Recommended Posts

Hey Rick, ok download & run these programs for me there will be a report after they run, please copy & paste them into your topic for me !! Do one program at a time !! If you have any problems just go to the next program ! Some will take awhile to run !!


Download and run AdwCleaner

* Download AdwCleaner from here and save it to your desktop. >>> https://www.bleepingcomputer.com/download/adwcleaner/

* run AdwCleaner by clicking on Scan Now
* when it has finished, leave everything that was found checked, (ticked), then click on Clean and Repair
* if it asks to reboot, allow the reboot
* on reboot, click on View Log File; please attach the content of the log to your next reply.


================

 

Run Malwarebytes Anti-Malware

* You may have Malwarebytes Anti-Malware installed but if not, you can download it from here: >>> https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
* run the program
* click on the ‘Dashboard’ to make sure everything is up to date, (it is not necessary to upgrade to the premium version of MBAM)
* click on the ‘Scan’ tab, (directly below the Dashboard tab)
* select the Threat Scan option
* slick the Scan Now button
* Threat Scan will begin
* when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
* if prompted to restart the computer, close all other programs and click Yes to restart your computer
* once you are back at your desktop, open MBAM once more
* click on the ‘Reports’ tab
* double-click on the most recent Scan Report
* click on Export, then Copy to Clipboard
* Logs to include with the next post:
========================
If you have trouble with the logs !
Open Malwarebytes Anti-Malware
* click the Settings tab,at the top choose Protection and tick Scan for rootkits.
* Click the Dashboard tab, choose Scan, Threat Scan is checked and click Start Scan.
* If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
* Upon completion of the scan (or after the reboot), click the Reports tab.
* Double-click the Scan Log.
* At the bottom click Export and choose Text file.

* Save the file to your desktop and include its content in your next reply.

* You can access the logs by going in the "Reports" tab, clicking on the latest "Scan" entry (the one with detections), then clicking on the "Export" button in the bottom-left corner and select "Copy to clipboard". After that, all you have to do is paste it here.

 

=======================

 

Run Farbar Recovery Scan Tool

* Please download Farbar Recovery Scan Tool and save it to your Desktop. >>> https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

* Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
* right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
* press Scan button
* it will produce a log called Frst.txt in the same directory the tool is run from
* please copy and paste log back here.
* the first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the Frst.txt into your reply.
* Logs to include with next post:

Frst.txt
Addition.txt

Thanks

Chuck

 

Link to post
Share on other sites

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build:    02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-14-2021
# Duration: 00:00:30
# OS:       Windows 10 Home
# Cleaned:  15
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted       HKCU\Software\CoinisRevShare
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\csastats
Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [8578 octets] - [14/03/2021 19:22:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Link to post
Share on other sites

Rick, that's a start ...... nothing real serious, but junk can slow a computer down plus other things  !

Thanks

Chuck

Link to post
Share on other sites

Did you download Farbar to your desk top ?? It must be dwnloaded to there ! If it's there open it & see if the report is there or click your mouse here into your topic to see if it captured it there !! If none of this works then re-run it !!

Chuck

 

Link to post
Share on other sites

Rick try this program !! 

Download https://www.majorgeeks.com/files/details/otl_(oldtimers_list_it).html to your desk top !


If you already have a copy of OTL delete it and use this version.


* Double click OTL.exe to launch the program.
* Check the following.

  * Scan all users.
  * Standard Output.
  * Lop check.
  * Purity check.


* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

   OTL.txt (open on your desktop).
   Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

Post those logs please & i will type up you a script to delete what needs to go !!

Thanks

Chuck

 

Link to post
Share on other sites

OTL logfile created on: 3/14/2021 9:38:56 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\eades\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.45 Gb Total Physical Memory | 0.52 Gb Available Physical Memory | 15.10% Memory free
10.20 Gb Paging File | 6.67 Gb Available in Paging File | 65.40% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = 😄 | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive 😄 | 911.70 Gb Total Space | 829.82 Gb Free Space | 91.02% Space Free | Partition Type: NTFS
Drive 😧 | 18.51 Gb Total Space | 2.39 Gb Free Space | 12.93% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-B748AG0 | User Name: eades | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - File not found -- 
PRC - [2021/03/14 20:51:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\eades\Downloads\OTL.exe
PRC - [2021/03/12 23:15:23 | 001,943,400 | ---- | M] (Microsoft Corporation) -- C:\Users\eades\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2021/03/02 21:17:12 | 000,407,272 | ---- | M] (The Qt Company Ltd.) -- C:\Program Files (x86)\Dropbox\Client\117.4.378\QtWebEngineProcess.exe
PRC - [2021/03/02 21:16:04 | 007,992,032 | ---- | M] (Dropbox, Inc.) -- C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
PRC - [2021/02/09 13:57:27 | 000,686,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2021/01/25 22:55:56 | 000,169,672 | ---- | M] (Adobe Inc.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2021/01/08 00:07:09 | 001,889,696 | ---- | M] (McAfee, LLC.) -- C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe
PRC - [2020/09/17 23:48:25 | 090,951,528 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
PRC - [2016/01/10 13:55:05 | 000,307,456 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
PRC - [2016/01/10 13:55:00 | 001,407,744 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
PRC - [2015/07/01 01:41:45 | 000,515,512 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2021/03/10 23:52:14 | 000,611,952 | ---- | M] () -- C:\Windows\SysWOW64\TextShaping.dll
MOD - [2021/03/02 21:17:42 | 000,034,024 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\_yappi.cp38-win32.pyd
MOD - [2021/03/02 21:17:40 | 000,141,552 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\_cffi_backend.cp38-win32.pyd
MOD - [2021/03/02 21:17:38 | 000,125,160 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\_bowbow.cp38-win32.pyd
MOD - [2021/03/02 21:17:38 | 000,035,056 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\wrapt._wrappers.cp38-win32.pyd
MOD - [2021/03/02 21:17:36 | 000,244,456 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winxpgui.cp38-win32.pyd
MOD - [2021/03/02 21:17:36 | 000,029,424 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winshell_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:36 | 000,019,704 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winverifysignature_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:34 | 000,027,896 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winrpcserver_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:34 | 000,019,192 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winscreenshot_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:34 | 000,018,160 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winreindex_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:32 | 000,087,800 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\wininternetcheckapi.cp38-win32.pyd
MOD - [2021/03/02 21:17:32 | 000,022,264 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\wininfinitedrivers_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:30 | 000,039,672 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winenumhandles_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:30 | 000,020,208 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\winhttp_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:28 | 000,036,600 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\windisplaytoast_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:28 | 000,028,904 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32ts.cp38-win32.pyd
MOD - [2021/03/02 21:17:28 | 000,024,816 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\wind3d11_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:26 | 000,104,688 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32security.cp38-win32.pyd
MOD - [2021/03/02 21:17:26 | 000,047,856 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32service.cp38-win32.pyd
MOD - [2021/03/02 21:17:26 | 000,024,816 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32profile.cp38-win32.pyd
MOD - [2021/03/02 21:17:24 | 000,058,088 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32print.cp38-win32.pyd
MOD - [2021/03/02 21:17:24 | 000,041,712 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32process.cp38-win32.pyd
MOD - [2021/03/02 21:17:22 | 000,158,440 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32gui.cp38-win32.pyd
MOD - [2021/03/02 21:17:22 | 000,024,808 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32job.cp38-win32.pyd
MOD - [2021/03/02 21:17:22 | 000,024,296 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32pipe.cp38-win32.pyd
MOD - [2021/03/02 21:17:20 | 000,114,408 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32file.cp38-win32.pyd
MOD - [2021/03/02 21:17:20 | 000,060,144 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32evtlog.cp38-win32.pyd
MOD - [2021/03/02 21:17:20 | 000,024,808 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32event.cp38-win32.pyd
MOD - [2021/03/02 21:17:18 | 000,314,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32com.shell.shell.cp38-win32.pyd
MOD - [2021/03/02 21:17:18 | 000,095,976 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32api.cp38-win32.pyd
MOD - [2021/03/02 21:17:18 | 000,023,792 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\win32clipboard.cp38-win32.pyd
MOD - [2021/03/02 21:17:16 | 000,098,536 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\tprt.cp38-win32.pyd
MOD - [2021/03/02 21:17:16 | 000,020,208 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\user32_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:14 | 000,021,744 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\shell32_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:14 | 000,016,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\shlwapi_native.cp38-win32.pyd
MOD - [2021/03/02 21:17:14 | 000,015,600 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\tornado.speedups.cp38-win32.pyd
MOD - [2021/03/02 21:17:12 | 000,017,136 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\shcore_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:54 | 000,102,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\pywintypes38.dll
MOD - [2021/03/02 21:16:52 | 000,356,064 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\pythoncom38.dll
MOD - [2021/03/02 21:16:50 | 003,705,072 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWidgets.cp38-win32.pyd
MOD - [2021/03/02 21:16:50 | 000,094,952 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.sip.cp38-win32.pyd
MOD - [2021/03/02 21:16:50 | 000,091,376 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWinExtras.cp38-win32.pyd
MOD - [2021/03/02 21:16:48 | 000,186,104 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWebEngineWidgets.cp38-win32.pyd
MOD - [2021/03/02 21:16:48 | 000,082,680 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWebEngineCore.cp38-win32.pyd
MOD - [2021/03/02 21:16:46 | 000,667,888 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtQuick.cp38-win32.pyd
MOD - [2021/03/02 21:16:46 | 000,049,904 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWebEngine.cp38-win32.pyd
MOD - [2021/03/02 21:16:46 | 000,035,568 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtWebChannel.cp38-win32.pyd
MOD - [2021/03/02 21:16:44 | 000,536,304 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtNetwork.cp38-win32.pyd
MOD - [2021/03/02 21:16:44 | 000,351,984 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtQml.cp38-win32.pyd
MOD - [2021/03/02 21:16:44 | 000,195,832 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtPrintSupport.cp38-win32.pyd
MOD - [2021/03/02 21:16:42 | 001,893,616 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtGui.cp38-win32.pyd
MOD - [2021/03/02 21:16:42 | 001,844,976 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\PyQt5.QtCore.cp38-win32.pyd
MOD - [2021/03/02 21:16:40 | 000,065,272 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\psutil._psutil_windows.cp38-win32.pyd
MOD - [2021/03/02 21:16:38 | 000,050,416 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\nucleus_python.cp38-win32.pyd
MOD - [2021/03/02 21:16:36 | 002,858,208 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\libGLESv2.dll
MOD - [2021/03/02 21:16:36 | 000,021,224 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\mmapfile.cp38-win32.pyd
MOD - [2021/03/02 21:16:34 | 000,024,816 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\kernel32_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:34 | 000,022,752 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\libEGL.dll
MOD - [2021/03/02 21:16:34 | 000,016,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\gdi32_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:32 | 002,609,896 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_watchdog.dll
MOD - [2021/03/02 21:16:32 | 000,071,912 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\fastpath.cp38-win32.pyd
MOD - [2021/03/02 21:16:32 | 000,021,216 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_tprt.dll
MOD - [2021/03/02 21:16:30 | 024,578,784 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_core.dll
MOD - [2021/03/02 21:16:30 | 000,016,104 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_sqlite_ext.dll
MOD - [2021/03/02 21:16:26 | 002,103,048 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\cryptography.hazmat.bindings._openssl.cp38-win32.pyd
MOD - [2021/03/02 21:16:26 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dbghelp_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:26 | 000,017,160 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\cryptography.hazmat.bindings._padding.cp38-win32.pyd
MOD - [2021/03/02 21:16:24 | 000,018,672 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\crashpad_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:24 | 000,017,136 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\cpuid_native.cp38-win32.pyd
MOD - [2021/03/02 21:16:18 | 000,113,904 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\allocator_metrics.cp38-win32.pyd
MOD - [2021/03/02 21:16:18 | 000,040,680 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\apex._apex.cp38-win32.pyd
MOD - [2021/03/02 21:16:18 | 000,016,624 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\advapi32_native.cp38-win32.pyd
MOD - [2021/03/02 21:12:28 | 000,636,136 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\dropbox_crashpad.dll
MOD - [2021/01/12 22:14:17 | 000,455,680 | ---- | M] () -- C:\Windows\SysWOW64\WindowManagementAPI.dll
MOD - [2020/10/13 12:01:40 | 000,047,472 | ---- | M] () -- C:\Windows\SysWOW64\umpdc.dll
MOD - [2020/09/17 23:47:57 | 000,474,984 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\uwp_credentials_fetcher.node
MOD - [2020/09/17 23:47:57 | 000,142,200 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\wam.node
MOD - [2020/09/17 23:47:56 | 007,755,616 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\slimcore.node
MOD - [2020/09/17 23:47:56 | 002,601,312 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\skypert.dll
MOD - [2020/09/17 23:47:55 | 000,100,192 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\sharing-indicator.node
MOD - [2020/09/17 23:47:52 | 000,718,176 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\RtmPal.dll
MOD - [2020/09/17 23:47:52 | 000,116,576 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\RtmControl.dll
MOD - [2020/09/17 23:47:51 | 000,141,168 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\keytar.node
MOD - [2020/09/17 23:47:51 | 000,114,040 | ---- | M] () -- \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\electron_utility.node
MOD - [2020/09/17 23:47:43 | 006,903,808 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\libGLESv2.dll
MOD - [2020/09/17 23:47:43 | 000,310,784 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\libEGL.dll
MOD - [2020/09/17 23:47:42 | 002,072,064 | ---- | M] () -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\ffmpeg.dll
MOD - [1999/12/31 18:00:00 | 000,029,200 | ---- | M] () -- C:\Program Files (x86)\Dropbox\Client\117.4.378\libffi-7.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe -- (HPTouchpointAnalyticsService)
SRV:[b]64bit:[/b] - [2021/03/10 23:55:52 | 000,442,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:[b]64bit:[/b] - [2021/03/10 23:53:56 | 002,246,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:53:54 | 000,995,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:[b]64bit:[/b] - [2021/03/10 23:53:03 | 000,036,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:[b]64bit:[/b] - [2021/03/10 23:52:03 | 000,205,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:[b]64bit:[/b] - [2021/03/10 23:51:32 | 001,019,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:51:28 | 001,479,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:[b]64bit:[/b] - [2021/03/10 23:51:09 | 003,901,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:50:37 | 000,567,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usosvc.dll -- (UsoSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:50:34 | 000,601,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:50:27 | 005,858,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:[b]64bit:[/b] - [2021/03/10 23:50:22 | 002,437,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:52 | 000,288,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:50 | 002,111,488 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\windowsudk.shellcommon.dll -- (UdkUserSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:46 | 000,388,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc_60a11)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:46 | 000,388,888 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CredentialEnrollmentManager.exe -- (CredentialEnrollmentManagerUserSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:37 | 000,443,904 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\AarSvc.dll -- (AarSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:35 | 000,937,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dll -- (WManSvc)
SRV:[b]64bit:[/b] - [2021/03/10 23:49:35 | 000,072,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:[b]64bit:[/b] - [2021/03/02 21:12:28 | 000,044,272 | ---- | M] (Dropbox, Inc.) [Auto | Running] -- C:\Windows\SysNative\DbxSvc.exe -- (DbxSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:58:35 | 000,487,424 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:58:34 | 000,651,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:[b]64bit:[/b] - [2021/02/09 13:57:53 | 000,124,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:57:52 | 000,237,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:57:41 | 001,024,000 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:57:36 | 001,384,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:54 | 000,182,272 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:46 | 000,866,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:40 | 003,815,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:33 | 000,988,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:30 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:29 | 000,598,016 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:56:28 | 000,223,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:58 | 001,094,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:56 | 001,522,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:51 | 000,611,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:51 | 000,482,816 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:48 | 001,924,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:47 | 000,751,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:46 | 000,382,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:45 | 001,270,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:[b]64bit:[/b] - [2021/02/09 13:55:45 | 001,049,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:[b]64bit:[/b] - [2021/02/05 21:04:00 | 000,326,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Update Health Tools\uhssvc.exe -- (uhssvc)
SRV:[b]64bit:[/b] - [2021/01/20 05:32:38 | 001,627,680 | ---- | M] (McAfee, LLC) [Auto | Running] -- C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe -- (ModuleCoreService)
SRV:[b]64bit:[/b] - [2021/01/15 13:56:46 | 000,779,080 | ---- | M] (McAfee, LLC) [Auto | Running] -- C:\Program Files\Common Files\McAfee\VSCore_20_12\mcapexe.exe -- (McAPExe)
SRV:[b]64bit:[/b] - [2021/01/12 22:19:29 | 000,734,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:[b]64bit:[/b] - [2021/01/12 22:19:16 | 000,351,744 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:18:27 | 000,134,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:53 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:52 | 000,876,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:52 | 000,307,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:16:26 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:36 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:23 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe -- (perceptionsimulation)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:22 | 001,295,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:22 | 001,190,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll -- (DisplayEnhancementService)
SRV:[b]64bit:[/b] - [2021/01/12 22:15:21 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\autotimesvc.dll -- (autotimesvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:12:49 | 001,265,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:[b]64bit:[/b] - [2021/01/12 22:12:44 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:12:33 | 000,860,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2021/01/12 22:12:00 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:[b]64bit:[/b] - [2021/01/12 22:11:51 | 000,986,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:58 | 000,489,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:51 | 000,245,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:51 | 000,085,504 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:50 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:40 | 001,554,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:39 | 001,191,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:39 | 000,196,096 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:38 | 000,281,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:38 | 000,051,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:28 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:27 | 001,494,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:27 | 001,223,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:26 | 000,371,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:18 | 000,770,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:17 | 000,391,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:16 | 000,240,688 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:10:15 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:53 | 000,159,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:32 | 000,995,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:27 | 000,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:16 | 000,938,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:04 | 000,957,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:04 | 000,238,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:03 | 000,418,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MitigationClient.dll -- (TroubleshootingSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:03 | 000,302,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:03 | 000,091,648 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:02 | 001,253,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:01 | 001,023,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:01 | 000,500,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService)
