Inactive Do I have a Virus?

bruzynski

Posts: 38   +0
Had some problems updating some programs and opening AV ui...is there a problem?


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2020
Ran by HP (administrator) on ZEUS (Hewlett-Packard HP ZBook 15) (15-04-2020 14:19:01)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP (Available Profiles: User & HP)
Platform: Windows 10 Pro Version 1909 18363.720 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.710_none_5f52d84058d0677f\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Trend Micro, Inc. -> ) C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe <3>
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\10011\8.1.2002\8.1.2002\TmsaInstance64.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\DiamondRing\DrSDKCaller.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(VMware, Inc. -> ) D:\VMWare\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc. -> VMware, Inc.) D:\VMWare\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) D:\VMWare\vmware-tray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246112 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1246368 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => D:\VMWare\vmware-tray.exe [117680 2019-11-04] (VMware, Inc. -> VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-4113289908-434951168-1199682448-1003\...\Run: [CCleaner] => C:\Tools\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-4113289908-434951168-1199682448-1003\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-4113289908-434951168-1199682448-1003\...\RunOnce: [Application Restart #1] => C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe [935840 2018-07-13] (Trend Micro, Inc. -> )
HKU\S-1-5-21-4113289908-434951168-1199682448-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4113289908-434951168-1199682448-1003\...\MountPoints2: {adcc6f41-cd83-11e8-a922-a02bb8406570} - "F:\WD Drive Unlock.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {21287151-B333-407E-A776-0B22D18E606C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2173ADB1-955B-4C5E-BC19-EFEFF64C0970} - System32\Tasks\DRScanner Startup => C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe [6078920 2020-02-22] (Trend Micro, Inc. -> Trend Micro Inc.)
Task: {258B3E56-5F09-47FF-974C-7899C54BE588} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {2FCA29CA-2549-4D21-A33F-721D5B6D6DE8} - \OneDrive Standalone Update Task-S-1-5-21-4113289908-434951168-1199682448-1001 -> No File <==== ATTENTION
Task: {3A983587-B879-43F4-92A2-6AA2C7021C96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B9217D3-7F7F-49BE-9C12-2E562587D54A} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2104760 2017-10-20] (NVIDIA Corporation -> )
Task: {6D3D0DFE-2816-411A-82F2-C6284EC39686} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DDBE393-2C44-4C7C-A0F8-C440EFD20602} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {814AB5C1-6D0F-44D9-B8FE-36ED2B1E131D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {893E5646-3E78-4723-863B-0D673C3B1AFA} - System32\Tasks\CCleanerSkipUAC => C:\Tools\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
Task: {92D6B4FA-218C-4237-BA3D-4CBBDD72D4FF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9336AAB3-94AE-4764-AC7A-38A4639E8ACD} - System32\Tasks\AirSupport Update => C:\Program Files\Trend Micro\AirSupport\Update.exe [4342416 2019-09-08] (Trend Micro, Inc. -> Trend Micro Inc.)
