationPlugin.dll
[2021/03/10 23:50:46 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmprovhost.exe
[2021/03/10 23:50:46 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2021/03/10 23:50:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmplpxy.dll
[2021/03/10 23:50:45 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2021/03/10 23:50:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmRes.dll
[2021/03/10 23:50:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2021/03/10 23:50:44 | 000,668,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplicationFrame.dll
[2021/03/10 23:50:44 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2021/03/10 23:50:41 | 006,236,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2021/03/10 23:50:41 | 004,008,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2021/03/10 23:50:41 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_PCDisplay.dll
[2021/03/10 23:50:41 | 000,519,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2021/03/10 23:50:41 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2021/03/10 23:50:41 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.SharedPC.CredentialProvider.dll
[2021/03/10 23:50:40 | 000,587,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2021/03/10 23:50:40 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2021/03/10 23:50:40 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2021/03/10 23:50:40 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2021/03/10 23:50:39 | 000,923,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2021/03/10 23:50:39 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2021/03/10 23:50:38 | 002,594,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2021/03/10 23:50:38 | 001,097,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2021/03/10 23:50:38 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2021/03/10 23:50:38 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2021/03/10 23:50:37 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2021/03/10 23:50:37 | 001,415,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2021/03/10 23:50:37 | 000,706,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upshared.dll
[2021/03/10 23:50:37 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2021/03/10 23:50:37 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2021/03/10 23:50:37 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2021/03/10 23:50:36 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_SpeechPrivacy.dll
[2021/03/10 23:50:36 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Authentication.dll
[2021/03/10 23:50:36 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2021/03/10 23:50:36 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2021/03/10 23:50:35 | 000,403,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtapi.dll
[2021/03/10 23:50:35 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtutil.exe
[2021/03/10 23:50:34 | 003,764,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Bluetooth.Service.dll
[2021/03/10 23:50:34 | 000,601,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2021/03/10 23:50:33 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2021/03/10 23:50:33 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2021/03/10 23:50:33 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll
[2021/03/10 23:50:33 | 000,202,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2021/03/10 23:50:33 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cimfs.dll
[2021/03/10 23:50:33 | 000,149,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2021/03/10 23:50:33 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2021/03/10 23:50:33 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bindfltapi.dll
[2021/03/10 23:50:33 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadjcsp.dll
[2021/03/10 23:50:33 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcnfs.sys
[2021/03/10 23:50:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnosticsTool.exe
[2021/03/10 23:50:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wci.dll
[2021/03/10 23:50:32 | 003,815,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2021/03/10 23:50:32 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2021/03/10 23:50:31 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2021/03/10 23:50:31 | 000,132,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2021/03/10 23:50:30 | 001,824,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2021/03/10 23:50:30 | 001,496,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2021/03/10 23:50:29 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2021/03/10 23:50:29 | 000,180,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2021/03/10 23:50:28 | 000,725,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2021/03/10 23:50:28 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2021/03/10 23:50:28 | 000,058,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryCore.dll
[2021/03/10 23:50:27 | 005,858,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2021/03/10 23:50:27 | 001,337,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryPS.dll
[2021/03/10 23:50:27 | 000,249,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2021/03/10 23:50:27 | 000,117,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2021/03/10 23:50:26 | 001,021,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2021/03/10 23:50:26 | 001,009,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2021/03/10 23:50:26 | 000,676,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2021/03/10 23:50:26 | 000,361,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2021/03/10 23:50:26 | 000,175,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47mrm.dll
[2021/03/10 23:50:26 | 000,157,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profext.dll
[2021/03/10 23:50:25 | 007,965,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2021/03/10 23:50:24 | 003,329,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2021/03/10 23:50:24 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2021/03/10 23:50:23 | 002,321,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2021/03/10 23:50:23 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2021/03/10 23:50:22 | 002,437,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2021/03/10 23:50:22 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2021/03/10 23:50:22 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fidocredprov.dll
[2021/03/10 23:50:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2021/03/10 23:50:21 | 002,251,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2021/03/10 23:50:21 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsf3gip.dll
[2021/03/10 23:50:21 | 001,021,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2021/03/10 23:50:21 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2021/03/10 23:50:20 | 004,732,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2021/03/10 23:50:20 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2021/03/10 23:50:20 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2021/03/10 23:50:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2021/03/10 23:50:19 | 003,301,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2021/03/10 23:50:19 | 002,970,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2021/03/10 23:50:19 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2021/03/10 23:50:19 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2021/03/10 23:50:18 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2021/03/10 23:50:18 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2021/03/10 23:50:18 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2021/03/10 23:50:18 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2021/03/10 23:50:18 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2021/03/10 23:50:18 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2021/03/10 23:50:17 | 002,919,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2021/03/10 23:50:17 | 001,784,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2021/03/10 23:50:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2021/03/10 23:50:16 | 003,749,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2021/03/10 23:50:16 | 000,751,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9on12.dll