SRV:[b]64bit:[/b] - [2021/01/12 22:09:01 | 000,392,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:[b]64bit:[/b] - [2021/01/12 22:08:59 | 003,596,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2021/01/08 03:56:22 | 004,240,160 | ---- | M] (McAfee, LLC) [Auto | Running] -- C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe -- (PEFService)
SRV:[b]64bit:[/b] - [2021/01/05 22:54:54 | 002,784,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\CSP\4.0.110.0\\McCSPServiceHost.exe -- (mccspsvc)
SRV:[b]64bit:[/b] - [2020/12/10 21:36:08 | 000,645,736 | ---- | M] (McAfee, LLC) [On_Demand | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2020/12/10 21:36:08 | 000,645,736 | ---- | M] (McAfee, LLC) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe -- (mfemms)
SRV:[b]64bit:[/b] - [2020/12/10 21:36:08 | 000,645,736 | ---- | M] (McAfee, LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:49 | 000,247,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:48 | 000,179,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:47 | 000,251,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:45 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:34 | 000,924,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:[b]64bit:[/b] - [2020/12/09 07:18:28 | 000,842,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2020/10/13 12:02:11 | 000,379,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\DispBroker.Desktop.dll -- (DispBrokerDesktopSvc)
SRV:[b]64bit:[/b] - [2020/10/13 12:02:07 | 000,329,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:43 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UdkUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DeviceAssociationBrokerSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_60a11)
SRV:[b]64bit:[/b] - [2020/10/13 12:00:27 | 000,057,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (AarSvc_60a11)
SRV:[b]64bit:[/b] - [2020/10/02 03:34:34 | 000,096,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:[b]64bit:[/b] - [2020/10/02 03:32:55 | 000,304,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2020/10/02 03:32:55 | 000,304,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2020/10/02 03:32:26 | 000,087,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2020/10/02 03:30:41 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2020/10/02 03:30:08 | 000,466,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:[b]64bit:[/b] - [2020/10/02 03:29:32 | 002,242,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:[b]64bit:[/b] - [2020/10/02 03:29:31 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:54 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:51 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:37 | 000,028,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:33 | 000,341,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:33 | 000,066,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:[b]64bit:[/b] - [2019/12/07 03:09:32 | 000,625,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:54 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:52 | 000,171,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:52 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:52 | 000,058,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:33 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:27 | 000,094,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:27 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:22 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:13 | 000,675,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:[b]64bit:[/b] - [2019/12/07 03:08:05 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:[b]64bit:[/b] - [2019/10/15 07:50:00 | 000,384,512 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:[b]64bit:[/b] - [2018/05/31 17:03:56 | 001,508,656 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe -- (ClientAnalyticsService)
SRV:[b]64bit:[/b] - [2016/01/10 13:55:05 | 000,307,456 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:[b]64bit:[/b] - [2016/01/10 13:31:19 | 000,255,504 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2014/04/14 20:59:04 | 000,389,896 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV - [2021/03/10 23:56:03 | 000,494,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2021/03/10 23:54:22 | 000,033,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2021/03/10 23:52:45 | 000,715,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2021/03/10 23:52:41 | 000,630,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2021/03/10 23:52:34 | 005,424,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2021/03/10 23:52:17 | 001,843,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2021/03/10 23:52:05 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\AarSvc.dll -- (AarSvc)
SRV - [2021/03/10 02:32:33 | 001,559,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.50\elevation_service.exe -- (MicrosoftEdgeElevationService)
SRV - [2021/02/09 13:58:36 | 000,345,600 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2021/02/09 13:57:34 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2021/02/09 13:57:13 | 001,234,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2021/01/25 22:55:56 | 000,169,672 | ---- | M] (Adobe Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2021/01/12 22:18:44 | 000,104,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV - [2021/01/12 22:14:26 | 000,188,536 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV - [2021/01/12 22:14:24 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2021/01/12 22:14:15 | 000,962,048 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2021/01/12 22:13:08 | 000,751,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2021/01/12 22:12:54 | 000,733,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\BTAGService.dll -- (BTAGService)
SRV - [2021/01/12 22:08:59 | 003,596,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2020/10/03 00:12:46 | 002,343,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe -- (WdNisSvc)
SRV - [2020/10/03 00:12:46 | 000,128,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe -- (WinDefend)
SRV - [2020/10/02 03:34:36 | 000,075,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2020/08/20 09:33:42 | 000,379,736 | ---- | M] (HP Inc.) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2020/07/11 00:22:03 | 000,224,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdatem)
SRV - [2020/07/11 00:22:03 | 000,224,160 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdate)
SRV - [2019/12/07 04:31:59 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2017/04/05 16:09:10 | 000,317,400 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/12/24 20:27:43 | 000,143,144 | ---- | M] (Dropbox, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdatem)
SRV - [2015/12/24 20:27:43 | 000,143,144 | ---- | M] (Dropbox, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe -- (dbupdate)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2021/03/10 23:51:27 | 000,403,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:33 | 000,202,544 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:33 | 000,149,328 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:33 | 000,093,184 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:33 | 000,091,136 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\cimfs.sys -- (CimFS)
DRV:[b]64bit:[/b] - [2021/03/10 23:50:29 | 000,180,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:45 | 000,958,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:36 | 000,259,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:34 | 000,677,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:34 | 000,155,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:34 | 000,051,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:[b]64bit:[/b] - [2021/03/10 23:49:33 | 000,329,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:45 | 000,207,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:31 | 000,495,104 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:30 | 002,004,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:19 | 000,321,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:[b]64bit:[/b] - [2021/02/09 13:56:19 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:[b]64bit:[/b] - [2021/02/09 13:55:44 | 000,305,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2021/02/09 13:55:44 | 000,060,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:[b]64bit:[/b] - [2021/01/18 03:58:42 | 000,089,112 | ---- | M] (McAfee, LLC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)
DRV:[b]64bit:[/b] - [2021/01/12 22:09:00 | 000,639,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:[b]64bit:[/b] - [2021/01/12 22:08:59 | 000,255,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:[b]64bit:[/b] - [2020/12/17 07:02:22 | 000,608,192 | ---- | M] (McAfee LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:[b]64bit:[/b] - [2020/12/17 07:02:22 | 000,107,968 | ---- | M] (McAfee LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:48 | 000,522,176 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:48 | 000,252,352 | ---- | M] (McAfee, LLC) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:48 | 000,116,672 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeplk.sys -- (mfeplk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:48 | 000,075,712 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:46 | 001,027,520 | ---- | M] (McAfee, LLC) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:46 | 000,544,704 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeaack.sys -- (mfeaack)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:46 | 000,385,984 | ---- | M] (McAfee, LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2020/12/11 17:36:46 | 000,085,944 | ---- | M] (McAfee, LLC) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mfeelamk.sys -- (mfeelamk)
DRV:[b]64bit:[/b] - [2020/12/09 07:20:08 | 000,031,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2020/12/09 07:19:49 | 000,095,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:[b]64bit:[/b] - [2020/12/09 07:18:59 | 000,233,800 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:[b]64bit:[/b] - [2020/12/09 07:18:16 | 000,602,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2020/12/09 07:18:16 | 000,418,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:[b]64bit:[/b] - [2020/12/09 07:18:16 | 000,168,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:[b]64bit:[/b] - [2020/11/25 00:21:28 | 000,104,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon)
DRV:[b]64bit:[/b] - [2020/11/25 00:19:47 | 000,250,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:[b]64bit:[/b] - [2020/10/13 12:00:57 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2020/10/13 12:00:23 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:[b]64bit:[/b] - [2020/10/13 12:00:05 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:[b]64bit:[/b] - [2020/10/13 11:58:46 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:[b]64bit:[/b] - [2020/10/13 11:58:42 | 000,026,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\IntelTA.sys -- (Telemetry)
DRV:[b]64bit:[/b] - [2020/10/03 00:12:47 | 000,069,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:[b]64bit:[/b] - [2020/10/03 00:12:46 | 000,428,256 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2020/10/03 00:12:46 | 000,048,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2020/10/02 03:31:10 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:[b]64bit:[/b] - [2020/10/02 03:30:40 | 000,322,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msquic.sys -- (MsQuic)
DRV:[b]64bit:[/b] - [2020/10/02 03:30:08 | 000,113,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:42 | 000,183,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:14 | 000,159,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:07 | 000,386,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:01 | 000,647,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:01 | 000,185,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:01 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:01 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:00 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:[b]64bit:[/b] - [2020/10/02 03:29:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2020/05/26 01:11:56 | 000,218,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:[b]64bit:[/b] - [2019/12/07 03:52:38 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2019/12/07 03:52:37 | 000,090,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:48 | 000,072,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPing.sys -- (NDKPing)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:37 | 000,095,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:34 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\spaceparser.sys -- (spaceparser)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:33 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:33 | 000,088,080 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:05 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2019/12/07 03:09:05 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:58 | 000,292,864 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:49 | 000,347,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:49 | 000,033,592 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:46 | 000,990,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:41 | 000,097,080 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:41 | 000,078,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:39 | 000,023,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,188,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,160,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,092,984 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,087,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,076,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,076,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:37 | 000,040,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:36 | 000,173,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:36 | 000,086,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:36 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\portcfg.sys -- (portcfg)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:16 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,415,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Acx01000.sys -- (Acx01000)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,259,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,139,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,059,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,059,392 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:09 | 000,042,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:05 | 000,057,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:[b]64bit:[/b] - [2019/12/07 03:08:05 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,089,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,059,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,041,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,035,128 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,027,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,023,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,019,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:57 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys -- (VirtualRender)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,110,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys -- (UfxChipidea)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,103,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,056,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,055,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,041,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,033,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys -- (UrsChipidea)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,029,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys -- (UrsSynopsys)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys -- (genericusbfn)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:56 | 000,018,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 001,853,752 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 001,131,320 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,884,752 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,558,904 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,537,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,319,800 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,305,464 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,168,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,158,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,146,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,138,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,079,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,073,016 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys -- (BasicDisplay)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,064,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,043,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,036,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:54 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 001,135,416 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,259,384 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,209,720 | ---- | M] (Microsemi Corportation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\SmartSAMD.sys -- (SmartSAMD)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,172,344 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,135,992 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,124,216 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,107,320 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,105,480 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,083,256 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,082,744 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,081,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,068,408 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,064,312 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,063,800 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,058,680 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,034,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\uefi.sys -- (UEFI)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,031,032 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,026,936 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:53 | 000,016,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 003,418,936 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,533,816 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,260,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio2.sys -- (usbaudio2)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,124,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys -- (CompositeBus)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,035,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,018,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:50 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,279,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthA2dp.sys -- (BthA2dp)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,177,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys -- (iaLPSS2i_I2C_GLK)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,177,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys -- (iaLPSS2i_I2C_CNL)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,144,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthHfEnum.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,112,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys -- (iaLPSS2i_GPIO2_CNL)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys -- (iaLPSS2i_GPIO2_GLK)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,093,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,091,136 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,066,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,045,568 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdi2c.sys -- (amdi2c)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,036,352 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelpmax.sys -- (intelpmax)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,018,432 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdgpio2.sys -- (amdgpio2)
DRV:[b]64bit:[/b] - [2019/12/07 03:07:47 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:[b]64bit:[/b] - [2019/06/27 09:14:58 | 000,138,064 | ---- | M] (Advanced Micro Devices, Inc. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdpsp.sys -- (amdpsp)
DRV:[b]64bit:[/b] - [2019/05/28 08:07:36 | 009,625,384 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane02.sys -- (RTWlanE02)
DRV:[b]64bit:[/b] - [2017/06/12 05:07:20 | 000,095,080 | ---- | M] (Advanced Micro Devices, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdkmcsp.sys -- (amdkmcsp)
DRV:[b]64bit:[/b] - [2017/04/26 01:09:04 | 000,110,088 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWT6.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2016/08/18 06:41:28 | 000,049,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:[b]64bit:[/b] - [2016/02/17 17:27:02 | 000,896,768 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:[b]64bit:[/b] - [2016/01/10 13:31:19 | 021,645,320 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2016/01/10 13:31:19 | 000,676,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (AMDKMDAP)
DRV:[b]64bit:[/b] - [2015/06/04 09:07:46 | 000,073,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:[b]64bit:[/b] - [2015/06/01 19:44:53 | 000,301,784 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:[b]64bit:[/b] - [2013/10/29 01:26:46 | 000,041,704 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd6.sys -- (clwvd6)
DRV - [2020/10/02 03:32:11 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2020/10/02 03:29:01 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys -- (BasicRender)
DRV - [2019/12/07 03:07:57 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys -- (VirtualRender)
DRV - [2019/12/07 03:07:56 | 000,110,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys -- (UfxChipidea)
DRV - [2019/12/07 03:07:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys -- (UrsChipidea)
DRV - [2019/12/07 03:07:56 | 000,029,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys -- (UrsSynopsys)
DRV - [2019/12/07 03:07:56 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys -- (genericusbfn)
DRV - [2019/12/07 03:07:54 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys -- (BasicDisplay)
DRV - [2019/12/07 03:07:53 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys -- (umbus)
DRV - [2019/12/07 03:07:53 | 000,034,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys -- (UEFI)
DRV - [2019/12/07 03:07:50 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys -- (CompositeBus)
DRV - [2019/12/07 03:07:50 | 000,018,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys -- (swenum)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKLM\..\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
 