Task: {AEC0525E-6FE0-49FD-8F8E-6603FFD2087E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2045336 2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE3E2821-8478-47A4-81FA-38BED08FB54D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E036953A-D92D-4BA3-BE25-ADBD7D43A9E7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F443C1B0-D166-40AB-B6D8-650A97AE3A33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {FD43A4E7-2093-4297-A3C8-75B4A4CD3FA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{49f7af94-1376-4422-911b-25d27d216235}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7fc20ff8-a5a2-48bf-93a4-eaa16a68af51}: [DhcpNameServer] 172.31.11.13 172.31.1.45

Internet Explorer:
==================
HKU\S-1-5-21-4113289908-434951168-1199682448-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ca/
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Password Manager BHO -> {782829FB-43A5-4AE0-A14E-590A252E7946} -> C:\Program Files\Trend Micro\TMIDS\bhoDirectPass64.dll [2020-02-17] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-04-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Password Manager BHO -> {782829FB-43A5-4AE0-A14E-590A252E7946} -> C:\Program Files\Trend Micro\TMIDS\bhoDirectPass32.dll [2020-02-17] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-04-01] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Password Manager ToolBar - {97EE74D2-C351-4ECE-B75A-8CD36FAE3661} - C:\Program Files\Trend Micro\TMIDS\bhoDirectPass64.dll [2020-02-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM-x32 - Password Manager ToolBar - {97EE74D2-C351-4ECE-B75A-8CD36FAE3661} - C:\Program Files\Trend Micro\TMIDS\bhoDirectPass32.dll [2020-02-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi [2020-02-20]
FF HKLM-x32\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-04-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-04-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2020-04-15]
CHR Extension: (Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-01]
CHR Extension: (Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-01]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-27]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-27]
CHR Extension: (Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-01]
CHR Extension: (Trend Micro Password Manager) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fokifklggehlihkifghafpekelcicmgl [2020-04-01]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-04-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-01]
CHR Extension: (Trend Micro Toolbar) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2020-04-04]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-04]
CHR HKU\S-1-5-21-4113289908-434951168-1199682448-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [384032 2019-07-28] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626328 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2017-01-27] (Intel(R) pGFX -> Intel Corporation)
S2 LxssManagerUser; C:\WINDOWS\system32\lxss\LxssManager.dll [632832 2020-01-17] (Microsoft Windows -> Microsoft Corporation)
R2 LxssManagerUser_576a0; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 LxssManagerUser_576a0; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVWMI; C:\WINDOWS\system32\nvwmi64.exe [4408432 2017-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1127584 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [2792904 2020-02-17] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-04-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256224 2017-09-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 TmWscSvc; C:\Program Files\Trend Micro\Titanium\TmWscSvc\TmWscSvc.exe [406440 2019-11-05] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 VMAuthdService; D:\VMWare\vmware-authd.exe [100272 2019-11-04] (VMware, Inc. -> VMware, Inc.)
R2 VMwareHostd; D:\VMWare\vmware-hostd.exe [15476144 2019-11-04] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows -> Intel Corporation)
S3 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-01-31] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_aa900d663b62b12b\nvlddmkm.sys [15629752 2017-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
S0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nvbl.inf_amd64_aa900d663b62b12b\nvpciflt.sys [47216 2017-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
R3 P9Rdr; C:\WINDOWS\System32\drivers\p9rdr.sys [88888 2019-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [772336 2015-08-28] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [51424 2017-09-06] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51936 2017-09-06] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [74760 2019-06-04] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [147672 2017-05-10] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [37552 2019-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R1 tmeyes; C:\WINDOWS\system32\DRIVERS\tmeyes.sys [684440 2020-01-20] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [562296 2018-03-07] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [159640 2020-01-21] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [137776 2019-05-04] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-04-17] (Apple, Inc.) [File not signed]