[2021/03/10 23:50:16 | 000,603,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11on12.dll
[2021/03/10 23:50:00 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2021/03/10 23:50:00 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml6r.dll
[2021/03/10 23:49:59 | 000,906,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2021/03/10 23:49:59 | 000,454,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2021/03/10 23:49:59 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2021/03/10 23:49:58 | 000,596,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.LowLevel.dll
[2021/03/10 23:49:58 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2021/03/10 23:49:58 | 000,250,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Workplace.dll
[2021/03/10 23:49:57 | 008,015,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2021/03/10 23:49:57 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SerialCommunication.dll
[2021/03/10 23:49:56 | 001,712,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2021/03/10 23:49:56 | 000,539,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Enumeration.dll
[2021/03/10 23:49:56 | 000,122,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll
[2021/03/10 23:49:55 | 003,067,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2021/03/10 23:49:55 | 002,378,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2021/03/10 23:49:55 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2021/03/10 23:49:55 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2021/03/10 23:49:54 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2021/03/10 23:49:54 | 000,070,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2021/03/10 23:49:52 | 017,544,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2021/03/10 23:49:52 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2021/03/10 23:49:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AssignedAccessRuntime.dll
[2021/03/10 23:49:50 | 002,111,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2021/03/10 23:49:50 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2021/03/10 23:49:50 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2021/03/10 23:49:49 | 006,187,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2021/03/10 23:49:49 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2021/03/10 23:49:48 | 000,668,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2021/03/10 23:49:46 | 005,751,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2021/03/10 23:49:46 | 000,388,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialEnrollmentManager.exe
[2021/03/10 23:49:46 | 000,077,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialEnrollmentManagerForUser.dll
[2021/03/10 23:49:45 | 001,094,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskbarcpl.dll
[2021/03/10 23:49:45 | 000,958,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2021/03/10 23:49:45 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2021/03/10 23:49:44 | 004,704,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2021/03/10 23:49:44 | 001,290,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2021/03/10 23:49:44 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll
[2021/03/10 23:49:44 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2021/03/10 23:49:44 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_WorkAccess.dll
[2021/03/10 23:49:44 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCertResources.dll
[2021/03/10 23:49:43 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wbemcomn.dll
[2021/03/10 23:49:43 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2021/03/10 23:49:42 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2021/03/10 23:49:41 | 000,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2021/03/10 23:49:41 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2021/03/10 23:49:41 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2021/03/10 23:49:41 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCore.dll
[2021/03/10 23:49:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2021/03/10 23:49:41 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCsp.dll
[2021/03/10 23:49:41 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NFCProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2021/03/10 23:49:41 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvPluginEng.dll
[2021/03/10 23:49:41 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BarcodeProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemovableMediaProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2021/03/10 23:49:40 | 001,278,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2021/03/10 23:49:40 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelinesvc.exe
[2021/03/10 23:49:40 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2021/03/10 23:49:40 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelineprxy.dll
[2021/03/10 23:49:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2021/03/10 23:49:39 | 000,713,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2021/03/10 23:49:39 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RjvMDMConfig.dll
[2021/03/10 23:49:39 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2021/03/10 23:49:39 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ofdeploy.exe
[2021/03/10 23:49:37 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntime.dll
[2021/03/10 23:49:37 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.ConversationalAgent.dll
[2021/03/10 23:49:37 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AarSvc.dll
[2021/03/10 23:49:37 | 000,374,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2021/03/10 23:49:36 | 000,889,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2021/03/10 23:49:36 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntimewindows.dll
[2021/03/10 23:49:36 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2021/03/10 23:49:36 | 000,127,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandler.exe
[2021/03/10 23:49:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilotdiag.dll
[2021/03/10 23:49:36 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandlerPS.dll
[2021/03/10 23:49:35 | 000,937,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2021/03/10 23:49:35 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2021/03/10 23:49:35 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xboxgipsvc.dll
[2021/03/10 23:49:35 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2021/03/10 23:49:34 | 000,677,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2021/03/10 23:49:34 | 000,215,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2021/03/10 23:49:34 | 000,155,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2021/03/10 23:49:34 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2021/03/10 23:49:34 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2021/03/10 23:49:33 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2021/03/10 23:49:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\devauthe.sys
[2021/03/10 22:37:13 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2021/03/10 22:37:11 | 000,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2021/03/03 12:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2021/03/02 21:12:28 | 000,047,600 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-stable.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-dev.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-canary.sys
[2021/03/02 21:12:28 | 000,044,272 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\DbxSvc.exe
[6 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[3 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[24 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2021/03/14 20:48:01 | 000,934,922 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2021/03/14 20:48:01 | 000,775,830 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2021/03/14 20:48:01 | 000,159,666 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2021/03/14 20:42:38 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2021/03/14 20:40:34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2021/03/14 20:40:32 | 1483,653,120 | -HS- | M] () -- C:\hiberfil.sys
[2021/03/14 20:39:53 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2021/03/14 18:00:11 | 000,448,312 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2021/03/12 12:50:42 | 000,002,266 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Edge.lnk