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp15-comm.msn.com/?pc=HRTE
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = E8 D7 83 EE EB 40 D1 01  [binary data]
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 48 00 00 00 8A 10 0C 41 4D 61 71 D3 6E 1C 0B D7 A8 7A 35 4E 0D 0E 98 8D 16 07 E3 1B 3B F1 C2 96 DD 54 43 3D FC B4 68 84 22 F7 2B B0 F2 D1 70 39 D2 E8 EF 54 C1 44 B9 A0 91 1F EF EA 65 DC 4C 06 0C 39 AC B1 A7 8E 44 CA C4 B7 0B 73 02 00 00 00 0E 00 00 00 30 77 71 6F 76 67 38 6D 70 56 63 25 33 64  [Binary data over 200 bytes]
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\eades\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\wss.mcafee.chrome.extension\\: C:\PROGRAM FILES\MCAFEE\MSC\WSS.MCAFEE.FIREFOX.EXTENSION.JSON [2021/01/20 11:08:44 | 000,000,239 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\MCAFEE\MSKHKLM
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\wss.mcafee.chrome.extension\\: C:\Program Files\mcafee\MSC\wss.mcafee.firefox.extension.json [2021/01/20 11:08:44 | 000,000,239 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2021/02/15 23:53:05 | 000,000,000 | ---D | M]
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
O1 HOSTS File: ([2017/02/08 18:36:48 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.50\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.50\BHO\ie_to_edge_bho.dll (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PowerDVD14Agent] C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\Run: [HP Deskjet 3510 series (NET)] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\Run: [MicrosoftEdgeAutoLaunch_F26A7C5FFE1ED957283F3B8688899C87] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\Run: [OneDrive] C:\Users\eades\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..Trusted Domains: sharepoint.com ([bgh2-files] https in Trusted sites)
O15 - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..Trusted Domains: sharepoint.com ([bgh2-myfiles] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1823a591-e8d5-4763-b630-a92b04f795a8}: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25d0363f-a606-4b41-8dbd-fbccca3e23f2}: DhcpNameServer = 72.21.70.3 67.215.21.202 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, LLC)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, LLC)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2021/03/14 19:18:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2021/03/14 18:22:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2021/03/10 23:56:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cngkeyhelper.dll
[2021/03/10 23:55:59 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2021/03/10 23:55:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2021/03/10 23:55:57 | 004,272,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2021/03/10 23:55:57 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConsoleLogon.dll
[2021/03/10 23:55:57 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConsoleLogon.dll
[2021/03/10 23:55:57 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinBioDataModelOOBE.exe
[2021/03/10 23:55:56 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinBioDataModel.dll
[2021/03/10 23:55:51 | 004,824,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2021/03/10 23:55:51 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WalletService.dll
[2021/03/10 23:55:06 | 002,339,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2021/03/10 23:55:06 | 000,951,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2021/03/10 23:54:50 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVXENCD.DLL
[2021/03/10 23:54:49 | 001,014,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2021/03/10 23:54:49 | 000,176,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\COLORCNV.DLL
[2021/03/10 23:54:49 | 000,100,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VIDRESZR.DLL
[2021/03/10 23:54:48 | 003,557,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2021/03/10 23:54:48 | 001,301,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2021/03/10 23:54:48 | 001,126,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2021/03/10 23:54:48 | 001,092,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSI.PCShell.dll
[2021/03/10 23:54:48 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Analog.Shell.Broker.dll
[2021/03/10 23:54:45 | 024,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2021/03/10 23:54:45 | 002,453,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2021/03/10 23:54:44 | 002,520,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2021/03/10 23:54:44 | 000,689,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVXENCD.DLL
[2021/03/10 23:54:44 | 000,423,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2021/03/10 23:54:44 | 000,203,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\COLORCNV.DLL
[2021/03/10 23:54:44 | 000,114,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VIDRESZR.DLL
[2021/03/10 23:54:43 | 004,795,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2021/03/10 23:54:43 | 001,956,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2021/03/10 23:54:43 | 001,352,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2021/03/10 23:54:42 | 000,530,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2021/03/10 23:54:35 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\provplatformdesktop.dll
[2021/03/10 23:54:35 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2021/03/10 23:54:34 | 007,109,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2021/03/10 23:54:34 | 001,314,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2021/03/10 23:54:33 | 001,548,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2021/03/10 23:54:33 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\opengl32.dll
[2021/03/10 23:54:33 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glu32.dll
[2021/03/10 23:54:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msimsg.dll
[2021/03/10 23:54:32 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbnetlib.dll
[2021/03/10 23:54:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2021/03/10 23:54:30 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2021/03/10 23:54:29 | 000,379,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2021/03/10 23:54:29 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2021/03/10 23:54:27 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2021/03/10 23:54:26 | 000,837,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2021/03/10 23:54:24 | 019,870,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2021/03/10 23:54:23 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2021/03/10 23:54:22 | 000,209,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2021/03/10 23:54:22 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\net1.exe
[2021/03/10 23:54:22 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\udhisapi.dll
[2021/03/10 23:54:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XInput1_4.dll
[2021/03/10 23:54:22 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\upnpcont.exe
[2021/03/10 23:54:21 | 002,495,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2021/03/10 23:54:21 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PayloadRestrictions.dll
[2021/03/10 23:54:21 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2021/03/10 23:54:21 | 000,033,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smphost.dll
[2021/03/10 23:53:57 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provplatformdesktop.dll
[2021/03/10 23:53:56 | 002,246,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2021/03/10 23:53:56 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2021/03/10 23:53:56 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2021/03/10 23:53:56 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFolders.exe
[2021/03/10 23:53:56 | 000,018,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshhyperv.dll
[2021/03/10 23:53:55 | 000,361,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2021/03/10 23:53:55 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2021/03/10 23:53:54 | 008,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2021/03/10 23:53:54 | 002,040,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2021/03/10 23:53:54 | 001,721,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2021/03/10 23:53:53 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2021/03/10 23:53:53 | 000,995,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2021/03/10 23:53:53 | 000,149,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Profile.HardwareId.dll
[2021/03/10 23:53:52 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glu32.dll
[2021/03/10 23:53:51 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\opengl32.dll
[2021/03/10 23:53:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msimsg.dll
[2021/03/10 23:53:50 | 003,293,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2021/03/10 23:53:49 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbnetlib.dll
[2021/03/10 23:53:49 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2021/03/10 23:53:48 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IESettingSync.exe
[2021/03/10 23:53:48 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2021/03/10 23:53:47 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2021/03/10 23:53:46 | 004,901,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2021/03/10 23:53:45 | 007,784,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2021/03/10 23:53:44 | 000,887,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2021/03/10 23:53:44 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2021/03/10 23:53:41 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2021/03/10 23:53:41 | 000,944,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2021/03/10 23:53:37 | 026,273,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2021/03/10 23:53:35 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2021/03/10 23:53:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2021/03/10 23:53:04 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XInput1_4.dll
[2021/03/10 23:53:03 | 000,036,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smphost.dll
[2021/03/10 23:53:02 | 003,178,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2021/03/10 23:53:02 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2021/03/10 23:53:02 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2021/03/10 23:53:02 | 000,086,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spaceman.exe
[2021/03/10 23:53:01 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\net1.exe
[2021/03/10 23:52:58 | 001,314,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2021/03/10 23:52:58 | 000,805,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2021/03/10 23:52:58 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2021/03/10 23:52:58 | 000,218,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2021/03/10 23:52:57 | 001,570,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2021/03/10 23:52:57 | 001,268,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2021/03/10 23:52:57 | 000,171,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2021/03/10 23:52:57 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\udhisapi.dll
[2021/03/10 23:52:56 | 000,973,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PayloadRestrictions.dll
[2021/03/10 23:52:56 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upnpcont.exe
[2021/03/10 23:52:55 | 001,720,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2021/03/10 23:52:54 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2021/03/10 23:52:53 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2021/03/10 23:52:53 | 000,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2021/03/10 23:52:53 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtm.dll
[2021/03/10 23:52:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtprio.dll
[2021/03/10 23:52:52 | 001,044,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2021/03/10 23:52:52 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2021/03/10 23:52:52 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvsetup.dll
[2021/03/10 23:52:52 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spfileq.dll
[2021/03/10 23:52:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2021/03/10 23:52:50 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2021/03/10 23:52:50 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3r.dll
[2021/03/10 23:52:49 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2021/03/10 23:52:48 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll
[2021/03/10 23:52:48 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2021/03/10 23:52:47 | 008,899,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2021/03/10 23:52:47 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2021/03/10 23:52:47 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2021/03/10 23:52:45 | 000,948,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2021/03/10 23:52:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DMAlertListener.ProxyStub.dll
[2021/03/10 23:52:44 | 000,715,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2021/03/10 23:52:44 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2021/03/10 23:52:44 | 000,410,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2021/03/10 23:52:44 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovs.dll
[2021/03/10 23:52:44 | 000,174,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\omadmapi.dll
[2021/03/10 23:52:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmpushproxy.dll
[2021/03/10 23:52:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2021/03/10 23:52:44 | 000,020,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerEnc.dll
[2021/03/10 23:52:43 | 001,494,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2021/03/10 23:52:43 | 000,482,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2021/03/10 23:52:43 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2021/03/10 23:52:43 | 000,151,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2021/03/10 23:52:42 | 000,896,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2021/03/10 23:52:42 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2021/03/10 23:52:41 | 002,635,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2021/03/10 23:52:41 | 000,630,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2021/03/10 23:52:41 | 000,603,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2021/03/10 23:52:40 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2021/03/10 23:52:39 | 000,965,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2021/03/10 23:52:39 | 000,734,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2021/03/10 23:52:39 | 000,456,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2021/03/10 23:52:39 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2021/03/10 23:52:39 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtutil.exe
[2021/03/10 23:52:39 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2021/03/10 23:52:38 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2021/03/10 23:52:37 | 002,750,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2021/03/10 23:52:37 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2021/03/10 23:52:37 | 000,092,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2021/03/10 23:52:36 | 001,587,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2021/03/10 23:52:36 | 000,403,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2021/03/10 23:52:36 | 000,179,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Management.Workplace.dll
[2021/03/10 23:52:36 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2021/03/10 23:52:36 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml6r.dll
[2021/03/10 23:52:35 | 003,824,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2021/03/10 23:52:35 | 000,602,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2021/03/10 23:52:35 | 000,583,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StateRepository.Core.dll
[2021/03/10 23:52:35 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2021/03/10 23:52:35 | 000,176,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2021/03/10 23:52:35 | 000,099,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
[2021/03/10 23:52:35 | 000,042,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryCore.dll
[2021/03/10 23:52:34 | 005,424,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2021/03/10 23:52:34 | 000,759,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2021/03/10 23:52:34 | 000,126,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\profext.dll
[2021/03/10 23:52:33 | 006,361,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2021/03/10 23:52:33 | 001,695,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2021/03/10 23:52:33 | 000,234,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2021/03/10 23:52:18 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2021/03/10 23:52:17 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2021/03/10 23:52:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TileDataRepository.dll
[2021/03/10 23:52:17 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fidocredprov.dll
[2021/03/10 23:52:16 | 002,602,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2021/03/10 23:52:16 | 000,754,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2021/03/10 23:52:16 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2021/03/10 23:52:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2021/03/10 23:52:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2021/03/10 23:52:15 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2021/03/10 23:52:15 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2021/03/10 23:52:15 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2021/03/10 23:52:14 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2021/03/10 23:52:14 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2021/03/10 23:52:14 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2021/03/10 23:52:13 | 001,055,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2021/03/10 23:52:13 | 000,654,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2021/03/10 23:52:13 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d9on12.dll
[2021/03/10 23:52:13 | 000,468,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11on12.dll
[2021/03/10 23:52:13 | 000,061,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2021/03/10 23:52:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AssignedAccessRuntime.dll
[2021/03/10 23:52:12 | 001,391,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2021/03/10 23:52:11 | 014,762,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2021/03/10 23:52:10 | 000,943,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2021/03/10 23:52:10 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2021/03/10 23:52:09 | 000,264,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2021/03/10 23:52:09 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2021/03/10 23:52:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winrscmd.dll
[2021/03/10 23:52:09 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManMigrationPlugin.dll
[2021/03/10 23:52:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmprovhost.exe
[2021/03/10 23:52:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2021/03/10 23:52:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmRes.dll
[2021/03/10 23:52:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2021/03/10 23:52:09 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmplpxy.dll
[2021/03/10 23:52:08 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2021/03/10 23:52:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2021/03/10 23:52:08 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2021/03/10 23:52:07 | 004,743,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2021/03/10 23:52:07 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcext.dll
[2021/03/10 23:52:07 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2021/03/10 23:52:07 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2021/03/10 23:52:07 | 000,312,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2021/03/10 23:52:06 | 004,123,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2021/03/10 23:52:06 | 000,922,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll
[2021/03/10 23:52:06 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2021/03/10 23:52:06 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCertResources.dll
[2021/03/10 23:52:05 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntimewindows.dll
[2021/03/10 23:52:05 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntime.dll
[2021/03/10 23:52:05 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.ConversationalAgent.dll
[2021/03/10 23:52:05 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AarSvc.dll
[2021/03/10 23:52:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2021/03/10 23:52:03 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2021/03/10 23:52:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2021/03/10 23:52:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardBi.dll
[2021/03/10 23:51:59 | 002,204,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2021/03/10 23:51:59 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2021/03/10 23:51:59 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.FileExplorer.Common.dll
[2021/03/10 23:51:58 | 000,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2021/03/10 23:51:58 | 000,702,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2021/03/10 23:51:58 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.FileExplorer.dll
[2021/03/10 23:51:57 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2021/03/10 23:51:57 | 000,628,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2021/03/10 23:51:57 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2021/03/10 23:51:57 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtprio.dll
[2021/03/10 23:51:56 | 001,335,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2021/03/10 23:51:56 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2021/03/10 23:51:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2021/03/10 23:51:56 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtm.dll
[2021/03/10 23:51:55 | 004,650,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2021/03/10 23:51:55 | 000,326,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2021/03/10 23:51:55 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spfileq.dll
[2021/03/10 23:51:54 | 003,938,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2021/03/10 23:51:54 | 001,434,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2021/03/10 23:51:54 | 001,240,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_IME.dll
[2021/03/10 23:51:53 | 002,179,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2021/03/10 23:51:53 | 000,554,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2021/03/10 23:51:53 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2021/03/10 23:51:52 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2021/03/10 23:51:52 | 000,379,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2021/03/10 23:51:52 | 000,362,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2021/03/10 23:51:51 | 001,751,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2021/03/10 23:51:51 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2021/03/10 23:51:50 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml3r.dll
[2021/03/10 23:51:36 | 000,765,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFx02000.dll
[2021/03/10 23:51:36 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2021/03/10 23:51:36 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AxInstUI.exe
[2021/03/10 23:51:35 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockController.dll
[2021/03/10 23:51:35 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockHostingFramework.dll
[2021/03/10 23:51:35 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2021/03/10 23:51:35 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2021/03/10 23:51:35 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2021/03/10 23:51:34 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2021/03/10 23:51:33 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2021/03/10 23:51:33 | 001,068,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2021/03/10 23:51:33 | 000,288,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2021/03/10 23:51:33 | 000,133,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2021/03/10 23:51:32 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2021/03/10 23:51:32 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2021/03/10 23:51:32 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmclient.exe
[2021/03/10 23:51:32 | 000,223,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmapi.dll
[2021/03/10 23:51:32 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2021/03/10 23:51:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2021/03/10 23:51:32 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmprc.exe
[2021/03/10 23:51:32 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2021/03/10 23:51:32 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMAlertListener.ProxyStub.dll
[2021/03/10 23:51:31 | 001,787,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2021/03/10 23:51:31 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2021/03/10 23:51:30 | 000,544,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMPushRouterCore.dll
[2021/03/10 23:51:30 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmpushproxy.dll
[2021/03/10 23:51:29 | 000,873,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2021/03/10 23:51:29 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\configmanager2.dll
[2021/03/10 23:51:29 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2021/03/10 23:51:29 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2021/03/10 23:51:29 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovs.dll
[2021/03/10 23:51:29 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2021/03/10 23:51:28 | 001,479,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2021/03/10 23:51:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntlanman.dll
[2021/03/10 23:51:27 | 001,129,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2021/03/10 23:51:27 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2021/03/10 23:51:27 | 000,502,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2021/03/10 23:51:27 | 000,403,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2021/03/10 23:51:27 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_G18030.DLL
[2021/03/10 23:51:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_IS2022.DLL
[2021/03/10 23:51:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\c_GSM7.DLL
[2021/03/10 23:51:26 | 000,115,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profapi.dll
[2021/03/10 23:51:25 | 010,842,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2021/03/10 23:51:24 | 002,024,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2021/03/10 23:51:24 | 000,488,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2021/03/10 23:51:24 | 000,171,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2021/03/10 23:51:24 | 000,024,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerEnc.dll
[2021/03/10 23:51:24 | 000,017,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2021/03/10 23:51:23 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2021/03/10 23:51:23 | 000,862,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2021/03/10 23:51:23 | 000,568,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2021/03/10 23:51:23 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2021/03/10 23:51:23 | 000,260,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2021/03/10 23:51:23 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2021/03/10 23:51:23 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pacjsworker.exe
[2021/03/10 23:51:22 | 001,425,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2021/03/10 23:51:22 | 001,393,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2021/03/10 23:51:21 | 003,507,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2021/03/10 23:51:21 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2021/03/10 23:51:21 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2021/03/10 23:51:20 | 010,352,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2021/03/10 23:51:20 | 000,531,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2021/03/10 23:51:19 | 003,592,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2021/03/10 23:51:19 | 000,764,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2021/03/10 23:51:19 | 000,522,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2021/03/10 23:51:18 | 000,412,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2021/03/10 23:51:17 | 001,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2021/03/10 23:51:17 | 001,555,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2021/03/10 23:51:17 | 001,394,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2021/03/10 23:51:17 | 001,198,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2021/03/10 23:51:16 | 000,389,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2021/03/10 23:51:16 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Win32CompatibilityAppraiserCSP.dll
[2021/03/10 23:51:15 | 002,007,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2021/03/10 23:51:15 | 001,213,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2021/03/10 23:51:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2021/03/10 23:51:15 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tier2punctuations.dll
[2021/03/10 23:51:14 | 003,852,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2021/03/10 23:51:13 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Language.dll
[2021/03/10 23:51:13 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Region.dll
[2021/03/10 23:51:11 | 001,215,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2021/03/10 23:51:11 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2021/03/10 23:51:11 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2021/03/10 23:51:10 | 001,767,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2021/03/10 23:51:09 | 003,901,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2021/03/10 23:51:09 | 002,454,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2021/03/10 23:50:47 | 001,139,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2021/03/10 23:50:47 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2021/03/10 23:50:46 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winrscmd.dll
[2021/03/10 23:50:46 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManMigrationPlugin.dll
[2021/03/10 23:50:46 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmprovhost.exe
[2021/03/10 23:50:46 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2021/03/10 23:50:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmplpxy.dll
[2021/03/10 23:50:45 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2021/03/10 23:50:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmRes.dll
[2021/03/10 23:50:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2021/03/10 23:50:44 | 000,668,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplicationFrame.dll
[2021/03/10 23:50:44 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2021/03/10 23:50:41 | 006,236,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2021/03/10 23:50:41 | 004,008,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2021/03/10 23:50:41 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_PCDisplay.dll
[2021/03/10 23:50:41 | 000,519,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2021/03/10 23:50:41 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2021/03/10 23:50:41 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.SharedPC.CredentialProvider.dll
[2021/03/10 23:50:40 | 000,587,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2021/03/10 23:50:40 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2021/03/10 23:50:40 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2021/03/10 23:50:40 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2021/03/10 23:50:39 | 000,923,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2021/03/10 23:50:39 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2021/03/10 23:50:38 | 002,594,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2021/03/10 23:50:38 | 001,097,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2021/03/10 23:50:38 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2021/03/10 23:50:38 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2021/03/10 23:50:37 | 001,532,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2021/03/10 23:50:37 | 001,415,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2021/03/10 23:50:37 | 000,706,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upshared.dll