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2018-09-19] (VMware, Inc. -> VMware, Inc.)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2019-11-04] (VMware, Inc. -> VMware, Inc.)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39736 2020-04-03] (Microsoft Windows -> Microsoft Corporation)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-15 14:19 - 2020-04-15 14:19 - 000027982 _____ C:\Users\HP\Desktop\FRST.txt
2020-04-15 14:18 - 2020-04-15 14:19 - 000000000 ____D C:\FRST
2020-04-15 14:17 - 2020-04-15 14:17 - 002281472 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2020-04-04 00:04 - 2020-04-04 00:04 - 000000000 ____D C:\ProgramData\ssh
2020-04-03 00:09 - 2020-04-03 00:09 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-04-03 00:09 - 2020-04-03 00:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-04-03 00:09 - 2020-04-03 00:09 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002399544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-04-03 00:09 - 2020-04-03 00:09 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001272360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000904504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000828216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000597816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-04-03 00:09 - 2020-04-03 00:09 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000441072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-04-03 00:09 - 2020-04-03 00:09 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000405632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000366416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000274464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-04-03 00:09 - 2020-04-03 00:09 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nvspinfo.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000190256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-04-03 00:09 - 2020-04-03 00:09 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000150536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000145208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000138040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000133464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-04-03 00:09 - 2020-04-03 00:09 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000048440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxy.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxyHNic.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-04-03 00:09 - 2020-04-03 00:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-04-03 00:09 - 2020-04-03 00:09 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-03 00:09 - 2020-04-03 00:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-03 00:08 - 2020-04-03 00:08 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 006231200 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 003977216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 003110400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002125904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 002071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-03 00:08 - 2020-04-03 00:08 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
 
2020-04-03 00:08 - 2020-04-03 00:08 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-04-03 00:08 - 2020-04-03 00:08 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001154448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001051448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000891736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000857088 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-04-03 00:08 - 2020-04-03 00:08 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000824848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000758800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000732200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000678928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000587064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-04-03 00:08 - 2020-04-03 00:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-04-03 00:08 - 2020-04-03 00:08 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-03 00:08 - 2020-04-03 00:08 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000416056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-04-03 00:08 - 2020-04-03 00:08 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000369504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000335448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000324616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000296760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000259984 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000194064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000186672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000179720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000143160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000132624 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000117264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-04-03 00:08 - 2020-04-03 00:08 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSystray.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000037392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-04-03 00:08 - 2020-04-03 00:08 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
 