[2021/03/10 23:56:00 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cngkeyhelper.dll
[2021/03/10 23:55:59 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2021/03/10 23:55:59 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2021/03/10 23:55:58 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConsoleLogon.dll
[2021/03/10 23:55:57 | 004,272,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2021/03/10 23:55:57 | 000,388,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConsoleLogon.dll
[2021/03/10 23:55:57 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinBioDataModelOOBE.exe
[2021/03/10 23:55:56 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinBioDataModel.dll
[2021/03/10 23:55:52 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WalletService.dll
[2021/03/10 23:55:51 | 004,824,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2021/03/10 23:55:06 | 002,339,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2021/03/10 23:55:06 | 000,951,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2021/03/10 23:54:50 | 000,680,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVXENCD.DLL
[2021/03/10 23:54:49 | 003,557,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2021/03/10 23:54:49 | 001,014,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2021/03/10 23:54:49 | 000,176,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\COLORCNV.DLL
[2021/03/10 23:54:49 | 000,100,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VIDRESZR.DLL
[2021/03/10 23:54:48 | 001,301,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2021/03/10 23:54:48 | 001,126,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2021/03/10 23:54:48 | 001,092,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSI.PCShell.dll
[2021/03/10 23:54:48 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Analog.Shell.Broker.dll
[2021/03/10 23:54:47 | 024,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2021/03/10 23:54:45 | 002,453,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2021/03/10 23:54:45 | 000,423,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2021/03/10 23:54:44 | 002,520,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2021/03/10 23:54:44 | 001,352,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2021/03/10 23:54:44 | 000,689,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVXENCD.DLL
[2021/03/10 23:54:44 | 000,203,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\COLORCNV.DLL
[2021/03/10 23:54:44 | 000,114,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VIDRESZR.DLL
[2021/03/10 23:54:43 | 004,795,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2021/03/10 23:54:43 | 001,956,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2021/03/10 23:54:43 | 000,530,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2021/03/10 23:54:35 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\provplatformdesktop.dll
[2021/03/10 23:54:35 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2021/03/10 23:54:34 | 007,109,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2021/03/10 23:54:34 | 001,548,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2021/03/10 23:54:34 | 001,314,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2021/03/10 23:54:33 | 000,923,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\opengl32.dll
[2021/03/10 23:54:33 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glu32.dll
[2021/03/10 23:54:33 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msimsg.dll
[2021/03/10 23:54:32 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbnetlib.dll
[2021/03/10 23:54:31 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2021/03/10 23:54:30 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2021/03/10 23:54:29 | 000,379,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2021/03/10 23:54:29 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2021/03/10 23:54:27 | 000,805,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2021/03/10 23:54:26 | 000,837,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2021/03/10 23:54:25 | 019,870,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2021/03/10 23:54:24 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2021/03/10 23:54:22 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2021/03/10 23:54:22 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\net1.exe
[2021/03/10 23:54:22 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\udhisapi.dll
[2021/03/10 23:54:22 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XInput1_4.dll
[2021/03/10 23:54:22 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\upnpcont.exe
[2021/03/10 23:54:22 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smphost.dll
[2021/03/10 23:54:21 | 002,495,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2021/03/10 23:54:21 | 000,737,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PayloadRestrictions.dll
[2021/03/10 23:54:21 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2021/03/10 23:53:57 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provplatformdesktop.dll
[2021/03/10 23:53:56 | 002,246,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2021/03/10 23:53:56 | 000,893,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2021/03/10 23:53:56 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2021/03/10 23:53:56 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFolders.exe
[2021/03/10 23:53:56 | 000,018,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshhyperv.dll
[2021/03/10 23:53:55 | 008,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2021/03/10 23:53:55 | 000,361,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2021/03/10 23:53:55 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2021/03/10 23:53:54 | 002,040,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2021/03/10 23:53:54 | 001,721,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2021/03/10 23:53:54 | 000,995,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2021/03/10 23:53:53 | 001,257,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2021/03/10 23:53:53 | 000,149,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Profile.HardwareId.dll
[2021/03/10 23:53:52 | 001,064,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\opengl32.dll
[2021/03/10 23:53:52 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glu32.dll
[2021/03/10 23:53:51 | 003,293,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2021/03/10 23:53:51 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msimsg.dll
[2021/03/10 23:53:49 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbnetlib.dll
[2021/03/10 23:53:49 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2021/03/10 23:53:48 | 000,539,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IESettingSync.exe
[2021/03/10 23:53:48 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2021/03/10 23:53:47 | 004,901,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2021/03/10 23:53:47 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2021/03/10 23:53:45 | 007,784,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2021/03/10 23:53:44 | 000,887,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2021/03/10 23:53:44 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2021/03/10 23:53:42 | 000,944,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2021/03/10 23:53:41 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2021/03/10 23:53:39 | 026,273,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2021/03/10 23:53:35 | 000,863,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2021/03/10 23:53:04 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2021/03/10 23:53:04 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XInput1_4.dll
[2021/03/10 23:53:03 | 000,036,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smphost.dll
[2021/03/10 23:53:02 | 003,178,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2021/03/10 23:53:02 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2021/03/10 23:53:02 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2021/03/10 23:53:02 | 000,086,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spaceman.exe
[2021/03/10 23:53:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\net1.exe