[2021/03/10 23:50:37 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2021/03/10 23:50:37 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2021/03/10 23:50:37 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2021/03/10 23:50:36 | 000,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_SpeechPrivacy.dll
[2021/03/10 23:50:36 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Authentication.dll
[2021/03/10 23:50:36 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2021/03/10 23:50:36 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2021/03/10 23:50:35 | 000,403,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtapi.dll
[2021/03/10 23:50:35 | 000,291,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtutil.exe
[2021/03/10 23:50:34 | 003,764,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Bluetooth.Service.dll
[2021/03/10 23:50:34 | 000,601,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2021/03/10 23:50:33 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2021/03/10 23:50:33 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2021/03/10 23:50:33 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll
[2021/03/10 23:50:33 | 000,202,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2021/03/10 23:50:33 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cimfs.dll
[2021/03/10 23:50:33 | 000,149,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2021/03/10 23:50:33 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2021/03/10 23:50:33 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bindfltapi.dll
[2021/03/10 23:50:33 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadjcsp.dll
[2021/03/10 23:50:33 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcnfs.sys
[2021/03/10 23:50:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnosticsTool.exe
[2021/03/10 23:50:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wci.dll
[2021/03/10 23:50:32 | 003,815,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2021/03/10 23:50:32 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2021/03/10 23:50:31 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2021/03/10 23:50:31 | 000,132,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2021/03/10 23:50:30 | 001,824,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2021/03/10 23:50:30 | 001,496,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2021/03/10 23:50:29 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2021/03/10 23:50:29 | 000,180,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2021/03/10 23:50:28 | 000,725,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2021/03/10 23:50:28 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2021/03/10 23:50:28 | 000,058,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryCore.dll
[2021/03/10 23:50:27 | 005,858,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2021/03/10 23:50:27 | 001,337,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryPS.dll
[2021/03/10 23:50:27 | 000,249,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2021/03/10 23:50:27 | 000,117,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2021/03/10 23:50:26 | 001,021,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2021/03/10 23:50:26 | 001,009,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2021/03/10 23:50:26 | 000,676,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2021/03/10 23:50:26 | 000,361,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2021/03/10 23:50:26 | 000,175,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47mrm.dll
[2021/03/10 23:50:26 | 000,157,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profext.dll
[2021/03/10 23:50:25 | 007,965,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2021/03/10 23:50:24 | 003,329,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2021/03/10 23:50:24 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2021/03/10 23:50:23 | 002,321,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2021/03/10 23:50:23 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2021/03/10 23:50:22 | 002,437,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2021/03/10 23:50:22 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2021/03/10 23:50:22 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fidocredprov.dll
[2021/03/10 23:50:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2021/03/10 23:50:21 | 002,251,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2021/03/10 23:50:21 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsf3gip.dll
[2021/03/10 23:50:21 | 001,021,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2021/03/10 23:50:21 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2021/03/10 23:50:20 | 004,732,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2021/03/10 23:50:20 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2021/03/10 23:50:20 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2021/03/10 23:50:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2021/03/10 23:50:19 | 003,301,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2021/03/10 23:50:19 | 002,970,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2021/03/10 23:50:19 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2021/03/10 23:50:19 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2021/03/10 23:50:18 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2021/03/10 23:50:18 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2021/03/10 23:50:18 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2021/03/10 23:50:18 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2021/03/10 23:50:18 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2021/03/10 23:50:18 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2021/03/10 23:50:17 | 002,919,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2021/03/10 23:50:17 | 001,784,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2021/03/10 23:50:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2021/03/10 23:50:16 | 003,749,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2021/03/10 23:50:16 | 000,751,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9on12.dll
[2021/03/10 23:50:16 | 000,603,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11on12.dll
[2021/03/10 23:50:00 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2021/03/10 23:50:00 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml6r.dll
[2021/03/10 23:49:59 | 000,906,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2021/03/10 23:49:59 | 000,454,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2021/03/10 23:49:59 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2021/03/10 23:49:58 | 000,596,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.LowLevel.dll
[2021/03/10 23:49:58 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2021/03/10 23:49:58 | 000,250,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Workplace.dll
[2021/03/10 23:49:57 | 008,015,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2021/03/10 23:49:57 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SerialCommunication.dll
[2021/03/10 23:49:56 | 001,712,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2021/03/10 23:49:56 | 000,539,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Enumeration.dll
[2021/03/10 23:49:56 | 000,122,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll
[2021/03/10 23:49:55 | 003,067,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2021/03/10 23:49:55 | 002,378,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2021/03/10 23:49:55 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2021/03/10 23:49:55 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2021/03/10 23:49:54 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2021/03/10 23:49:54 | 000,070,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2021/03/10 23:49:52 | 017,544,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2021/03/10 23:49:52 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2021/03/10 23:49:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AssignedAccessRuntime.dll
[2021/03/10 23:49:50 | 002,111,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2021/03/10 23:49:50 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2021/03/10 23:49:50 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2021/03/10 23:49:49 | 006,187,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2021/03/10 23:49:49 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2021/03/10 23:49:48 | 000,668,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2021/03/10 23:49:46 | 005,751,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2021/03/10 23:49:46 | 000,388,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialEnrollmentManager.exe
[2021/03/10 23:49:46 | 000,077,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialEnrollmentManagerForUser.dll
[2021/03/10 23:49:45 | 001,094,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskbarcpl.dll
[2021/03/10 23:49:45 | 000,958,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2021/03/10 23:49:45 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2021/03/10 23:49:44 | 004,704,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2021/03/10 23:49:44 | 001,290,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2021/03/10 23:49:44 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll
[2021/03/10 23:49:44 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2021/03/10 23:49:44 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_WorkAccess.dll
[2021/03/10 23:49:44 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCertResources.dll
[2021/03/10 23:49:43 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wbemcomn.dll
[2021/03/10 23:49:43 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2021/03/10 23:49:42 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2021/03/10 23:49:41 | 000,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2021/03/10 23:49:41 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2021/03/10 23:49:41 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2021/03/10 23:49:41 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCore.dll
[2021/03/10 23:49:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2021/03/10 23:49:41 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCsp.dll
[2021/03/10 23:49:41 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NFCProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2021/03/10 23:49:41 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvPluginEng.dll
[2021/03/10 23:49:41 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BarcodeProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemovableMediaProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2021/03/10 23:49:40 | 001,278,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2021/03/10 23:49:40 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelinesvc.exe
[2021/03/10 23:49:40 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2021/03/10 23:49:40 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelineprxy.dll
[2021/03/10 23:49:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2021/03/10 23:49:39 | 000,713,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2021/03/10 23:49:39 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RjvMDMConfig.dll
[2021/03/10 23:49:39 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2021/03/10 23:49:39 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ofdeploy.exe
[2021/03/10 23:49:37 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntime.dll
[2021/03/10 23:49:37 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.ConversationalAgent.dll
[2021/03/10 23:49:37 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AarSvc.dll
[2021/03/10 23:49:37 | 000,374,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2021/03/10 23:49:36 | 000,889,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2021/03/10 23:49:36 | 000,887,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntimewindows.dll
[2021/03/10 23:49:36 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2021/03/10 23:49:36 | 000,127,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandler.exe
[2021/03/10 23:49:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilotdiag.dll
[2021/03/10 23:49:36 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandlerPS.dll
[2021/03/10 23:49:35 | 000,937,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2021/03/10 23:49:35 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2021/03/10 23:49:35 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xboxgipsvc.dll
[2021/03/10 23:49:35 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2021/03/10 23:49:34 | 000,677,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2021/03/10 23:49:34 | 000,215,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2021/03/10 23:49:34 | 000,155,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2021/03/10 23:49:34 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2021/03/10 23:49:34 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2021/03/10 23:49:33 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2021/03/10 23:49:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\devauthe.sys
[2021/03/10 22:37:13 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2021/03/10 22:37:11 | 000,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2021/03/03 12:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2021/03/02 21:12:28 | 000,047,600 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-stable.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-dev.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-canary.sys
[2021/03/02 21:12:28 | 000,044,272 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\DbxSvc.exe
[6 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[3 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[24 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2021/03/14 20:48:01 | 000,934,922 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2021/03/14 20:48:01 | 000,775,830 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2021/03/14 20:48:01 | 000,159,666 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2021/03/14 20:42:38 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2021/03/14 20:40:34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2021/03/14 20:40:32 | 1483,653,120 | -HS- | M] () -- C:\hiberfil.sys
[2021/03/14 20:39:53 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2021/03/14 18:00:11 | 000,448,312 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2021/03/12 12:50:42 | 000,002,266 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Edge.lnk
[2021/03/10 23:56:00 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cngkeyhelper.dll
[2021/03/10 23:55:59 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iisRtl.dll
[2021/03/10 23:55:59 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ahadmin.dll
[2021/03/10 23:55:58 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ConsoleLogon.dll
[2021/03/10 23:55:57 | 004,272,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2021/03/10 23:55:57 | 000,388,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConsoleLogon.dll
[2021/03/10 23:55:57 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinBioDataModelOOBE.exe
[2021/03/10 23:55:56 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinBioDataModel.dll
[2021/03/10 23:55:52 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WalletService.dll
[2021/03/10 23:55:51 | 004,824,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2021/03/10 23:55:06 | 002,339,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2021/03/10 23:55:06 | 000,951,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2021/03/10 23:54:50 | 000,680,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVXENCD.DLL
[2021/03/10 23:54:49 | 003,557,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2021/03/10 23:54:49 | 001,014,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2021/03/10 23:54:49 | 000,176,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\COLORCNV.DLL
[2021/03/10 23:54:49 | 000,100,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VIDRESZR.DLL
[2021/03/10 23:54:48 | 001,301,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2021/03/10 23:54:48 | 001,126,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2021/03/10 23:54:48 | 001,092,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HoloSI.PCShell.dll
[2021/03/10 23:54:48 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Analog.Shell.Broker.dll
[2021/03/10 23:54:47 | 024,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2021/03/10 23:54:45 | 002,453,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2021/03/10 23:54:45 | 000,423,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2021/03/10 23:54:44 | 002,520,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2021/03/10 23:54:44 | 001,352,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2021/03/10 23:54:44 | 000,689,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVXENCD.DLL
[2021/03/10 23:54:44 | 000,203,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\COLORCNV.DLL
[2021/03/10 23:54:44 | 000,114,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VIDRESZR.DLL
[2021/03/10 23:54:43 | 004,795,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2021/03/10 23:54:43 | 001,956,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2021/03/10 23:54:43 | 000,530,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2021/03/10 23:54:35 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\provplatformdesktop.dll
[2021/03/10 23:54:35 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2021/03/10 23:54:34 | 007,109,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2021/03/10 23:54:34 | 001,548,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2021/03/10 23:54:34 | 001,314,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2021/03/10 23:54:33 | 000,923,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\opengl32.dll
[2021/03/10 23:54:33 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glu32.dll
[2021/03/10 23:54:33 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msimsg.dll
[2021/03/10 23:54:32 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbnetlib.dll
[2021/03/10 23:54:31 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2021/03/10 23:54:30 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2021/03/10 23:54:29 | 000,379,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2021/03/10 23:54:29 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IndexedDbLegacy.dll
[2021/03/10 23:54:27 | 000,805,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2021/03/10 23:54:26 | 000,837,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2021/03/10 23:54:25 | 019,870,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2021/03/10 23:54:24 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2021/03/10 23:54:22 | 000,209,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werui.dll
[2021/03/10 23:54:22 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\net1.exe
[2021/03/10 23:54:22 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\udhisapi.dll
[2021/03/10 23:54:22 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XInput1_4.dll
[2021/03/10 23:54:22 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\upnpcont.exe
[2021/03/10 23:54:22 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\smphost.dll
[2021/03/10 23:54:21 | 002,495,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2021/03/10 23:54:21 | 000,737,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PayloadRestrictions.dll
[2021/03/10 23:54:21 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll
[2021/03/10 23:53:57 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provplatformdesktop.dll
[2021/03/10 23:53:56 | 002,246,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2021/03/10 23:53:56 | 000,893,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2021/03/10 23:53:56 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2021/03/10 23:53:56 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFolders.exe
[2021/03/10 23:53:56 | 000,018,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshhyperv.dll
[2021/03/10 23:53:55 | 008,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2021/03/10 23:53:55 | 000,361,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2021/03/10 23:53:55 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2021/03/10 23:53:54 | 002,040,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2021/03/10 23:53:54 | 001,721,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2021/03/10 23:53:54 | 000,995,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2021/03/10 23:53:53 | 001,257,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2021/03/10 23:53:53 | 000,149,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Profile.HardwareId.dll
[2021/03/10 23:53:52 | 001,064,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\opengl32.dll
[2021/03/10 23:53:52 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glu32.dll
[2021/03/10 23:53:51 | 003,293,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2021/03/10 23:53:51 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msimsg.dll
[2021/03/10 23:53:49 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbnetlib.dll
[2021/03/10 23:53:49 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2021/03/10 23:53:48 | 000,539,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IESettingSync.exe
[2021/03/10 23:53:48 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2021/03/10 23:53:47 | 004,901,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2021/03/10 23:53:47 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2021/03/10 23:53:45 | 007,784,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2021/03/10 23:53:44 | 000,887,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2021/03/10 23:53:44 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IndexedDbLegacy.dll
[2021/03/10 23:53:42 | 000,944,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2021/03/10 23:53:41 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2021/03/10 23:53:39 | 026,273,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2021/03/10 23:53:35 | 000,863,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2021/03/10 23:53:04 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werui.dll
[2021/03/10 23:53:04 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XInput1_4.dll
[2021/03/10 23:53:03 | 000,036,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smphost.dll
[2021/03/10 23:53:02 | 003,178,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2021/03/10 23:53:02 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll
[2021/03/10 23:53:02 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAppInstaller.exe
[2021/03/10 23:53:02 | 000,086,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spaceman.exe
[2021/03/10 23:53:01 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\net1.exe
[2021/03/10 23:52:58 | 001,314,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi
[2021/03/10 23:52:58 | 000,805,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2021/03/10 23:52:58 | 000,615,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2021/03/10 23:52:58 | 000,218,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2021/03/10 23:52:58 | 000,011,359 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2021/03/10 23:52:57 | 001,570,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2021/03/10 23:52:57 | 001,268,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2021/03/10 23:52:57 | 000,171,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2021/03/10 23:52:57 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\udhisapi.dll
[2021/03/10 23:52:57 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upnpcont.exe
[2021/03/10 23:52:56 | 000,973,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PayloadRestrictions.dll
[2021/03/10 23:52:55 | 001,720,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2021/03/10 23:52:54 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.FileExplorer.dll
[2021/03/10 23:52:53 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtrmgr.dll
[2021/03/10 23:52:53 | 000,495,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdlg.dll
[2021/03/10 23:52:53 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rtm.dll
[2021/03/10 23:52:53 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iprtprio.dll
[2021/03/10 23:52:52 | 001,044,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2021/03/10 23:52:52 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasplap.dll
[2021/03/10 23:52:52 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvsetup.dll
[2021/03/10 23:52:52 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spfileq.dll
[2021/03/10 23:52:51 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2021/03/10 23:52:50 | 000,431,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasgcw.dll
[2021/03/10 23:52:50 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3r.dll
[2021/03/10 23:52:49 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LockAppBroker.dll
[2021/03/10 23:52:49 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2021/03/10 23:52:48 | 008,899,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2021/03/10 23:52:48 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2021/03/10 23:52:47 | 000,403,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgeIso.dll
[2021/03/10 23:52:47 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msIso.dll
[2021/03/10 23:52:45 | 000,948,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2021/03/10 23:52:45 | 000,715,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2021/03/10 23:52:45 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DMAlertListener.ProxyStub.dll
[2021/03/10 23:52:44 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2021/03/10 23:52:44 | 000,410,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2021/03/10 23:52:44 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovs.dll
[2021/03/10 23:52:44 | 000,174,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\omadmapi.dll
[2021/03/10 23:52:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmpushproxy.dll
[2021/03/10 23:52:44 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2021/03/10 23:52:44 | 000,020,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerEnc.dll
[2021/03/10 23:52:43 | 001,494,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2021/03/10 23:52:43 | 000,482,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2021/03/10 23:52:43 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2021/03/10 23:52:43 | 000,151,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2021/03/10 23:52:42 | 000,896,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2021/03/10 23:52:42 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2021/03/10 23:52:41 | 002,635,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2021/03/10 23:52:41 | 000,630,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2021/03/10 23:52:41 | 000,603,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wimgapi.dll
[2021/03/10 23:52:40 | 000,965,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2021/03/10 23:52:40 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2021/03/10 23:52:39 | 000,734,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2021/03/10 23:52:39 | 000,456,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppResolver.dll
[2021/03/10 23:52:39 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2021/03/10 23:52:39 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wevtutil.exe
[2021/03/10 23:52:39 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2021/03/10 23:52:38 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2021/03/10 23:52:37 | 002,750,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2021/03/10 23:52:37 | 001,587,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2021/03/10 23:52:37 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2021/03/10 23:52:37 | 000,092,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2021/03/10 23:52:36 | 000,403,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2021/03/10 23:52:36 | 000,179,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Management.Workplace.dll
[2021/03/10 23:52:36 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2021/03/10 23:52:36 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml6r.dll
[2021/03/10 23:52:35 | 003,824,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2021/03/10 23:52:35 | 000,602,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
[2021/03/10 23:52:35 | 000,583,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StateRepository.Core.dll
[2021/03/10 23:52:35 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll
[2021/03/10 23:52:35 | 000,176,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2021/03/10 23:52:35 | 000,099,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
[2021/03/10 23:52:35 | 000,042,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryCore.dll
[2021/03/10 23:52:34 | 006,361,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2021/03/10 23:52:34 | 005,424,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2021/03/10 23:52:34 | 000,759,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2021/03/10 23:52:34 | 000,126,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\profext.dll
[2021/03/10 23:52:33 | 001,695,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2021/03/10 23:52:33 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2021/03/10 23:52:18 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2021/03/10 23:52:17 | 001,843,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2021/03/10 23:52:17 | 000,754,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2021/03/10 23:52:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TileDataRepository.dll
[2021/03/10 23:52:17 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fidocredprov.dll
[2021/03/10 23:52:16 | 002,602,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2021/03/10 23:52:16 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2021/03/10 23:52:16 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2021/03/10 23:52:16 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2021/03/10 23:52:15 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2021/03/10 23:52:15 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2021/03/10 23:52:15 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
[2021/03/10 23:52:15 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2021/03/10 23:52:14 | 000,611,952 | ---- | M] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2021/03/10 23:52:14 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d9on12.dll
[2021/03/10 23:52:14 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2021/03/10 23:52:14 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2021/03/10 23:52:13 | 001,391,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2021/03/10 23:52:13 | 001,055,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2021/03/10 23:52:13 | 000,654,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2021/03/10 23:52:13 | 000,468,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11on12.dll
[2021/03/10 23:52:13 | 000,061,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2021/03/10 23:52:13 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AssignedAccessRuntime.dll
[2021/03/10 23:52:12 | 014,762,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2021/03/10 23:52:11 | 000,943,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2021/03/10 23:52:10 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\framedynos.dll
[2021/03/10 23:52:10 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncobjapi.dll
[2021/03/10 23:52:09 | 000,264,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmWmiPl.dll
[2021/03/10 23:52:09 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winrscmd.dll
[2021/03/10 23:52:09 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManMigrationPlugin.dll
[2021/03/10 23:52:09 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmprovhost.exe
[2021/03/10 23:52:09 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2021/03/10 23:52:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmRes.dll