2020-04-03 00:08 - 2020-04-03 00:08 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-04-03 00:08 - 2020-04-03 00:08 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-04-03 00:08 - 2020-04-03 00:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-04-03 00:08 - 2020-04-03 00:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-04-02 14:55 - 2020-04-02 14:56 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2020-04-02 14:55 - 2020-04-02 14:55 - 000001103 _____ C:\Users\Public\Desktop\Minecraft Launcher.lnk
2020-04-02 14:55 - 2020-04-02 14:55 - 000001103 _____ C:\ProgramData\Desktop\Minecraft Launcher.lnk
2020-04-02 14:55 - 2020-04-02 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2020-04-02 14:54 - 2020-04-02 14:54 - 002342912 _____ C:\Users\HP\Downloads\MinecraftInstaller (2).msi
2020-04-02 14:48 - 2020-04-13 09:42 - 000000000 ____D C:\Users\HP\AppData\Roaming\.minecraft
2020-04-01 16:37 - 2020-04-01 16:37 - 000114232 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-04-01 16:37 - 2020-04-01 16:37 - 000003624 _____ C:\Users\HP\Desktop\crash-2020-04-01_16.33.38-client.txt
2020-04-01 16:37 - 2020-04-01 16:37 - 000000000 ____D C:\Users\HP\AppData\Roaming\Sun
2020-04-01 16:37 - 2020-04-01 16:37 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Sun
2020-04-01 16:37 - 2020-04-01 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-04-01 16:37 - 2020-04-01 16:37 - 000000000 ____D C:\Program Files (x86)\Java
2020-04-01 16:36 - 2020-04-01 16:36 - 002066976 _____ (Oracle Corporation) C:\Users\HP\Downloads\JavaSetup8u241.exe
2020-04-01 16:28 - 2020-04-07 16:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-01 16:28 - 2020-04-07 16:34 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-01 16:28 - 2020-04-07 16:34 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-01 16:28 - 2020-04-01 16:28 - 001295576 _____ (Google LLC) C:\Users\HP\Downloads\ChromeSetup.exe
2020-04-01 16:28 - 2020-04-01 16:28 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-01 16:28 - 2020-04-01 16:28 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-01 15:49 - 2020-04-01 15:49 - 000000000 ___HD C:\$SysReset
2020-04-01 15:29 - 2020-04-01 15:29 - 000003348 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4113289908-434951168-1199682448-1003
2020-04-01 15:29 - 2020-04-01 15:29 - 000002354 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-01 15:26 - 2020-04-01 15:26 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-04-01 15:26 - 2020-04-01 15:26 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-04-01 15:26 - 2020-04-01 15:26 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-04-01 15:26 - 2020-04-01 15:26 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-04-01 15:26 - 2020-04-01 15:26 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-04-01 15:26 - 2020-04-01 15:26 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-04-01 15:26 - 2020-04-01 15:26 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2020-04-01 15:26 - 2020-04-01 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-04-01 15:25 - 2020-04-01 15:25 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-04-01 15:24 - 2020-04-01 15:24 - 000000000 ____D C:\Program Files\Microsoft Office 15
2020-04-01 15:16 - 2020-04-01 15:16 - 000200840 _____ (Microsoft Corporation) C:\Users\HP\AppData\Roaming\SetupProd_OfficeInstall.exe
2020-04-01 15:16 - 2020-04-01 15:16 - 000000381 _____ C:\Users\HP\AppData\Roaming\SaraBat.bat
2020-04-01 15:11 - 2020-04-01 15:28 - 000000000 ____D C:\Users\HP\AppData\Local\SaraResults
2020-04-01 14:38 - 2020-04-01 14:38 - 000000520 _____ C:\Users\HP\Desktop\Microsoft Support and Recovery Assistant.appref-ms
2020-04-01 14:38 - 2020-04-01 14:38 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2020-04-01 14:38 - 2020-04-01 14:38 - 000000000 ____D C:\Users\HP\AppData\Local\SaRALogs
2020-04-01 14:37 - 2020-04-01 15:28 - 000000000 ____D C:\Users\HP\AppData\Local\Deployment
2020-04-01 14:37 - 2020-04-01 14:37 - 000000000 ____D C:\Users\HP\AppData\Local\Apps\2.0
2020-04-01 12:19 - 2020-04-01 14:22 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-03-31 20:07 - 2020-03-31 20:07 - 000000000 ____D C:\Users\TEMP\AppData\Local\Comms
2020-03-31 20:04 - 2020-03-31 20:04 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\NVIDIA
2020-03-31 20:00 - 2020-03-31 20:16 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\.minecraft
2020-03-31 20:00 - 2020-03-31 20:00 - 000000000 ____D C:\Users\TEMP\AppData\Local\CEF
2020-03-31 18:30 - 2020-03-31 18:30 - 000000000 ____D C:\Users\TEMP\AppData\LocalLow\Adobe
2020-03-31 18:29 - 2020-03-31 18:30 - 000000000 ____D C:\Users\TEMP\AppData\Local\Adobe
2020-03-31 18:22 - 2020-03-31 18:22 - 000000000 ____D C:\Users\TEMP\AppData\Local\Trend Micro
2020-03-31 18:19 - 2020-03-31 18:19 - 000000000 ____D C:\Users\TEMP\AppData\Local\PlaceholderTileLogoFolder
2020-03-31 18:18 - 2020-03-31 20:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\DP_Tower_3.7