[2021/03/10 23:52:58 | 001,314,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2021/03/10 23:52:58 | 000,805,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2021/03/10 23:52:58 | 000,615,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2021/03/10 23:52:58 | 000,218,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2021/03/10 23:52:58 | 000,011,359 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2021/03/10 23:52:57 | 001,570,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2021/03/10 23:52:57 | 001,268,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2021/03/10 23:52:57 | 000,171,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2021/03/10 23:52:57 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\udhisapi.dll
[2021/03/10 23:52:57 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upnpcont.exe
[2021/03/10 23:52:56 | 000,973,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PayloadRestrictions.dll
[2021/03/10 23:52:55 | 001,720,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2021/03/10 23:52:54 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2021/03/10 23:52:53 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2021/03/10 23:52:53 | 000,495,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2021/03/10 23:52:53 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtm.dll
[2021/03/10 23:52:53 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtprio.dll
[2021/03/10 23:52:52 | 001,044,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2021/03/10 23:52:52 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2021/03/10 23:52:52 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvsetup.dll
[2021/03/10 23:52:52 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spfileq.dll
[2021/03/10 23:52:51 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2021/03/10 23:52:50 | 000,431,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2021/03/10 23:52:50 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3r.dll
[2021/03/10 23:52:49 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll
[2021/03/10 23:52:49 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2021/03/10 23:52:48 | 008,899,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2021/03/10 23:52:48 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2021/03/10 23:52:47 | 000,403,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2021/03/10 23:52:47 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2021/03/10 23:52:45 | 000,948,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2021/03/10 23:52:45 | 000,715,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2021/03/10 23:52:45 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DMAlertListener.ProxyStub.dll
[2021/03/10 23:52:44 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2021/03/10 23:52:44 | 000,410,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2021/03/10 23:52:44 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovs.dll
[2021/03/10 23:52:44 | 000,174,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\omadmapi.dll
[2021/03/10 23:52:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmpushproxy.dll
[2021/03/10 23:52:44 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2021/03/10 23:52:44 | 000,020,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerEnc.dll
[2021/03/10 23:52:43 | 001,494,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2021/03/10 23:52:43 | 000,482,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2021/03/10 23:52:43 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2021/03/10 23:52:43 | 000,151,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2021/03/10 23:52:42 | 000,896,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2021/03/10 23:52:42 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2021/03/10 23:52:41 | 002,635,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2021/03/10 23:52:41 | 000,630,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2021/03/10 23:52:41 | 000,603,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2021/03/10 23:52:40 | 000,965,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2021/03/10 23:52:40 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2021/03/10 23:52:39 | 000,734,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2021/03/10 23:52:39 | 000,456,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2021/03/10 23:52:39 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2021/03/10 23:52:39 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtutil.exe
[2021/03/10 23:52:39 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2021/03/10 23:52:38 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2021/03/10 23:52:37 | 002,750,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2021/03/10 23:52:37 | 001,587,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2021/03/10 23:52:37 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2021/03/10 23:52:37 | 000,092,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2021/03/10 23:52:36 | 000,403,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2021/03/10 23:52:36 | 000,179,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Management.Workplace.dll
[2021/03/10 23:52:36 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2021/03/10 23:52:36 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml6r.dll
[2021/03/10 23:52:35 | 003,824,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2021/03/10 23:52:35 | 000,602,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2021/03/10 23:52:35 | 000,583,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StateRepository.Core.dll
[2021/03/10 23:52:35 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2021/03/10 23:52:35 | 000,176,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2021/03/10 23:52:35 | 000,099,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
[2021/03/10 23:52:35 | 000,042,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryCore.dll
[2021/03/10 23:52:34 | 006,361,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2021/03/10 23:52:34 | 005,424,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2021/03/10 23:52:34 | 000,759,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2021/03/10 23:52:34 | 000,126,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\profext.dll
[2021/03/10 23:52:33 | 001,695,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2021/03/10 23:52:33 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2021/03/10 23:52:18 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2021/03/10 23:52:17 | 001,843,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2021/03/10 23:52:17 | 000,754,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2021/03/10 23:52:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TileDataRepository.dll
[2021/03/10 23:52:17 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fidocredprov.dll
[2021/03/10 23:52:16 | 002,602,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2021/03/10 23:52:16 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2021/03/10 23:52:16 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2021/03/10 23:52:16 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2021/03/10 23:52:15 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2021/03/10 23:52:15 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2021/03/10 23:52:15 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2021/03/10 23:52:15 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2021/03/10 23:52:14 | 000,611,952 | ---- | M] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2021/03/10 23:52:14 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d9on12.dll
[2021/03/10 23:52:14 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2021/03/10 23:52:14 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2021/03/10 23:52:13 | 001,391,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2021/03/10 23:52:13 | 001,055,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2021/03/10 23:52:13 | 000,654,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2021/03/10 23:52:13 | 000,468,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11on12.dll
[2021/03/10 23:52:13 | 000,061,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2021/03/10 23:52:13 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AssignedAccessRuntime.dll