[2021/03/10 23:52:09 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAgent.dll
[2021/03/10 23:52:09 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsmplpxy.dll
[2021/03/10 23:52:08 | 004,743,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2021/03/10 23:52:08 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WsmAuto.dll
[2021/03/10 23:52:08 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2021/03/10 23:52:08 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2021/03/10 23:52:07 | 004,123,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2021/03/10 23:52:07 | 000,546,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppcext.dll
[2021/03/10 23:52:07 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2021/03/10 23:52:07 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2021/03/10 23:52:07 | 000,312,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2021/03/10 23:52:06 | 000,922,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCoreProvisioning.dll
[2021/03/10 23:52:06 | 000,516,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2021/03/10 23:52:06 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TpmCertResources.dll
[2021/03/10 23:52:05 | 001,163,776 | ---- | M] () -- C:\WINDOWS\SysNative\MBR2GPT.EXE
[2021/03/10 23:52:05 | 000,649,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntimewindows.dll
[2021/03/10 23:52:05 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntime.dll
[2021/03/10 23:52:05 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.ConversationalAgent.dll
[2021/03/10 23:52:05 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AarSvc.dll
[2021/03/10 23:52:03 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2021/03/10 23:52:03 | 000,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ScDeviceEnum.dll
[2021/03/10 23:52:03 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardDlg.dll
[2021/03/10 23:52:03 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SCardBi.dll
[2021/03/10 23:51:59 | 002,204,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2021/03/10 23:51:59 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2021/03/10 23:51:59 | 000,378,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.FileExplorer.Common.dll
[2021/03/10 23:51:58 | 000,858,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2021/03/10 23:51:58 | 000,702,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2021/03/10 23:51:58 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdlg.dll
[2021/03/10 23:51:58 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.FileExplorer.dll
[2021/03/10 23:51:57 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2021/03/10 23:51:57 | 000,628,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtrmgr.dll
[2021/03/10 23:51:57 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rtm.dll
[2021/03/10 23:51:57 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iprtprio.dll
[2021/03/10 23:51:56 | 001,335,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2021/03/10 23:51:56 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2021/03/10 23:51:56 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasplap.dll
[2021/03/10 23:51:56 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spfileq.dll
[2021/03/10 23:51:55 | 004,650,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2021/03/10 23:51:55 | 003,938,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2021/03/10 23:51:55 | 000,326,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2021/03/10 23:51:54 | 001,434,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2021/03/10 23:51:54 | 001,240,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_IME.dll
[2021/03/10 23:51:53 | 002,179,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pnidui.dll
[2021/03/10 23:51:53 | 000,554,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasgcw.dll
[2021/03/10 23:51:53 | 000,539,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2021/03/10 23:51:53 | 000,379,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2021/03/10 23:51:52 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2021/03/10 23:51:52 | 000,362,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2021/03/10 23:51:51 | 001,751,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2021/03/10 23:51:51 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2021/03/10 23:51:50 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml3r.dll
[2021/03/10 23:51:37 | 000,765,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUDFx02000.dll
[2021/03/10 23:51:36 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2021/03/10 23:51:36 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AxInstUI.exe
[2021/03/10 23:51:35 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockController.dll
[2021/03/10 23:51:35 | 000,457,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockHostingFramework.dll
[2021/03/10 23:51:35 | 000,456,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LockAppBroker.dll
[2021/03/10 23:51:35 | 000,448,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgeIso.dll
[2021/03/10 23:51:35 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msIso.dll
[2021/03/10 23:51:34 | 000,637,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2021/03/10 23:51:33 | 001,256,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2021/03/10 23:51:33 | 001,068,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DismApi.dll
[2021/03/10 23:51:33 | 000,288,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Dism.exe
[2021/03/10 23:51:33 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2021/03/10 23:51:33 | 000,133,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2021/03/10 23:51:32 | 001,019,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2021/03/10 23:51:32 | 000,667,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2021/03/10 23:51:32 | 000,436,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmclient.exe
[2021/03/10 23:51:32 | 000,223,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmapi.dll
[2021/03/10 23:51:32 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2021/03/10 23:51:32 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\omadmprc.exe
[2021/03/10 23:51:32 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2021/03/10 23:51:32 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMAlertListener.ProxyStub.dll
[2021/03/10 23:51:31 | 001,787,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2021/03/10 23:51:31 | 000,330,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2021/03/10 23:51:30 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\configmanager2.dll
[2021/03/10 23:51:30 | 000,544,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMPushRouterCore.dll
[2021/03/10 23:51:30 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmpushproxy.dll
[2021/03/10 23:51:29 | 000,873,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2021/03/10 23:51:29 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2021/03/10 23:51:29 | 000,479,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2021/03/10 23:51:29 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovs.dll
[2021/03/10 23:51:29 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2021/03/10 23:51:28 | 001,479,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2021/03/10 23:51:28 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntlanman.dll
[2021/03/10 23:51:27 | 001,129,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2021/03/10 23:51:27 | 000,907,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2021/03/10 23:51:27 | 000,502,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2021/03/10 23:51:27 | 000,403,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2021/03/10 23:51:27 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_G18030.DLL
[2021/03/10 23:51:27 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\C_IS2022.DLL
[2021/03/10 23:51:27 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\c_GSM7.DLL
[2021/03/10 23:51:26 | 010,842,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2021/03/10 23:51:26 | 000,115,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profapi.dll
[2021/03/10 23:51:25 | 002,024,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2021/03/10 23:51:24 | 000,568,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2021/03/10 23:51:24 | 000,488,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2021/03/10 23:51:24 | 000,171,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2021/03/10 23:51:24 | 000,024,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerEnc.dll
[2021/03/10 23:51:24 | 000,017,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2021/03/10 23:51:23 | 001,866,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2021/03/10 23:51:23 | 000,862,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2021/03/10 23:51:23 | 000,355,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2021/03/10 23:51:23 | 000,260,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2021/03/10 23:51:23 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2021/03/10 23:51:23 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pacjsworker.exe
[2021/03/10 23:51:22 | 001,425,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2021/03/10 23:51:22 | 001,393,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2021/03/10 23:51:22 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2021/03/10 23:51:21 | 010,352,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2021/03/10 23:51:21 | 003,507,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2021/03/10 23:51:21 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2021/03/10 23:51:20 | 000,531,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64win.dll
[2021/03/10 23:51:19 | 003,592,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2021/03/10 23:51:19 | 000,764,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2021/03/10 23:51:19 | 000,522,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2021/03/10 23:51:18 | 001,394,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2021/03/10 23:51:18 | 000,412,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2021/03/10 23:51:17 | 001,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2021/03/10 23:51:17 | 001,555,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2021/03/10 23:51:17 | 001,198,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2021/03/10 23:51:16 | 000,389,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2021/03/10 23:51:16 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Win32CompatibilityAppraiserCSP.dll
[2021/03/10 23:51:15 | 002,007,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2021/03/10 23:51:15 | 001,213,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2021/03/10 23:51:15 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2021/03/10 23:51:15 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tier2punctuations.dll
[2021/03/10 23:51:14 | 003,852,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2021/03/10 23:51:13 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Language.dll
[2021/03/10 23:51:13 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Region.dll
[2021/03/10 23:51:11 | 001,215,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2021/03/10 23:51:11 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2021/03/10 23:51:11 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2021/03/10 23:51:10 | 002,454,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2021/03/10 23:51:10 | 001,767,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2021/03/10 23:51:09 | 003,901,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2021/03/10 23:50:47 | 001,139,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2021/03/10 23:50:47 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2021/03/10 23:50:46 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winrscmd.dll
[2021/03/10 23:50:46 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManMigrationPlugin.dll
[2021/03/10 23:50:46 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmprovhost.exe
[2021/03/10 23:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2021/03/10 23:50:46 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsmplpxy.dll
[2021/03/10 23:50:45 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmWmiPl.dll
[2021/03/10 23:50:45 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmRes.dll
[2021/03/10 23:50:45 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAgent.dll
[2021/03/10 23:50:44 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplicationFrame.dll
[2021/03/10 23:50:44 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WsmAuto.dll
[2021/03/10 23:50:42 | 006,236,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2021/03/10 23:50:41 | 004,008,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2021/03/10 23:50:41 | 000,561,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_PCDisplay.dll
[2021/03/10 23:50:41 | 000,519,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2021/03/10 23:50:41 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2021/03/10 23:50:41 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.SharedPC.CredentialProvider.dll
[2021/03/10 23:50:40 | 000,587,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppResolver.dll
[2021/03/10 23:50:40 | 000,249,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2021/03/10 23:50:40 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2021/03/10 23:50:40 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2021/03/10 23:50:39 | 002,594,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2021/03/10 23:50:39 | 000,923,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2021/03/10 23:50:39 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2021/03/10 23:50:38 | 001,097,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2021/03/10 23:50:38 | 000,706,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upshared.dll
[2021/03/10 23:50:38 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2021/03/10 23:50:38 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2021/03/10 23:50:37 | 001,532,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2021/03/10 23:50:37 | 001,415,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2021/03/10 23:50:37 | 000,567,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2021/03/10 23:50:37 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatecsp.dll
[2021/03/10 23:50:37 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2021/03/10 23:50:36 | 000,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_SpeechPrivacy.dll
[2021/03/10 23:50:36 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Authentication.dll
[2021/03/10 23:50:36 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2021/03/10 23:50:36 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DuCsps.dll
[2021/03/10 23:50:35 | 000,403,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtapi.dll
[2021/03/10 23:50:35 | 000,291,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wevtutil.exe
[2021/03/10 23:50:34 | 003,764,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Bluetooth.Service.dll
[2021/03/10 23:50:34 | 000,601,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2021/03/10 23:50:34 | 000,336,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2021/03/10 23:50:33 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wc_storage.dll
[2021/03/10 23:50:33 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll
[2021/03/10 23:50:33 | 000,231,248 | ---- | M] () -- C:\WINDOWS\SysNative\containerdevicemanagement.dll
[2021/03/10 23:50:33 | 000,202,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcifs.sys
[2021/03/10 23:50:33 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cimfs.dll
[2021/03/10 23:50:33 | 000,149,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2021/03/10 23:50:33 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcimage.dll
[2021/03/10 23:50:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bindfltapi.dll
[2021/03/10 23:50:33 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadjcsp.dll
[2021/03/10 23:50:33 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wcnfs.sys
[2021/03/10 23:50:33 | 000,091,136 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\cimfs.sys
[2021/03/10 23:50:33 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnosticsTool.exe
[2021/03/10 23:50:33 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wci.dll
[2021/03/10 23:50:32 | 003,815,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2021/03/10 23:50:32 | 000,685,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\daxexec.dll
[2021/03/10 23:50:31 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.serviceprovider.dll
[2021/03/10 23:50:31 | 000,132,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2021/03/10 23:50:30 | 001,824,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2021/03/10 23:50:30 | 001,496,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2021/03/10 23:50:29 | 000,500,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2021/03/10 23:50:29 | 000,180,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2021/03/10 23:50:28 | 000,725,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StateRepository.Core.dll
[2021/03/10 23:50:28 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll
[2021/03/10 23:50:28 | 000,058,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryCore.dll
[2021/03/10 23:50:27 | 005,858,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2021/03/10 23:50:27 | 001,337,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryPS.dll
[2021/03/10 23:50:27 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2021/03/10 23:50:27 | 000,117,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2021/03/10 23:50:26 | 001,021,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2021/03/10 23:50:26 | 001,009,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2021/03/10 23:50:26 | 000,676,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2021/03/10 23:50:26 | 000,361,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2021/03/10 23:50:26 | 000,175,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47mrm.dll
[2021/03/10 23:50:26 | 000,157,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profext.dll
[2021/03/10 23:50:25 | 007,965,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2021/03/10 23:50:24 | 003,329,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2021/03/10 23:50:24 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2021/03/10 23:50:24 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2021/03/10 23:50:23 | 002,321,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2021/03/10 23:50:22 | 002,437,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2021/03/10 23:50:22 | 002,251,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2021/03/10 23:50:22 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll
[2021/03/10 23:50:22 | 000,236,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fidocredprov.dll
[2021/03/10 23:50:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2021/03/10 23:50:21 | 001,369,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsf3gip.dll
[2021/03/10 23:50:21 | 001,040,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2021/03/10 23:50:21 | 001,021,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2021/03/10 23:50:21 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2021/03/10 23:50:20 | 004,732,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2021/03/10 23:50:20 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2021/03/10 23:50:20 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2021/03/10 23:50:20 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2021/03/10 23:50:19 | 003,301,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2021/03/10 23:50:19 | 002,970,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2021/03/10 23:50:19 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2021/03/10 23:50:18 | 000,419,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2021/03/10 23:50:18 | 000,402,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Search.ProtocolHandler.MAPI2.dll
[2021/03/10 23:50:18 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2021/03/10 23:50:18 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2021/03/10 23:50:18 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2021/03/10 23:50:18 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2021/03/10 23:50:17 | 002,919,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2021/03/10 23:50:17 | 001,784,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2021/03/10 23:50:17 | 000,707,016 | ---- | M] () -- C:\WINDOWS\SysNative\TextShaping.dll
[2021/03/10 23:50:17 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2021/03/10 23:50:16 | 003,749,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2021/03/10 23:50:16 | 000,751,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9on12.dll
[2021/03/10 23:50:16 | 000,603,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11on12.dll
[2021/03/10 23:50:00 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2021/03/10 23:50:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml6r.dll
[2021/03/10 23:49:59 | 000,906,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2021/03/10 23:49:59 | 000,454,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2021/03/10 23:49:59 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2021/03/10 23:49:58 | 000,596,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.LowLevel.dll
[2021/03/10 23:49:58 | 000,546,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2021/03/10 23:49:58 | 000,250,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Workplace.dll
[2021/03/10 23:49:57 | 008,015,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2021/03/10 23:49:57 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SerialCommunication.dll
[2021/03/10 23:49:56 | 001,712,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2021/03/10 23:49:56 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2021/03/10 23:49:56 | 000,539,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Enumeration.dll
[2021/03/10 23:49:56 | 000,122,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll
[2021/03/10 23:49:55 | 003,067,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2021/03/10 23:49:55 | 002,378,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2021/03/10 23:49:55 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cloudAP.dll
[2021/03/10 23:49:55 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2021/03/10 23:49:54 | 017,544,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2021/03/10 23:49:54 | 000,070,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2021/03/10 23:49:52 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2021/03/10 23:49:52 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AssignedAccessRuntime.dll
[2021/03/10 23:49:50 | 002,111,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2021/03/10 23:49:50 | 000,323,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2021/03/10 23:49:50 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2021/03/10 23:49:50 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2021/03/10 23:49:49 | 006,187,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2021/03/10 23:49:48 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2021/03/10 23:49:47 | 005,751,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2021/03/10 23:49:46 | 000,388,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialEnrollmentManager.exe
[2021/03/10 23:49:46 | 000,285,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2021/03/10 23:49:46 | 000,077,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialEnrollmentManagerForUser.dll
[2021/03/10 23:49:45 | 004,704,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2021/03/10 23:49:45 | 001,094,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskbarcpl.dll
[2021/03/10 23:49:45 | 000,958,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2021/03/10 23:49:44 | 001,290,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2021/03/10 23:49:44 | 001,148,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCoreProvisioning.dll
[2021/03/10 23:49:44 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2021/03/10 23:49:44 | 000,457,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_WorkAccess.dll
[2021/03/10 23:49:44 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmCertResources.dll
[2021/03/10 23:49:43 | 000,577,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wbemcomn.dll
[2021/03/10 23:49:43 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncobjapi.dll
[2021/03/10 23:49:42 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\framedynos.dll
[2021/03/10 23:49:41 | 000,382,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provengine.dll
[2021/03/10 23:49:41 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provops.dll
[2021/03/10 23:49:41 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provhandlers.dll
[2021/03/10 23:49:41 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCore.dll
[2021/03/10 23:49:41 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provisioningcsp.dll
[2021/03/10 23:49:41 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KnobsCsp.dll
[2021/03/10 23:49:41 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NFCProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provdatastore.dll
[2021/03/10 23:49:41 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvPluginEng.dll
[2021/03/10 23:49:41 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BarcodeProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provtool.exe
[2021/03/10 23:49:41 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RemovableMediaProvisioningPlugin.dll
[2021/03/10 23:49:41 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Provisioning.ProxyStub.dll
[2021/03/10 23:49:40 | 001,278,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2021/03/10 23:49:40 | 000,832,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelinesvc.exe
[2021/03/10 23:49:40 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printfilterpipelineprxy.dll
[2021/03/10 23:49:40 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2021/03/10 23:49:39 | 000,713,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2021/03/10 23:49:39 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RjvMDMConfig.dll
[2021/03/10 23:49:39 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2021/03/10 23:49:39 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ofdeploy.exe
[2021/03/10 23:49:37 | 000,887,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntimewindows.dll
[2021/03/10 23:49:37 | 000,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntime.dll
[2021/03/10 23:49:37 | 000,809,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.ConversationalAgent.dll
[2021/03/10 23:49:37 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AarSvc.dll
[2021/03/10 23:49:37 | 000,374,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSrvPolicyManager.dll
[2021/03/10 23:49:36 | 000,889,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhoneProviders.dll
[2021/03/10 23:49:36 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winnat.sys
[2021/03/10 23:49:36 | 000,127,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandler.exe
[2021/03/10 23:49:36 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2021/03/10 23:49:36 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilotdiag.dll
[2021/03/10 23:49:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DTUHandlerPS.dll
[2021/03/10 23:49:35 | 000,937,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2021/03/10 23:49:35 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2021/03/10 23:49:35 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xboxgipsvc.dll
[2021/03/10 23:49:34 | 000,677,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2021/03/10 23:49:34 | 000,215,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys
[2021/03/10 23:49:34 | 000,155,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2021/03/10 23:49:34 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2021/03/10 23:49:34 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2021/03/10 23:49:33 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2021/03/10 23:49:33 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\devauthe.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-stable.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-dev.sys
[2021/03/02 21:12:28 | 000,047,600 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-canary.sys
[2021/03/02 21:12:28 | 000,044,272 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\DbxSvc.exe
[6 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[3 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[24 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2021/03/10 23:52:58 | 000,011,359 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2021/03/10 23:52:14 | 000,611,952 | ---- | C] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2021/03/10 23:52:04 | 001,163,776 | ---- | C] () -- C:\WINDOWS\SysNative\MBR2GPT.EXE
[2021/03/10 23:50:33 | 000,231,248 | ---- | C] () -- C:\WINDOWS\SysNative\containerdevicemanagement.dll
[2021/03/10 23:50:32 | 000,091,136 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\cimfs.sys
[2021/03/10 23:50:16 | 000,707,016 | ---- | C] () -- C:\WINDOWS\SysNative\TextShaping.dll
[2021/01/12 22:17:16 | 000,053,760 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2021/01/12 22:14:17 | 000,455,680 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowManagementAPI.dll
[2021/01/12 22:13:58 | 001,333,760 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2021/01/12 22:13:56 | 000,235,520 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2021/01/12 22:13:06 | 000,330,752 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2020/12/09 07:19:36 | 000,266,240 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll
[2020/12/09 07:19:24 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll
[2020/12/09 07:19:24 | 000,010,752 | ---- | C] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter.exe
[2020/10/13 12:01:40 | 000,047,472 | ---- | C] () -- C:\WINDOWS\SysWow64\umpdc.dll
[2020/10/02 03:50:06 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2019/12/07 03:15:00 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config
[2019/12/07 03:15:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2019/12/07 03:14:59 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2019/12/07 03:10:05 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2019/12/07 03:10:05 | 000,011,292 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr-v.dat
[2019/12/07 03:10:02 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2019/12/07 03:09:22 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2019/12/07 03:09:18 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2019/12/07 03:09:17 | 003,595,776 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2019/12/07 03:09:17 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2019/12/07 03:09:17 | 000,060,416 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2019/12/07 03:09:17 | 000,054,784 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2019/12/07 03:09:13 | 000,223,744 | ---- | C] () -- C:\WINDOWS\SysWow64\TpmTool.exe
[2019/12/07 03:09:11 | 000,049,664 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.proxystub.dll
[2019/12/07 03:09:11 | 000,040,448 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.internal.proxystub.dll
[2019/12/07 03:09:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2019/12/07 03:08:58 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017/02/07 18:00:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2016/01/24 14:20:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2021/03/10 23:50:25 | 007,965,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2021/03/10 23:52:34 | 006,361,144 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2020/10/13 11:58:53 | 001,075,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2020/10/13 12:01:23 | 000,804,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2019/12/07 03:08:19 | 000,514,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2015/12/24 21:47:24 | 000,000,000 | ---D | M] -- C:\Users\eades\AppData\Roaming\AMD
[2015/12/24 20:28:03 | 000,000,000 | ---D | M] -- C:\Users\eades\AppData\Roaming\Dropbox
[2015/12/24 20:30:10 | 000,000,000 | ---D | M] -- C:\Users\eades\AppData\Roaming\DropboxOEM
[2017/02/08 18:39:19 | 000,000,000 | ---D | M] -- C:\Users\eades\AppData\Roaming\WildTangent
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >
 

Link to post
Share on other sites

OTL Extras logfile created on: 3/14/2021 9:38:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\eades\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.45 Gb Total Physical Memory | 0.52 Gb Available Physical Memory | 15.10% Memory free
10.20 Gb Paging File | 6.67 Gb Available in Paging File | 65.40% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = 😄 | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive 😄 | 911.70 Gb Total Space | 829.82 Gb Free Space | 91.02% Space Free | Partition Type: NTFS
Drive 😧 | 18.51 Gb Total Space | 2.39 Gb Free Space | 12.93% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-B748AG0 | User Name: eades | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{9D4501E6-72F6-2877-C789-89AF6F535B2C}]
"GUID" = {9D4501E6-72F6-2877-C789-89AF6F535B2C}
"DISPLAYNAME" = McAfee VirusScan
"STATE" = 462848
"PRODUCTEXE" = C:\Program Files\McAfee.com\Agent\mcupdate.exe -- (McAfee, LLC)
"REPORTINGEXE" = C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe -- (McAfee, LLC)
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
"DISPLAYNAME" = Windows Defender
"STATE" = 393472
"PRODUCTEXE" = windowsdefender://
"REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation)
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{A57E80C3-3899-292F-ECD6-209A91801C57}]
"GUID" = {A57E80C3-3899-292F-ECD6-209A91801C57}
"DISPLAYNAME" = McAfee Firewall
"STATE" = 462848
"PRODUCTEXE" = C:\Program Files\McAfee.com\Agent\mcupdate.exe -- (McAfee, LLC)
"REPORTINGEXE" = C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe -- (McAfee, LLC)
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 42 4A D3 C2 96 98 D6 01  [binary data]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{21C79A9F-B580-4CBA-B29A-9E72597A6605}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edgewebview\application\89.0.774.54\msedgewebview2.exe | 
"{77C57B8E-14D1-4E86-9781-DC267A2485A0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edge\application\msedge.exe | 
"{CE587BC1-D833-40B2-B089-D94D32A124D2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\root\office16\outlook.exe | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EA97C5-33C8-4788-8778-182995D459B1}" = dir=out | [email protected]{microsoft.bingweather_4.46.22322.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | 
"{040AF957-9C97-4509-A01C-59BBC1493EB6}" = dir=out | [email protected]{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{056746BC-ACC4-498D-BA4D-6E5B40493A56}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{08A2429A-CF01-4CF2-A73A-F025BE07A191}" = dir=out | [email protected]{microsoft.xboxapp_48.69.18001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} | 
"{08D04BC1-B93D-473F-BAB6-85AEB6FE458F}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs0e17\hpdiagnosticcoreui.exe | 
"{0B9F4EF4-AB85-461C-9203-61C01CCECC46}" = dir=out | name=cortana | 
"{0BAC6C98-226D-4FDF-B406-D7AA004A0BF3}" = dir=out | [email protected]{microsoft.bingfinance_4.45.22111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} | 
"{0C099345-77F2-43BF-AC07-7FEE78568203}" = dir=in | [email protected]{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} | 
"{0DFDE5F8-D567-4957-A11F-236BD573A163}" = dir=in | name=xbox game bar | 
"{0E37B220-612B-4103-8769-F54A4CCCD1B0}" = protocol=17 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.64.80.0_x86__kzf8qxf38zg5c\skype\skype.exe | 
"{0EF173C0-C570-4F68-8E4B-6749BFB271D1}" = dir=in | app=c:\program files\common files\mcafee\mmsshost\mmsshost.exe | 
"{0F9263BB-5C58-4DAC-B4EF-273AE8590FFB}" = dir=out | [email protected]{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} | 
"{10EFF59A-7691-4D76-ACA6-334F5D68E54E}" = dir=in | name=netflix | 
"{143D6217-EC59-4793-A174-B4126879DE14}" = dir=out | name=ncsiuwpapp | 
"{14F2A906-3348-489B-8F82-1FD52DF030F8}" = dir=in | [email protected]{microsoft.win32webviewhost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} | 
"{193174E9-33E1-44AC-B514-DD81C3F6C53E}" = dir=out | [email protected]{microsoft.windows.contentdeliverymanager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | 
"{1DC4AA31-0DCC-45C5-B23A-80EE5DEFE90C}" = dir=out | name=windows_ie_ac_001 | 
"{1DCF37FA-0C69-4EA5-AD91-024D5C3BD8E4}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs646b\hpdiagnosticcoreui.exe | 
"{1E5D5A4D-3B7F-4C3B-B941-C6D861AC4E13}" = dir=in | app=c:\program files (x86)\dropbox\client\dropbox.exe | 
"{1F87B018-DA12-47B7-95A1-2C084ADEFCF4}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs435e\hpdiagnosticcoreui.exe | 
"{20600810-3C1B-4F1E-8AA3-A18C88A4985F}" = dir=in | [email protected]{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{229E766A-891E-4E9A-8DCB-F99FD69A6FA6}" = dir=out | name=netflix | 
"{2366632A-3428-4631-9151-C9C31D895155}" = dir=out | name=sway | 
"{26671BFB-BE6D-47A6-B2AD-DDC1F11BB360}" = dir=out | name=tripadvisor hotels flights restaurants | 
"{26B7695A-5916-42E8-BFF3-7E837ACB2661}" = dir=out | name=the weather channel for hp | 
"{26FA5377-15C7-41B2-B7FE-BA7DDCEC86AD}" = dir=out | [email protected]{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | 
"{2836DD02-DB21-4BB6-9D88-707F5D33CF60}" = dir=out | [email protected]{microsoft.windows.startmenuexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} | 
"{28C649B7-31A0-410C-9955-05C767E821E4}" = dir=in | [email protected]{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} | 
"{2A512DAA-75AD-40B3-B37A-30B5E6101D90}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3177\hpdiagnosticcoreui.exe | 
"{2B6128D0-1913-4D25-822B-34D2F232865B}" = dir=out | name=hp smart | 
"{30707157-6A0F-4ED0-82C5-471EC2E8F260}" = dir=in | [email protected]{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | 
"{3075BCFE-6207-4A43-A739-EE6435168539}" = dir=out | [email protected]{microsoft.lockapp_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | 
"{32F99F5C-D793-451B-82C6-9443ABAF4DB8}" = dir=in | [email protected]{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{33C28AA5-A431-4017-9C6D-54AEC85B4CE9}" = dir=out | [email protected]{microsoft.accountscontrol_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | 
"{35330DE6-F3BC-4292-B5D3-D4D9D584F453}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{368A74ED-04E5-4449-A1D4-0480EA994A65}" = dir=out | [email protected]{a278ab0d.disneymagickingdoms_5.3.0.0_x86__h6adky7gbf63m?ms-resource://a278ab0d.disneymagickingdoms/resources/applicationname} | 
"{3DF3E6CE-C504-4F92-9C94-13F12CE04EDA}" = dir=in | [email protected]{microsoft.microsoftstickynotes_3.7.142.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} | 
"{3E1D90A1-AB2A-4F34-87AD-524B8E70BE88}" = dir=out | name=microsoft pay | 
"{3F4C5485-959B-4F94-878F-5D487C27D51E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\powerdvd.exe | 
"{40A4E914-E0AB-4D2C-8934-A4A817B8188B}" = dir=in | [email protected]{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | 
"{40C49F2B-E089-41E6-8D3D-80CA5BB8EFFD}" = dir=in | [email protected]{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{4147BF59-B7A1-491F-AACD-4A8F284FFA4F}" = dir=in | [email protected]{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{423190F4-812D-445E-A233-9A8318D3340F}" = dir=in | [email protected]{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{437F5189-320F-4096-9E41-7901B94C0D2A}" = dir=in | [email protected]{microsoft.yourphone_1.20091.84.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} | 
"{44F8361E-4F6F-4D0B-8534-297EF7851DA3}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3705\hpdiagnosticcoreui.exe | 
"{463E93D5-B80B-4B3C-BCB9-3CA2B3EB50E0}" = dir=out | [email protected]{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{4A64EAB5-3639-4D04-9DD0-701360E90AA6}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs272c\hpdiagnosticcoreui.exe | 
"{4BE4E064-A5DC-4372-82C7-42329DF9D4A2}" = dir=in | [email protected]{microsoft.windowsstore_12009.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | 
"{534B01D1-CC48-4931-8AAC-63F6F605AAB4}" = dir=out | [email protected]{microsoft.windows.oobenetworkcaptiveportal_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} | 
"{56078FAF-46A5-4BB9-9847-ADDC47C0F0B7}" = dir=out | [email protected]{microsoft.bingnews_4.53.22541.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithtagline} | 
"{5755AD1E-57B8-4B64-A86A-2516574018FF}" = dir=out | name=3d builder | 
"{575D224E-BC44-4B80-ADB9-CB7BC83A0E6D}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | 
"{5B59F84A-D8BA-4538-89B7-2B8EE54C06A8}" = dir=out | [email protected]{microsoft.windows.parentalcontrols_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | 
"{5C47756F-22B5-455A-85F0-BEB3AE489CEF}" = dir=out | [email protected]{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | 
"{5CBFFDAC-4DE9-4970-938F-B8FD791514A4}" = dir=out | [email protected]{microsoft.xboxidentityprovider_12.67.21001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} | 
"{5EB0F5A0-16FC-4CD0-A729-825A991C065D}" = dir=out | [email protected]{microsoft.lockapp_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | 
"{60F66BE3-F474-4A61-BE7D-29BD526929FB}" = dir=out | [email protected]{microsoft.windows.contentdeliverymanager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | 
"{61B91C7C-340F-46D5-BA4C-7A50916E4BB2}" = dir=out | [email protected]{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{622F4006-B908-4E3D-AC5A-004F20142B6A}" = dir=out | [email protected]{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{63331CA7-EE58-4414-B6F0-E6501BC1D894}" = dir=in | [email protected]{microsoft.xboxapp_48.69.18001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} | 
"{636CD29F-C92A-4266-9A37-F9D28E23E707}" = dir=in | name=cortana | 
"{63845DAA-2872-4497-BCB0-0ABABE868BD1}" = dir=out | [email protected]{microsoft.oneconnect_5.2006.1691.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} | 
"{63A0370C-F1A4-4986-9A2E-5D98C4978CA3}" = dir=out | [email protected]{microsoft.windowsfeedbackhub_1.1907.3152.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | 
"{63B3BB6D-F16F-416D-B847-98EB40613575}" = dir=out | [email protected]{microsoft.storepurchaseapp_12009.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} | 
"{66FF8386-9EBE-42DF-A0D0-3F69CEA00823}" = dir=out | [email protected]{microsoft.windows.narratorquickstart_10.0.19041.423_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} | 
"{68D889E3-26F4-44EB-92E2-19FA0118D2BF}" = dir=out | [email protected]{microsoft.windowscalculator_10.2008.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} | 
"{6E774103-6AB1-4CA2-8320-E72DD002496D}" = dir=out | [email protected]{microsoft.xboxgamecallableui_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | 
"{6ED47C25-F2C8-452B-9F68-DD279D8D4D15}" = dir=in | name=onenote for windows 10 | 
"{6F75A401-FF31-4817-9E0F-52EC761138D4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\powerdvd14agent.exe | 
"{6FC475B9-4CBD-4AEB-A6FF-6CE272D33C42}" = dir=out | name=print 3d | 
"{6FCC8128-41BA-4101-A10F-3EB9B435DBAD}" = dir=out | [email protected]{microsoft.bingsports_4.36.20714.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | 
"{706646D0-0BCD-46DE-AE21-ACB9B317067F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\movie\powerdvd cinema\powerdvdcinema.exe | 
"{71D30853-1577-4AFF-B194-B5ADC6972EE3}" = dir=out | name=twitter | 
"{71FC28F8-6AB6-48A1-98CD-5DA6B2C09B17}" = dir=out | [email protected]{microsoft.accountscontrol_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | 
"{725AAAA0-A4AC-48D7-B6C1-ED39D8A14898}" = dir=out | [email protected]{microsoft.windows.shellexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | 
"{72932008-F9DB-4477-8F9A-7A1F039B20CE}" = dir=out | [email protected]{microsoft.lockapp_10.0.16299.15_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | 
"{72C98386-F9EA-47ED-BAEE-F5B059BF0CD3}" = dir=out | [email protected]{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{744B791E-F7C4-4294-A8AA-B5FCBA222643}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3652\hpdiagnosticcoreui.exe | 
"{74BF0FD4-8117-420E-9C47-C064B6661A20}" = dir=out | [email protected]{microsoft.windowsstore_12009.1001.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | 
"{74D72D3A-01AE-44C8-983B-0AA01861C8CC}" = dir=out | [email protected]{microsoft.xboxgamecallableui_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | 
"{75AA6FFD-A71A-4290-86A1-A1CD8FEE4A7C}" = dir=out | name=xbox game bar | 
"{7613EF76-B5E9-4DC1-9E05-4D9AE91FE841}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs0e17\hpdiagnosticcoreui.exe | 
"{7625195D-784A-4A49-BBB7-D795E10D574C}" = dir=in | [email protected]{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} | 
"{7647D3BE-366E-43F3-B80D-F60EA84DC2D9}" = dir=out | [email protected]{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{787A9B01-B6E6-4C1E-BDD9-2F773233EA30}" = dir=out | [email protected]{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} | 
"{78995CEF-27AF-4D11-A414-44C6A52C62DE}" = dir=out | [email protected]{microsoft.windows.sechealthui_10.0.19041.423_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} | 
"{795A0354-1417-4FF9-BEBE-3CE741260A5C}" = dir=in | [email protected]{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{7B48CDF4-7E1B-4CC0-8BAE-807F0ED49817}" = dir=in | [email protected]{microsoft.windows.cloudexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{7BE1846A-EC81-467F-AC0D-DC061B126ACA}" = dir=out | [email protected]{microsoft.windows.parentalcontrols_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | 
"{7C075230-7E91-4AD9-915B-CA30F4BCCCB5}" = dir=out | [email protected]{microsoft.mixedreality.portal_2000.20081.1312.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} | 
"{7DA45EEE-66E5-47B6-B782-5FFD7F9E17A2}" = dir=out | [email protected]{microsoft.windows.contentdeliverymanager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | 
"{80F0C936-3667-4D18-AE6B-328F14C0A8B1}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs311f\hpdiagnosticcoreui.exe | 
"{82BF4F73-4EC3-40FB-9DD3-36FC1C47FD83}" = dir=in | [email protected]{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{8336438F-44D5-4511-B78A-CAD1E7BECBB9}" = dir=in | [email protected]{microsoft.oneconnect_5.2006.1691.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} | 
"{85C99AC4-57D9-479F-9349-3830FACBE503}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3177\hpdiagnosticcoreui.exe | 
"{86181C5D-B54A-45FE-9B86-6EA7B4986A58}" = dir=in | name=hp smart | 
"{8619ADB8-2261-42EB-B734-892634326BF7}" = dir=out | [email protected]{microsoft.mspaint_6.2009.30067.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} | 
"{868B695F-0B7D-4240-A970-536FB6176756}" = dir=out | [email protected]{microsoft.microsoft3dviewer_7.2009.29132.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} | 
"{86D4D176-3251-4CD8-ABB3-E45E01C2422E}" = dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{89C026BB-14E1-4C82-BE3E-339DB9704E10}" = dir=out | name=snapfish | 
"{8B80FEC3-B057-44F7-A60A-71C56F787C58}" = dir=in | app=c:\program files\cyberlink\powerdirector12\pdr10.exe | 
"{8D78BB01-FB46-480E-9548-5DB551559321}" = dir=out | [email protected]{microsoft.windows.shellexperiencehost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | 
"{8D80ABC7-DD30-4661-9E13-85BA17039EE2}" = dir=out | [email protected]{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} | 
"{8EB5C78C-C105-4B4C-8009-E23BEFDB482F}" = dir=out | [email protected]{microsoft.getstarted_9.9.32102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} | 
"{8F126CD1-9BF7-489E-BB00-B022DECBF6BC}" = dir=out | [email protected]{king.com.bubblewitch3saga_6.13.6.0_x86__kgqvnymyfvs32?ms-resource://king.com.bubblewitch3saga/resources/appname} | 
"{8F65EB77-B4C2-4F76-8BB1-2A1D2F4FFB04}" = dir=out | name=microsoft solitaire collection | 
"{904A0448-EA0B-4208-B36B-4F7ABAFB1224}" = dir=out | [email protected]{microsoft.win32webviewhost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} | 
"{906DEA1E-F960-4681-BD04-3AFFA157FDFC}" = dir=out | [email protected]{microsoft.windowscamera_2020.504.60.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} | 
"{90BCD017-619A-4623-95D7-77EC33790089}" = dir=out | name=amazon | 
"{9484354B-CB4C-4A1B-ACEF-EC5CC97E0FE3}" = dir=in | [email protected]{microsoft.zunevideo_10.20032.16211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{967763C2-2987-4D3B-8901-195E2BAF990B}" = dir=out | [email protected]{microsoft.microsoftedge_44.19041.423.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{9D4B6B13-06A7-407B-9536-D1759E75924A}" = dir=out | name=skype | 
"{9DE121D8-681C-49D8-B933-8CA655A80D7F}" = dir=out | [email protected]{microsoft.xboxidentityprovider_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} | 