[2021/03/10 23:52:12 | 014,762,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2021/03/10 23:52:11 | 000,943,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2021/03/10 23:52:10 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2021/03/10 23:52:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2021/03/10 23:52:09 | 000,264,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2021/03/10 23:52:09 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winrscmd.dll
[2021/03/10 23:52:09 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManMigrationPlugin.dll
[2021/03/10 23:52:09 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmprovhost.exe
[2021/03/10 23:52:09 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2021/03/10 23:52:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmRes.dll
[2021/03/10 23:52:09 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2021/03/10 23:52:09 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmplpxy.dll
[2021/03/10 23:52:08 | 004,743,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2021/03/10 23:52:08 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2021/03/10 23:52:08 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2021/03/10 23:52:08 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2021/03/10 23:52:07 | 004,123,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2021/03/10 23:52:07 | 000,546,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcext.dll
[2021/03/10 23:52:07 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2021/03/10 23:52:07 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2021/03/10 23:52:07 | 000,312,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2021/03/10 23:52:06 | 000,922,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll
[2021/03/10 23:52:06 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2021/03/10 23:52:06 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCertResources.dll
[2021/03/10 23:52:05 | 001,163,776 | ---- | M] () -- C:\WINDOWS\SysNative\MBR2GPT.EXE
[2021/03/10 23:52:05 | 000,649,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntimewindows.dll
[2021/03/10 23:52:05 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntime.dll
[2021/03/10 23:52:05 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.ConversationalAgent.dll
[2021/03/10 23:52:05 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AarSvc.dll
[2021/03/10 23:52:03 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2021/03/10 23:52:03 | 000,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2021/03/10 23:52:03 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2021/03/10 23:52:03 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardBi.dll
[2021/03/10 23:51:59 | 002,204,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2021/03/10 23:51:59 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2021/03/10 23:51:59 | 000,378,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.FileExplorer.Common.dll
[2021/03/10 23:51:58 | 000,858,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2021/03/10 23:51:58 | 000,702,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2021/03/10 23:51:58 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2021/03/10 23:51:58 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.FileExplorer.dll
[2021/03/10 23:51:57 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2021/03/10 23:51:57 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2021/03/10 23:51:57 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtm.dll
[2021/03/10 23:51:57 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtprio.dll
[2021/03/10 23:51:56 | 001,335,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2021/03/10 23:51:56 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2021/03/10 23:51:56 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2021/03/10 23:51:56 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spfileq.dll
[2021/03/10 23:51:55 | 004,650,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2021/03/10 23:51:55 | 003,938,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2021/03/10 23:51:55 | 000,326,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2021/03/10 23:51:54 | 001,434,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2021/03/10 23:51:54 | 001,240,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_IME.dll
[2021/03/10 23:51:53 | 002,179,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2021/03/10 23:51:53 | 000,554,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2021/03/10 23:51:53 | 000,539,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2021/03/10 23:51:53 | 000,379,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2021/03/10 23:51:52 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2021/03/10 23:51:52 | 000,362,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2021/03/10 23:51:51 | 001,751,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2021/03/10 23:51:51 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2021/03/10 23:51:50 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml3r.dll
[2021/03/10 23:51:37 | 000,765,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFx02000.dll
[2021/03/10 23:51:36 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2021/03/10 23:51:36 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AxInstUI.exe
[2021/03/10 23:51:35 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockController.dll
[2021/03/10 23:51:35 | 000,457,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockHostingFramework.dll
[2021/03/10 23:51:35 | 000,456,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2021/03/10 23:51:35 | 000,448,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2021/03/10 23:51:35 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2021/03/10 23:51:34 | 000,637,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2021/03/10 23:51:33 | 001,256,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2021/03/10 23:51:33 | 001,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2021/03/10 23:51:33 | 000,288,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2021/03/10 23:51:33 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2021/03/10 23:51:33 | 000,133,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2021/03/10 23:51:32 | 001,019,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2021/03/10 23:51:32 | 000,667,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2021/03/10 23:51:32 | 000,436,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmclient.exe
[2021/03/10 23:51:32 | 000,223,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmapi.dll
[2021/03/10 23:51:32 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2021/03/10 23:51:32 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmprc.exe
[2021/03/10 23:51:32 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2021/03/10 23:51:32 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMAlertListener.ProxyStub.dll
[2021/03/10 23:51:31 | 001,787,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2021/03/10 23:51:31 | 000,330,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2021/03/10 23:51:30 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\configmanager2.dll
[2021/03/10 23:51:30 | 000,544,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMPushRouterCore.dll
[2021/03/10 23:51:30 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmpushproxy.dll
[2021/03/10 23:51:29 | 000,873,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2021/03/10 23:51:29 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2021/03/10 23:51:29 | 000,479,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2021/03/10 23:51:29 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovs.dll
[2021/03/10 23:51:29 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2021/03/10 23:51:28 | 001,479,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2021/03/10 23:51:28 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntlanman.dll
[2021/03/10 23:51:27 | 001,129,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2021/03/10 23:51:27 | 000,907,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2021/03/10 23:51:27 | 000,502,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2021/03/10 23:51:27 | 000,403,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2021/03/10 23:51:27 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_G18030.DLL
[2021/03/10 23:51:27 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_IS2022.DLL