"{9DF3CA8F-F997-4948-A525-5222510ECE64}" = dir=out | [email protected]{microsoft.gethelp_10.2004.31291.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} | 
"{A07CB343-89C0-4888-8878-A727C15A33A6}" = dir=out | [email protected]{microsoft.windows.photos_2020.20090.1002.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | 
"{A18FD8AD-53F1-479B-A505-40A8F30643A8}" = dir=in | [email protected]{microsoft.windows.cloudexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{A1B6C0CB-E42A-49F9-B360-8FA04FB8F420}" = dir=out | name=onenote for windows 10 | 
"{A25FD4EF-F96D-4274-AD5A-266EA1DEA7A0}" = dir=out | [email protected]{microsoft.windowsfeedback_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} | 
"{A2902A16-19B8-43C2-BB85-B6E7E96B9C08}" = dir=out | [email protected]{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} | 
"{A51F3030-20D5-4580-AAF0-DBCB9CF9CC7E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A573E876-F3AB-47C9-82C5-9D1861B635AE}" = dir=out | [email protected]{26720randomsaladgamesllc.simplesolitaire_6.20.87.0_x64__kx24dqmazqk8j?ms-resource://26720randomsaladgamesllc.simplesolitaire/resources/gamename} | 
"{A703C32C-B7B5-42E0-8C9D-B989D9F9B7C4}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | 
"{AA0B76FD-B8E1-4166-A8F6-2A8C04F8EE1C}" = dir=out | name=windows feature experience pack | 
"{AB532FDF-C9D2-4F55-8266-F98F9D86CC63}" = dir=out | [email protected]{microsoft.windows.shellexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | 
"{AD04901A-7839-4CAF-BF22-CBBAF21EA497}" = dir=in | name=skype | 
"{AFB4EE39-823A-4E69-84FE-9778319F52A5}" = dir=in | name=3d builder | 
"{B13B0680-D47A-44D8-8D6B-433D0CDA884A}" = protocol=6 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.64.80.0_x86__kzf8qxf38zg5c\skype\skype.exe | 
"{B1E8DE91-63EE-4F64-9CD1-22E43E1F5B20}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs646b\hpdiagnosticcoreui.exe | 
"{B1F04BDA-52B0-45D7-9FFB-C1B72ABEE5C0}" = dir=in | [email protected]{microsoft.zunemusic_10.20082.10421.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{B5A7CB92-E2BC-4798-B256-AC3CD2976162}" = dir=out | name=candy crush soda saga | 
"{B7880547-2B20-4CDC-A885-10C918E63891}" = dir=out | [email protected]{microsoft.windows.contentdeliverymanager_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | 
"{B8335507-EDB7-4CBD-BFA9-F292FDDF854F}" = dir=out | [email protected]{microsoft.lockapp_10.0.17134.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | 
"{B9075567-A484-45E6-A234-0099A327DB8F}" = protocol=6 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.64.80.0_x86__kzf8qxf38zg5c\skype\skype.exe | 
"{B961CDD9-6A12-4CC8-8E16-7BCE24B07145}" = dir=out | [email protected]{microsoft.zunevideo_10.20032.16211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{BA4AD37A-0BEF-4C0E-BF4A-0030266B002B}" = dir=out | [email protected]{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{BEF6DAD1-83A3-4991-81F9-2D9B4B953539}" = dir=out | [email protected]{26720randomsaladgamesllc.heartsdeluxe_6.7.33.0_x64__kx24dqmazqk8j?ms-resource://26720randomsaladgamesllc.heartsdeluxe/resources/gametitle} | 
"{C3B501F5-5904-4B44-957E-F89526F0B877}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{C6703085-C9AE-459C-86E5-132C06B6A6C2}" = dir=in | app=c:\program files (x86)\common files\mcafee\mmsshost\mmsshost.exe | 
"{C6804EE4-F9AB-45A2-B82D-EB851F860145}" = dir=out | [email protected]{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{C96E6F7D-D16C-47E1-A902-E5553E812A06}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\movie\powerdvdmovie.exe | 
"{CA32BA3D-96EB-49AF-9C71-21CD9B325861}" = dir=out | [email protected]{microsoft.desktopappinstaller_1.0.32912.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} | 
"{CA69D229-44B5-4FD7-85CF-74B470406166}" = protocol=17 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.64.80.0_x86__kzf8qxf38zg5c\skype\skype.exe | 
"{CDAD6217-7DC1-45C0-B328-229801471E7B}" = dir=out | [email protected]{microsoft.windows.cloudexperiencehost_10.0.17134.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{CECC04A4-2D32-4DB6-987F-51015488968C}" = dir=out | [email protected]{microsoft.windows.search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} | 
"{CF1C0C25-90CE-4B97-939C-AFF38A4BA084}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs435e\hpdiagnosticcoreui.exe | 
"{D09A4C1F-A763-4DC5-9AE0-9194A65D7022}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3652\hpdiagnosticcoreui.exe | 
"{D2820D46-1232-4519-AC65-504BC40CE9AA}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs311f\hpdiagnosticcoreui.exe | 
"{D38C7FEF-8ACA-4C6F-914F-E67227CA9202}" = dir=out | name=xbox game bar plugin | 
"{D7EFF413-C1E5-4F4A-93FA-C58835EB0736}" = dir=out | [email protected]{microsoft.messaging_4.1901.10241.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | 
"{D7FF85E0-6CC3-4DF0-A9C0-1455D9EF5AC2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{D89BD08F-1D41-46AA-A7DA-B9F12D9E18DB}" = dir=in | [email protected]{26720randomsaladgamesllc.simplesolitaire_6.20.87.0_x64__kx24dqmazqk8j?ms-resource://26720randomsaladgamesllc.simplesolitaire/resources/gamename} | 
"{D9E3A458-0E95-4A71-B5D8-3B2B566A4E04}" = dir=out | [email protected]{microsoft.people_10.1909.10841.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | 
"{DBED7F25-0437-4693-8413-A24D86917428}" = dir=in | [email protected]{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{DC5A8BAA-DCCE-4CA1-B406-F17DAC284AB7}" = dir=out | name=windows_ie_ac_001 | 
"{DD5E553B-5138-497A-9FF6-60E9BF8CC08A}" = dir=out | [email protected]{microsoft.zunemusic_10.20082.10421.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{DE08308C-076C-46AA-8117-E5920C43C96C}" = dir=out | name=xbox tcui | 
"{DE89D580-3DDB-4252-BAEC-7DEC28E8BBDA}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe | 
"{DFCDDA24-B7F6-4417-B8B4-D08553113D93}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe | 
"{E02994F8-2D2A-4E1C-9A4F-AC8EB7443D51}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\devicesetup.exe | 
"{E12921AD-2076-4416-93F1-A7DAB9B56BEC}" = protocol=6 | dir=in | app=c:\users\eades\appdata\local\temp\7zs272c\hpdiagnosticcoreui.exe | 
"{E2DF2B57-3DAF-452A-8BC1-8C02FCF381F7}" = protocol=17 | dir=in | app=c:\users\eades\appdata\local\temp\7zs3705\hpdiagnosticcoreui.exe | 
"{E30F62F8-67E7-40CF-B0F3-7C0006059CBD}" = dir=out | [email protected]{microsoft.windows.shellexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | 
"{E40DC6A8-A47A-4E1B-BCA6-8C33E5587DA2}" = dir=in | name=print 3d | 
"{EC49EA90-B10C-40E8-B891-51D283A51E70}" = dir=out | [email protected]{microsoft.aad.brokerplugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{EDBF5A04-DF74-484A-8074-D1F188DFBFA4}" = dir=in | [email protected]{a278ab0d.disneymagickingdoms_5.3.0.0_x86__h6adky7gbf63m?ms-resource://a278ab0d.disneymagickingdoms/resources/applicationname} | 
"{EE67BCA7-78AF-4729-BB16-AC586B16F112}" = dir=out | [email protected]{microsoft.windows.apprep.chxapp_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | 
"{EF34546B-BB58-4822-9AB3-E1152FBAB1C6}" = dir=out | name=office | 
"{F1CEAC3B-DFEE-4B09-B37B-C582EA8B1D2E}" = dir=in | name=microsoft solitaire collection | 
"{F3635857-5C55-4E9E-95A1-CEFF7B5D8424}" = dir=in | [email protected]{microsoft.windows.startmenuexperiencehost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} | 
"{F4DECE14-A015-40FC-89FB-C08F308C382F}" = dir=in | [email protected]{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{F71BD949-3CE8-4F24-B50B-84324813A1D4}" = dir=out | [email protected]{microsoft.windowsmaps_10.2008.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | 
"{F9CCFD71-DD72-4E38-ACD6-B99E84592950}" = dir=out | [email protected]{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} | 
"{FA9994F2-C2B4-40AB-8C62-0DAC138C31A0}" = dir=out | [email protected]{microsoft.windows.peopleexperiencehost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} | 
"{FE31AA78-AEEB-4F8F-BE34-CC2665676D5D}" = dir=out | [email protected]{microsoft.yourphone_1.20091.84.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} | 
"{FF098A88-4F3B-4886-8251-CA2BFAFC02C5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd14\kernel\dms\clmsserverpdvd14.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0101153A-CA07-4E2C-EF5E-D411604CF036}" = Catalyst Control Center Next Localization DE
"{155ABE97-ABF9-EE58-3270-334EF950F3A9}" = Catalyst Control Center Next Localization CHS
"{178B916E-BCCA-464A-82B1-16FBCE86E30B}" = AMD Settings - Branding
"{1D12B9AD-21F1-791A-6A85-47F27406282C}" = Catalyst Control Center Next Localization DA
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{21134089-9B59-34C8-BE11-929D26AD5207}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24123
"{2F028509-06B7-9869-5FD6-1F367A0B5827}" = Catalyst Control Center Next Localization FI
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3A82ED68-3D39-2AC7-718F-C6CFAFD28736}" = AMD Radeon Settings
"{3BBAB5EA-62DA-2431-3A1F-3F89BBAE739D}" = Catalyst Control Center Next Localization EL
"{3BC36736-66B5-4C48-AF0A-C41C335ABCB0}" = HP ePrint Windows Driver
"{4166E94C-7758-3D0E-1518-05BF181FBA21}" = Catalyst Control Center Next Localization PL
"{44167DA6-B26A-A06B-213E-A481135FCBF0}" = Catalyst Control Center Next Localization CHT
"{4BE67694-29C6-6A69-85E4-D06EFCA12846}" = Catalyst Control Center Next Localization SV
"{54603A0D-55EB-44D8-0D79-4B7CB94AD6B7}" = Catalyst Control Center Next Localization TR
"{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}" = CyberLink PhotoDirector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{665B0E99-0560-6850-876C-259CC785D49A}" = Catalyst Control Center Next Localization IT
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{791D3241-C6A4-417F-82E6-00543B6E5012}" = HP Deskjet 3510 series Product Improvement Study
"{7B1A228A-7D97-3209-B386-AA878D3555C5}" = Catalyst Control Center Next Localization TH
"{7F20F2D1-C425-4432-96BA-EBD0C2181493}" = HP Deskjet 3510 series Basic Device Software
"{807BBD2A-B4C2-030B-C22F-D97FA460FF79}" = AMD Problem Report Wizard
"{8191CEE4-C7AB-5A02-4587-9D12B6B443F2}" = Catalyst Control Center Next Localization JA
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{85EC2DC7-901A-C7A8-69CC-D14B5311C057}" = Catalyst Control Center Next Localization BR
"{8831C53E-B6FA-3DE6-FB39-66BD5019F083}" = Catalyst Control Center Next Localization NL
"{8A5107B8-9CC4-141F-141D-B1952B84A62A}" = Catalyst Control Center Next Localization FR
"{90160000-008F-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-00DD-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component 64-bit Registration
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9432C606-FE2A-7F88-5E59-9A33FB1D876D}" = ccc-utility64
"{975476BF-784B-0C34-09B3-AE6DC25C2B3C}" = Catalyst Control Center Next Localization ES
"{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}" = Microsoft Update Health Tools
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BFDF75E6-EBBE-FD30-7DED-A80A072A0452}" = Catalyst Control Center Next Localization HU
"{CB203E05-4AAA-9076-7D8B-5D7CAD7F0D39}" = Catalyst Control Center Next Localization NO
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{E1646825-D391-42A0-93AA-27FA810DA093}" = CyberLink PowerDirector 12
"{E2D25167-8913-E00E-6755-270D9010DF62}" = Catalyst Control Center Next Localization RU
"{E3D88B8D-BB11-D376-C3C6-EF7D0F8DD725}" = Catalyst Control Center Next Localization KO
"{ED204021-2012-F4F3-E495-F4AFD74D66FF}" = Catalyst Control Center Next Localization CS
"{EDF66320-A8A5-967C-1B69-484DAD822143}" = AMD Software
"{FDBE9DB4-7A91-3A28-B27E-705EF7CFAE57}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24123
"AMD Catalyst Install Manager" = AMD Software
"HP_Documentation" = HP Documentation
"O365HomePremRetail - en-us" = Microsoft 365 - en-us
"VulkanRT1.0.51.0" = Vulkan Run Time Libraries 1.0.51.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{099218A5-A723-43DC-8DB5-6173656A1E94}" = Dropbox Update Helper
"{0A6C62F1-963D-EBAF-2613-48D52B7330E3}" = Catalyst Control Center Localization All
"{0C4C1DFF-3F58-F9DD-CCA5-D0EA50D941D1}" = CCC Help Italian
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15DFB235-D734-0DBA-FB06-DE5CAF1E3747}" = AMD Settings
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21C21B71-DBC5-888E-3142-6A9C0F9876A3}" = CCC Help Greek
"{25D2A37E-1C94-3CC2-D805-0F0B736ABE57}" = CCC Help Portuguese
"{283CC77F-6CA0-17CC-6344-A18B6BD931D6}" = CCC Help Korean
"{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123
"{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}" = CyberLink Power Media Player 14
"{33BA2D47-95FE-07FC-D910-7D57E3DC0881}" = CCC Help Polish
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.36
"{47A35F86-8578-FA6B-75F3-DC0F58BB239C}" = CCC Help Dutch
"{48947098-A67C-46D4-90C5-9F2F6F0F96FE}" = Citrix Online Launcher
"{5460D71D-9DF4-EFDD-FE9B-6503EF8B26A2}" = CCC Help English
"{587371BD-41EA-46AE-182F-17143173A48B}" = CCC Help Norwegian
"{597A58EC-42D6-4940-8739-FB94491B013C}" = Dropbox 25 GB
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{6189B85F-0DFD-0F50-95AE-999864B4CB1A}" = CCC Help Japanese
"{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}" = HP Recovery Manager
"{67386FCC-6EBB-D6F0-886B-DE66DEC68FB5}" = CCC Help Hungarian
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{6DD9EA14-4BE5-2271-C82F-AB5685DBA9B4}" = CCC Help Russian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78875E02-1E2E-6627-19F0-6D348C3AC8A1}" = CCC Help Chinese Traditional
"{7A6644E8-81F5-BCBC-E888-4D2E3362BDC4}" = CCC Help Czech
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89102AB4-6000-43B3-883A-5ED8650D3E40}" = HP ESU for Microsoft Windows 10
"{90160000-008C-0000-0000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0409-0000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}" = HP Deskjet 3510 series Help
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A318B4F3-65DD-E1CC-E399-F0808EEDD1D4}" = CCC Help Swedish
"{A5107464-AA9B-4177-8129-5FF2F42DD322}" = REALTEK Wireless LAN Driver
"{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}" = CyberLink YouCam
"{AC76BA86-0804-1033-1959-000182442176}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2E6D81D-6041-5653-60EC-319F618F835D}" = CCC Help Finnish
"{B3985FEC-32AB-BB10-1F9A-D6849B906286}" = Catalyst Control Center Graphics Previews Common
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BBF4F212-F995-117E-3357-5570A40DB833}" = CCC Help German
"{BD2CDEAF-8D83-4553-A3B3-8B614CC6C96E}" = HP PC Hardware Diagnostics Windows
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C01C2E69-F11A-B71D-F01E-52CA199232B0}" = CCC Help French
"{C7E0D59D-253B-7CA2-3B8D-32E474248FAA}" = Catalyst Control Center - Branding
"{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}" = HP Customer Experience Enhancements
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CE66FC84-F15D-A37F-2C26-F86D27F5C1C9}" = CCC Help Chinese Standard
"{D5C69738-B486-402E-85AC-2456D98A64E4}" = Windows 10 Upgrade Assistant
"{D7D5F438-26EF-45AB-AB89-C476FBCF8584}" = HP Support Solutions Framework
"{DD43EA67-DAF3-4879-BFF7-E534675BDEA5}" = HP PC Hardware Diagnostics UEFI
"{DF675B7B-8407-DC1A-A81F-3A86BB1B804A}" = CCC Help Spanish
"{E07D56BB-0433-77AC-4860-88CD25255EDD}" = CCC Help Danish
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C845FB-AEC8-781F-3AB6-DB2C88F54F70}" = CCC Help Thai
"{F4B5AF40-BE6A-511A-ECAA-1DEBE1D5342C}" = CCC Help Turkish
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"Dropbox" = Dropbox
"HP Photo Creations" = HP Photo Creations
"InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}" = CyberLink PhotoDirector
"InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}" = CyberLink PowerDirector 12
"Microsoft Edge" = Microsoft Edge
"Microsoft Edge Update" = Microsoft Edge Update
"Microsoft EdgeWebView" = Microsoft Edge WebView2 Runtime
"MSC" = McAfee LiveSafe
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-2408870077-2760889140-2630364754-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Connect 9 Add-in" = Adobe Connect 9 Add-in
"GoToMeeting" = GoToMeeting 10.15.0.19228
"OneDriveSetup.exe" = Microsoft OneDrive
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 3/14/2021 8:10:13 PM | Computer Name = DESKTOP-B748AG0 | Source = Application Error | ID = 1000
Description = Faulting application name: RadeonSettings.exe, version: 10.1.1.1680,
 time stamp: 0x597135e8  Faulting module name: unknown, version: 0.0.0.0, time stamp:
 0x00000000  Exception code: 0xc0000005  Fault offset: 0x0000000000000000  Faulting process
 id: 0x1d4c  Faulting application start time: 0x01d7192eaeaab0be  Faulting application
 path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe  Faulting module path: 
unknown  Report Id: dd94870b-70b4-4f34-9f88-ec36dd55f57a  Faulting package full name:
 ?  Faulting package-relative application ID: ?
 