[2021/03/10 23:51:27 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\c_GSM7.DLL
[2021/03/10 23:51:26 | 010,842,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2021/03/10 23:51:26 | 000,115,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profapi.dll
[2021/03/10 23:51:25 | 002,024,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2021/03/10 23:51:24 | 000,568,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2021/03/10 23:51:24 | 000,488,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2021/03/10 23:51:24 | 000,171,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2021/03/10 23:51:24 | 000,024,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerEnc.dll
[2021/03/10 23:51:24 | 000,017,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2021/03/10 23:51:23 | 001,866,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2021/03/10 23:51:23 | 000,862,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2021/03/10 23:51:23 | 000,355,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2021/03/10 23:51:23 | 000,260,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2021/03/10 23:51:23 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2021/03/10 23:51:23 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pacjsworker.exe
[2021/03/10 23:51:22 | 001,425,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2021/03/10 23:51:22 | 001,393,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2021/03/10 23:51:22 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2021/03/10 23:51:21 | 010,352,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2021/03/10 23:51:21 | 003,507,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2021/03/10 23:51:21 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2021/03/10 23:51:20 | 000,531,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2021/03/10 23:51:19 | 003,592,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2021/03/10 23:51:19 | 000,764,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2021/03/10 23:51:19 | 000,522,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2021/03/10 23:51:18 | 001,394,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2021/03/10 23:51:18 | 000,412,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2021/03/10 23:51:17 | 001,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2021/03/10 23:51:17 | 001,555,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2021/03/10 23:51:17 | 001,198,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2021/03/10 23:51:16 | 000,389,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2021/03/10 23:51:16 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Win32CompatibilityAppraiserCSP.dll
[2021/03/10 23:51:15 | 002,007,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2021/03/10 23:51:15 | 001,213,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2021/03/10 23:51:15 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2021/03/10 23:51:15 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tier2punctuations.dll
[2021/03/10 23:51:14 | 003,852,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2021/03/10 23:51:13 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Language.dll
[2021/03/10 23:51:13 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Region.dll
[2021/03/10 23:51:11 | 001,215,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2021/03/10 23:51:11 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2021/03/10 23:51:11 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2021/03/10 23:51:10 | 002,454,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2021/03/10 23:51:10 | 001,767,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2021/03/10 23:51:09 | 003,901,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2021/03/10 23:50:47 | 001,139,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2021/03/10 23:50:47 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2021/03/10 23:50:46 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winrscmd.dll
[2021/03/10 23:50:46 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManMigrationPlugin.dll
[2021/03/10 23:50:46 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmprovhost.exe
[2021/03/10 23:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2021/03/10 23:50:46 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmplpxy.dll
[2021/03/10 23:50:45 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2021/03/10 23:50:45 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmRes.dll
[2021/03/10 23:50:45 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2021/03/10 23:50:44 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplicationFrame.dll
[2021/03/10 23:50:44 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2021/03/10 23:50:42 | 006,236,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2021/03/10 23:50:41 | 004,008,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2021/03/10 23:50:41 | 000,561,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_PCDisplay.dll
[2021/03/10 23:50:41 | 000,519,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2021/03/10 23:50:41 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2021/03/10 23:50:41 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.SharedPC.CredentialProvider.dll
[2021/03/10 23:50:40 | 000,587,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2021/03/10 23:50:40 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2021/03/10 23:50:40 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2021/03/10 23:50:40 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2021/03/10 23:50:39 | 002,594,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2021/03/10 23:50:39 | 000,923,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2021/03/10 23:50:39 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2021/03/10 23:50:38 | 001,097,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2021/03/10 23:50:38 | 000,706,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upshared.dll
[2021/03/10 23:50:38 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2021/03/10 23:50:38 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2021/03/10 23:50:37 | 001,532,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2021/03/10 23:50:37 | 001,415,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2021/03/10 23:50:37 | 000,567,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2021/03/10 23:50:37 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2021/03/10 23:50:37 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2021/03/10 23:50:36 | 000,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_SpeechPrivacy.dll
[2021/03/10 23:50:36 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Authentication.dll
[2021/03/10 23:50:36 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2021/03/10 23:50:36 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2021/03/10 23:50:35 | 000,403,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtapi.dll
[2021/03/10 23:50:35 | 000,291,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtutil.exe
[2021/03/10 23:50:34 | 003,764,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Bluetooth.Service.dll
[2021/03/10 23:50:34 | 000,601,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2021/03/10 23:50:34 | 000,336,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2021/03/10 23:50:33 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2021/03/10 23:50:33 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll
[2021/03/10 23:50:33 | 000,231,248 | ---- | M] () -- C:\WINDOWS\SysNative\containerdevicemanagement.dll
[2021/03/10 23:50:33 | 000,202,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2021/03/10 23:50:33 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cimfs.dll
[2021/03/10 23:50:33 | 000,149,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2021/03/10 23:50:33 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2021/03/10 23:50:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bindfltapi.dll
[2021/03/10 23:50:33 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadjcsp.dll
[2021/03/10 23:50:33 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcnfs.sys
[2021/03/10 23:50:33 | 000,091,136 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\cimfs.sys
[2021/03/10 23:50:33 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnosticsTool.exe
[2021/03/10 23:50:33 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wci.dll
[2021/03/10 23:50:32 | 003,815,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2021/03/10 23:50:32 | 000,685,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2021/03/10 23:50:31 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2021/03/10 23:50:31 | 000,132,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2021/03/10 23:50:30 | 001,824,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2021/03/10 23:50:30 | 001,496,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2021/03/10 23:50:29 | 000,500,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2021/03/10 23:50:29 | 000,180,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2021/03/10 23:50:28 | 000,725,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2021/03/10 23:50:28 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2021/03/10 23:50:28 | 000,058,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryCore.dll
[2021/03/10 23:50:27 | 005,858,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2021/03/10 23:50:27 | 001,337,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryPS.dll
[2021/03/10 23:50:27 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2021/03/10 23:50:27 | 000,117,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2021/03/10 23:50:26 | 001,021,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2021/03/10 23:50:26 | 001,009,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2021/03/10 23:50:26 | 000,676,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2021/03/10 23:50:26 | 000,361,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2021/03/10 23:50:26 | 000,175,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47mrm.dll
[2021/03/10 23:50:26 | 000,157,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profext.dll
[2021/03/10 23:50:25 | 007,965,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2021/03/10 23:50:24 | 003,329,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2021/03/10 23:50:24 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2021/03/10 23:50:24 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2021/03/10 23:50:23 | 002,321,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2021/03/10 23:50:22 | 002,437,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2021/03/10 23:50:22 | 002,251,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2021/03/10 23:50:22 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2021/03/10 23:50:22 | 000,236,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fidocredprov.dll
[2021/03/10 23:50:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2021/03/10 23:50:21 | 001,369,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsf3gip.dll
[2021/03/10 23:50:21 | 001,040,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2021/03/10 23:50:21 | 001,021,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2021/03/10 23:50:21 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2021/03/10 23:50:20 | 004,732,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2021/03/10 23:50:20 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2021/03/10 23:50:20 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2021/03/10 23:50:20 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2021/03/10 23:50:19 | 003,301,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2021/03/10 23:50:19 | 002,970,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2021/03/10 23:50:19 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2021/03/10 23:50:18 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2021/03/10 23:50:18 | 000,402,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2021/03/10 23:50:18 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2021/03/10 23:50:18 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2021/03/10 23:50:18 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2021/03/10 23:50:18 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2021/03/10 23:50:17 | 002,919,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2021/03/10 23:50:17 | 001,784,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2021/03/10 23:50:17 | 000,707,016 | ---- | M] () -- C:\WINDOWS\SysNative\TextShaping.dll
[2021/03/10 23:50:17 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2021/03/10 23:50:16 | 003,749,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2021/03/10 23:50:16 | 000,751,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9on12.dll
[2021/03/10 23:50:16 | 000,603,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11on12.dll
[2021/03/10 23:50:00 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2021/03/10 23:50:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml6r.dll
[2021/03/10 23:49:59 | 000,906,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2021/03/10 23:49:59 | 000,454,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2021/03/10 23:49:59 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2021/03/10 23:49:58 | 000,596,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.LowLevel.dll
[2021/03/10 23:49:58 | 000,546,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2021/03/10 23:49:58 | 000,250,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Workplace.dll
[2021/03/10 23:49:57 | 008,015,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2021/03/10 23:49:57 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SerialCommunication.dll
[2021/03/10 23:49:56 | 001,712,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2021/03/10 23:49:56 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2021/03/10 23:49:56 | 000,539,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Enumeration.dll
[2021/03/10 23:49:56 | 000,122,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll
[2021/03/10 23:49:55 | 003,067,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2021/03/10 23:49:55 | 002,378,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2021/03/10 23:49:55 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2021/03/10 23:49:55 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2021/03/10 23:49:54 | 017,544,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2021/03/10 23:49:54 | 000,070,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2021/03/10 23:49:52 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2021/03/10 23:49:52 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AssignedAccessRuntime.dll
[2021/03/10 23:49:50 | 002,111,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2021/03/10 23:49:50 | 000,323,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2021/03/10 23:49:50 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2021/03/10 23:49:50 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2021/03/10 23:49:49 | 006,187,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2021/03/10 23:49:48 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2021/03/10 23:49:47 | 005,751,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2021/03/10 23:49:46 | 000,388,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialEnrollmentManager.exe
[2021/03/10 23:49:46 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2021/03/10 23:49:46 | 000,077,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialEnrollmentManagerForUser.dll
[2021/03/10 23:49:45 | 004,704,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2021/03/10 23:49:45 | 001,094,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskbarcpl.dll
[2021/03/10 23:49:45 | 000,958,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2021/03/10 23:49:44 | 001,290,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2021/03/10 23:49:44 | 001,148,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll
[2021/03/10 23:49:44 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2021/03/10 23:49:44 | 000,457,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_WorkAccess.dll
[2021/03/10 23:49:44 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCertResources.dll
[2021/03/10 23:49:43 | 000,577,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wbemcomn.dll
[2021/03/10 23:49:43 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2021/03/10 23:49:42 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2021/03/10 23:49:41 | 000,382,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2021/03/10 23:49:41 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2021/03/10 23:49:41 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2021/03/10 23:49:41 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCore.dll