Error - 3/14/2021 8:29:37 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description = 
 
Error - 3/14/2021 9:31:34 PM | Computer Name = DESKTOP-B748AG0 | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary Microsoft Link-Layer Discovery Protocol.  System Error: Access is denied.
.
 
Error - 3/14/2021 9:37:21 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description = 
 
Error - 3/14/2021 9:40:58 PM | Computer Name = DESKTOP-B748AG0 | Source = Application Error | ID = 1000
Description = Faulting application name: PowerDVD14Agent.exe, version: 14.0.1.5418,
 time stamp: 0x55826aab  Faulting module name: EvoParser.dll_unloaded, version: 1.2.0.7602,
 time stamp: 0x551d0eff  Exception code: 0xc0000005  Fault offset: 0x00022e78  Faulting
 process id: 0x26b0  Faulting application start time: 0x01d7193c38cd146f  Faulting application
 path: C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe  Faulting module
 path: EvoParser.dll  Report Id: 2ffc3fa7-37be-426c-bced-27786b28a40a  Faulting package
 full name: ?  Faulting package-relative application ID: ?
 
Error - 3/14/2021 9:48:57 PM | Computer Name = DESKTOP-B748AG0 | Source = Application Error | ID = 1000
Description = Faulting application name: RadeonSettings.exe, version: 10.1.1.1680,
 time stamp: 0x597135e8  Faulting module name: unknown, version: 0.0.0.0, time stamp:
 0x00000000  Exception code: 0xc0000005  Fault offset: 0x0000000000000000  Faulting process
 id: 0x99c  Faulting application start time: 0x01d7193c32a85ee2  Faulting application
 path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe  Faulting module path: 
unknown  Report Id: fe446323-5cad-4715-9f62-7c6c940788a1  Faulting package full name:
 ?  Faulting package-relative application ID: ?
 
Error - 3/14/2021 10:04:33 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description = 
 
Error - 3/14/2021 10:47:30 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description = 
 
Error - 3/14/2021 10:52:41 PM | Computer Name = DESKTOP-B748AG0 | Source = Application Error | ID = 1000
Description = Faulting application name: RadeonSettings.exe, version: 10.1.1.1680,
 time stamp: 0x597135e8  Faulting module name: unknown, version: 0.0.0.0, time stamp:
 0x00000000  Exception code: 0xc0000005  Fault offset: 0x0000000000000000  Faulting process
 id: 0x2aa8  Faulting application start time: 0x01d71945458213a2  Faulting application
 path: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe  Faulting module path: 
unknown  Report Id: 65fb3215-e245-43d8-b0d7-64cfcd869767  Faulting package full name:
 ?  Faulting package-relative application ID: ?
 
Error - 3/14/2021 11:10:12 PM | Computer Name = DESKTOP-B748AG0 | Source = SecurityCenter | ID = 17
Description = 
 
[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 3/14/2021 10:39:19 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description = 
 
Error - 3/14/2021 10:39:19 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description = 
 
Error - 3/14/2021 10:39:19 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description = 
 
Error - 3/14/2021 10:39:19 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description = 
 
Error - 3/14/2021 10:39:58 PM | Computer Name = DESKTOP-B748AG0 | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the AMD External Events Utility service.
 
Error - 3/14/2021 10:40:13 PM | Computer Name = DESKTOP-B748AG0 | Source = TPM | ID = 15
Description = The device driver for the Trusted Platform Module (TPM) encountered
 a non-recoverable error in the TPM hardware, which prevents TPM services (such 
as data encryption) from being used. For further help, please contact the computer
 manufacturer.
 
Error - 3/14/2021 10:42:15 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description = 
 
Error - 3/14/2021 10:46:10 PM | Computer Name = DESKTOP-B748AG0 | Source = Service Control Manager | ID = 7022
Description = The HP Support Solutions Framework Service service hung on starting.
 
Error - 3/14/2021 10:46:10 PM | Computer Name = DESKTOP-B748AG0 | Source = Service Control Manager | ID = 7000
Description = The HP Touchpoint Analytics service failed to start due to the following
 error:   %%2
 
Error - 3/14/2021 10:46:15 PM | Computer Name = DESKTOP-B748AG0 | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
 

Link to post
Share on other sites

Good morning Rick, a few questions first !

1. Are you using McAfee for virus protection ?? It can slow down a computer especially while loading ! Windows Defender which comes with Windows 10 is a great protector, that is all i have ever used & never caught anything !!

2. Is this W10 system ??

Thanks

Chuck

PS. Rick there is no sign of Farbar ever being ran !!

 

 

Link to post
Share on other sites

Hey Rick, ok

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program. Should be on your desk top !
    * Copy and Paste the following code into the text box of the OTL tool/program ! Start with and include the colon plus  :OTL
Copy everything in RED & Purple links below and Paste into the box in the OTL program !!


:OTL
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKLM\..\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRHPR1&src=IE11TR&pc=HRTS
IE - HKU\S-1-5-21-2408870077-2760889140-2630364754-1001\..\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}
O2:[b]64bit:[/b] - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf.16 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf-roaming.16 - No CLSID value found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

 

 

:Commands

[emptyjava]
[emptyflash]
[EMPTYTEMP]
[RESETHOSTS]
[CREATERESTOREPOINT]
[Reboot]

 

==========================================

 

# Then click the Run Fix button at the top.
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.


Post this log when done !!

Thanks

Link to post
Share on other sites

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ not found.
HKEY_USERS\S-1-5-21-2408870077-2760889140-2630364754-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2408870077-2760889140-2630364754-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}\ not found.
Registry key HKEY_USERS\S-1-5-21-2408870077-2760889140-2630364754-1001\Software\Microsoft\Internet Explorer\SearchScopes\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{801E41E6-6D8F-4DAF-B1BE-1AD281BC3BC0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25510184-5A38-4A99-B273-DCA8EEF6CD08}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Default.migrated
 
User: eades
 
User: Public
 
User: TEMP
 
User: TEMP.DESKTOP-B748AG0
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Default.migrated
 
User: eades
->Flash cache emptied: 49244631 bytes
 
User: Public
 
User: TEMP
 
User: TEMP.DESKTOP-B748AG0
 
Total Flash Files Cleaned = 47.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default.migrated
 
User: eades
->Temp folder emptied: 63423806 bytes
->Temporary Internet Files folder emptied: 6986430 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: TEMP.DESKTOP-B748AG0
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 8192 bytes
%systemroot% .tmp files removed: 608192 bytes
%systemroot%\System32 .tmp files removed: 11746704 bytes
%systemroot%\System32 (64bit) .tmp files removed: 124890488 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7962897 bytes
RecycleBin emptied: 8760716 bytes
 
Total Files Cleaned = 214.00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 03152021_171440

Files\Folders moved on Reboot...
File\Folder C:\Users\eades\AppData\Local\Temp\3f259471-68cf-45c6-8ce7-da59ff1b6132.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\685dd429-3dae-4ef4-b371-e5f560e44266.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\6be74cb4-1f44-41f3-8183-c3f719a89395.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\726193bf-5b70-498c-a0ec-90c90541a4c4.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\7c6f6cf8-6dd6-4932-b621-aca884d393f4.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\87e4fd79-94d2-40d3-9eae-c4a978396f91.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\93d59bfd-9b23-4654-aef8-0ed6cca4d609.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\9ca4e88e-d6fc-4c04-912c-95bbd1a83434.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\b471a7f2-29d5-4a68-b83d-145c84f7150c.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\b53f458d-1c8f-4136-95f5-0ab61329b15a.tmp not found!
File\Folder C:\Users\eades\AppData\Local\Temp\b8e16a36-9473-466f-b0f9-78b29c170b74.tmp not found!
File\Folder C:\DumpStack.log.tmp not found!
C:\WINDOWS\temp\DESKTOP-B748AG0-20210314-2040.log moved successfully.
File\Folder C:\WINDOWS\temp\mcafee_vYIpaIE4kYsuQ2E not found!
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(20210314204043B88).log not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Link to post
Share on other sites

Rick that looks clean ! So now let's get rid of the programs & logs, if this program doesn't remove them then do it manually !!

Download KpRm by kernel-panik and save it to your desktop. >>> https://toolslib.net/downloads/finish/951-kprm/

    * Right-click kprm_(version).exe and select Run as Administrator.
    * When the tool opens, ensure all boxes are checked, and select Run.
    * Once complete, click OK.
    * A log will open in Notepad titled kprm-(date).txt.
    * Please copy and paste its contents in your next reply.


No need to post the log back unless you just want to !!

That's it !! Happy Surfing !!

Chuck

Link to post
Share on other sites

# Run at 3/15/2021 5:53:33 PM
# KpRm (Kernel-panik) version 2.9
# Website https://kernel-panik.me/tool/kprm/
# Run by eades from C:\Users\eades\Downloads
# Computer Name: DESKTOP-B748AG0
# OS: Windows 10 X64 (19041) 
# Number of passes: 1

- Checked options -

    ~ Registry Backup
    ~ Delete Tools
    ~ Restore System Settings
    ~ UAC Restore
    ~ Delete Restore Points
    ~ Create Restore Point
    ~ Delete Quarantines

- Create Registry Backup -

   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
   ~ [OK] Hive C:\Users\eades\NTUSER.dat backed up

     [OK] Registry Backup: C:\KPRM\backup\2021-03-15-17-53-33

- Delete Tools -


  ## AdwCleaner
     [OK] C:\Users\eades\Downloads\AdwCleaner (1).exe deleted
     [OK] C:\Users\eades\Downloads\AdwCleaner.exe deleted
     [OK] C:\AdwCleaner deleted

  ## OTL
     [OK] Process OTL.exe killed
     [OK] C:\Users\eades\Desktop\OTL.Txt deleted
     [OK] C:\Users\eades\Downloads\OTL.exe deleted
     [OK] C:\Users\eades\Downloads\OTL.Txt deleted
     [OK] C:\_OTL deleted

- Restore System Settings -

     [OK] Reset WinSock
     [OK] FLUSHDNS
     [OK] Hide Hidden file.
     [OK] Show Extensions for known file types
     [OK] Hide protected operating system files

- Restore UAC -

     [OK] Set EnableLUA with default (1) value
     [OK] Set ConsentPromptBehaviorAdmin with default (5) value
     [OK] Set ConsentPromptBehaviorUser with default (3) value
     [OK] Set EnableInstallerDetection with default (0) value
     [OK] Set EnableSecureUIAPaths with default (1) value
     [OK] Set EnableUIADesktopToggle with default (0) value
     [OK] Set EnableVirtualization with default (1) value
     [OK] Set FilterAdministratorToken with default (0) value
     [OK] Set PromptOnSecureDesktop with default (1) value
     [OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

   ~ [OK] RP named Scheduled Checkpoint created at 03/10/2021 18:05:17 deleted
   ~ [OK] RP named AdwCleaner_BeforeCleaning_14/03/2021_19:31:08 created at 03/15/2021 01:31:13 deleted
     [OK] All system restore points have been successfully deleted

- Create Restore Point -

     [OK] System Restore Point created

- Display System Restore Point -

   ~ [I] RP named KpRm created at 03/16/2021 00:01:34

-- KPRM finished in 547.40s --
 

Link to post
Share on other sites

Attn: these programs were chosen for this computer & some were based on the problems the user had with their computer ! For your own computer's safety please be very careful if you run any program without the help of a trained professional, it's possible to remove things that could make your computer in-operable !

THIS IS A WARNING !!

Chuck

Link to post
Share on other sites

This computer has been cleaned & i will now lock this thread ! If for some reason Rick you need it opened please PM me or any Mod !

Thanks & Happy Surfing !!

Chuck

Link to post
Share on other sites
Guest
This topic is now closed to further replies.