[2021/03/10 23:49:41 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2021/03/10 23:49:41 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCsp.dll
[2021/03/10 23:49:41 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NFCProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2021/03/10 23:49:41 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvPluginEng.dll
[2021/03/10 23:49:41 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BarcodeProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2021/03/10 23:49:41 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemovableMediaProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2021/03/10 23:49:40 | 001,278,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2021/03/10 23:49:40 | 000,832,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelinesvc.exe
[2021/03/10 23:49:40 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelineprxy.dll
[2021/03/10 23:49:40 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2021/03/10 23:49:39 | 000,713,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2021/03/10 23:49:39 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RjvMDMConfig.dll
[2021/03/10 23:49:39 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2021/03/10 23:49:39 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ofdeploy.exe
[2021/03/10 23:49:37 | 000,887,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntimewindows.dll
[2021/03/10 23:49:37 | 000,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntime.dll
[2021/03/10 23:49:37 | 000,809,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.ConversationalAgent.dll
[2021/03/10 23:49:37 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AarSvc.dll
[2021/03/10 23:49:37 | 000,374,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2021/03/10 23:49:36 | 000,889,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2021/03/10 23:49:36 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2021/03/10 23:49:36 | 000,127,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandler.exe
[2021/03/10 23:49:36 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2021/03/10 23:49:36 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilotdiag.dll
[2021/03/10 23:49:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandlerPS.dll
[2021/03/10 23:49:35 | 000,937,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2021/03/10 23:49:35 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2021/03/10 23:49:35 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xboxgipsvc.dll
[2021/03/10 23:49:34 | 000,677,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2021/03/10 23:49:34 | 000,215,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2021/03/10 23:49:34 | 000,155,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2021/03/10 23:49:34 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2021/03/10 23:49:34 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2021/03/10 23:49:33 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2021/03/10 23:49:33 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\devauthe.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-stable.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-dev.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-canary.sys
[2021/03/02 21:12:28 | 000,044,272 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\DbxSvc.exe
[6 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[3 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[24 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2021/03/10 23:52:58 | 000,011,359 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2021/03/10 23:52:14 | 000,611,952 | ---- | C] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2021/03/10 23:52:04 | 001,163,776 | ---- | C] () -- C:\WINDOWS\SysNative\MBR2GPT.EXE
[2021/03/10 23:50:33 | 000,231,248 | ---- | C] () -- C:\WINDOWS\SysNative\containerdevicemanagement.dll
[2021/03/10 23:50:32 | 000,091,136 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\cimfs.sys
[2021/03/10 23:50:16 | 000,707,016 | ---- | C] () -- C:\WINDOWS\SysNative\TextShaping.dll
[2021/01/12 22:17:16 | 000,053,760 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2021/01/12 22:14:17 | 000,455,680 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowManagementAPI.dll
[2021/01/12 22:13:58 | 001,333,760 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2021/01/12 22:13:56 | 000,235,520 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2021/01/12 22:13:06 | 000,330,752 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2020/12/09 07:19:36 | 000,266,240 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll
[2020/12/09 07:19:24 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll
[2020/12/09 07:19:24 | 000,010,752 | ---- | C] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter.exe
[2020/10/13 12:01:40 | 000,047,472 | ---- | C] () -- C:\WINDOWS\SysWow64\umpdc.dll
[2020/10/02 03:50:06 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2019/12/07 03:15:00 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config
[2019/12/07 03:15:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2019/12/07 03:14:59 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2019/12/07 03:10:05 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2019/12/07 03:10:05 | 000,011,292 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr-v.dat
[2019/12/07 03:10:02 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2019/12/07 03:09:22 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2019/12/07 03:09:18 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2019/12/07 03:09:17 | 003,595,776 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2019/12/07 03:09:17 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2019/12/07 03:09:17 | 000,060,416 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2019/12/07 03:09:17 | 000,054,784 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2019/12/07 03:09:13 | 000,223,744 | ---- | C] () -- C:\WINDOWS\SysWow64\TpmTool.exe
[2019/12/07 03:09:11 | 000,049,664 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.proxystub.dll
[2019/12/07 03:09:11 | 000,040,448 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.internal.proxystub.dll
[2019/12/07 03:09:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2019/12/07 03:08:58 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017/02/07 18:00:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2016/01/24 14:20:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[color=#E56717]========== ZeroAccess Check ==========[/color]
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2021/03/10 23:50:25 | 007,965,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2021/03/10 23:52:34 | 006,361,144 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2020/10/13 11:58:53 | 001,075,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2020/10/13 12:01:23 | 000,804,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2019/12/07 03:08:19 | 000,514,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2015/12/24 21:47:24 | 000,000,000 | ---D | M] -- C:\Users\eades\AppData\Roaming\AMD
[2015/12/24 20:28:03 | 000,000,000 | ---D | M] -- C:\Users\eades\AppData\Roaming\Dropbox
[2015/12/24 20:30:10 | 000,000,000 | ---D | M] -- C:\Users\eades\AppData\Roaming\DropboxOEM
[2017/02/08 18:39:19 | 000,000,000 | ---D | M] -- C:\Users\eades\AppData\Roaming\WildTangent
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
-
not sure what happened. i ran the other program (fubar recovery) and it asked to reboot and i did now everything is gone from that scan.
-
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-14-2021
# Duration: 00:00:30
# OS: Windows 10 Home
# Cleaned: 15
# Failed: 0
***** [ Services ] *****No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted HKCU\Software\CoinisRevShare
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************[+] Delete Tracing Keys
[+] Reset Winsock*************************
AdwCleaner[S00].txt - [8578 octets] - [14/03/2021 19:22:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Flash, can you look at my home computer it's getting pretty slow.
Slow Computer
in Malware Removal
Posted
final log