2020-03-31 18:18 - 2020-03-31 20:14 - 000000000 ___RD C:\Users\TEMP\OneDrive
2020-03-31 18:18 - 2020-03-31 18:18 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Trend Micro
2020-03-31 18:18 - 2020-03-31 18:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\User Data
2020-03-31 18:18 - 2020-03-31 18:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\Chromium
2020-03-31 18:17 - 2020-03-31 20:23 - 000000000 ___RD C:\Users\TEMP\3D Objects
2020-03-31 18:17 - 2020-03-31 20:06 - 000000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2020-03-31 18:17 - 2020-03-31 18:47 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2020-03-31 18:17 - 2020-03-31 18:30 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2020-03-31 18:17 - 2020-03-31 18:17 - 000000000 ___HD C:\Users\TEMP\MicrosoftEdgeBackups
2020-03-31 18:17 - 2020-03-31 18:17 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2020-03-31 18:17 - 2020-03-31 18:17 - 000000000 ____D C:\Users\TEMP\AppData\Local\MicrosoftEdge
2020-03-31 16:59 - 2020-03-31 20:24 - 000000000 ____D C:\Users\TEMP
2020-03-31 16:59 - 2020-03-31 18:17 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
2020-03-31 16:57 - 2020-03-31 16:57 - 000000000 ____D C:\Users\HP\Liteon
2020-03-31 16:57 - 2020-03-31 16:57 - 000000000 ____D C:\Users\HP\Foxlink
2020-03-31 16:57 - 2020-03-31 16:57 - 000000000 ____D C:\Users\HP\Chicony
2020-03-31 16:53 - 2020-03-31 16:53 - 000000000 ____D C:\Users\HP\AppData\Roaming\hpqLog
2020-03-31 16:53 - 2020-03-31 16:53 - 000000000 ____D C:\System.sav
2020-03-31 16:51 - 2020-03-31 17:15 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-03-31 16:51 - 2020-03-31 17:14 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-03-31 16:51 - 2020-03-31 16:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2020-03-31 16:51 - 2020-03-31 16:51 - 000000000 ____D C:\Users\HP\AppData\Local\HP
2020-03-31 07:21 - 2018-06-22 17:08 - 000370424 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\wpcap.dll
2020-03-31 07:21 - 2018-06-22 17:08 - 000282360 _____ (Riverbed Technology, Inc.) C:\WINDOWS\SysWOW64\wpcap.dll
2020-03-31 07:21 - 2018-06-22 17:08 - 000107768 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Packet.dll
2020-03-31 07:21 - 2018-06-22 17:08 - 000098040 _____ (Riverbed Technology, Inc.) C:\WINDOWS\SysWOW64\Packet.dll
2020-03-31 07:21 - 2018-01-31 12:16 - 000036600 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2020-03-18 16:50 - 2020-03-18 16:50 - 000502741 _____ C:\Users\HP\Downloads\DRILL BIT SHARPENING VIDEO THINGY.html

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-15 14:20 - 2018-12-30 00:48 - 000000000 ____D C:\Users\HP\AppData\Local\DP_Tower_3.7
2020-04-15 14:17 - 2019-03-19 00:37 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-04-15 14:15 - 2019-12-10 10:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-15 14:15 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-15 14:15 - 2018-10-11 14:28 - 000000000 ____D C:\ProgramData\VMware
2020-04-15 14:15 - 2018-09-27 12:38 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-15 14:15 - 2018-06-25 18:39 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-04-15 14:14 - 2019-03-19 00:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-15 14:05 - 2018-12-30 00:48 - 000000036 _____ C:\Users\HP\AppData\Local\housecall.guid.cache
2020-04-15 14:05 - 2018-12-30 00:48 - 000000000 ____D C:\ProgramData\TMDP_Log
2020-04-15 13:49 - 2019-03-07 12:53 - 001961592 _____ C:\Users\HP\AppData\Local\census.cache
2020-04-15 13:49 - 2019-03-07 12:53 - 000411044 _____ C:\Users\HP\AppData\Local\ars.cache
2020-04-15 13:35 - 2019-12-10 10:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-15 03:10 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-15 03:10 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-14 19:34 - 2018-12-30 00:45 - 000000000 ____D C:\ProgramData\Trend Micro
2020-04-14 13:51 - 2019-12-10 10:08 - 000001264 _____ C:\Users\HP\Desktop\Trend Micro Maximum Security.lnk
2020-04-14 13:14 - 2018-10-11 14:31 - 000000000 ____D C:\Users\HP\AppData\Roaming\VMware
2020-04-14 13:14 - 2018-10-11 14:31 - 000000000 ____D C:\Users\HP\AppData\Local\VMware
2020-04-09 13:07 - 2018-12-30 01:55 - 000000010 _____ C:\Users\HP\AppData\Local\sponge.last.runtime.cache
2020-04-04 10:53 - 2019-12-10 10:47 - 000800224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-04 10:53 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-04 10:46 - 2019-12-10 10:40 - 000438920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-04 00:04 - 2019-03-19 02:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-04 00:04 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-04-04 00:04 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\servicing
2020-04-03 00:11 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-02 13:01 - 2018-06-25 19:05 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-01 16:28 - 2018-06-25 18:59 - 000000000 ____D C:\Program Files (x86)\Google
2020-04-01 15:26 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-04-01 15:26 - 2018-10-19 14:17 - 000000000 ____D C:\Program Files\Microsoft Office
2020-04-01 15:15 - 2019-12-10 10:07 - 000000000 ____D C:\WINDOWS\SysWOW64\tmumh
2020-04-01 15:15 - 2019-12-10 10:07 - 000000000 ____D C:\WINDOWS\SysWOW64\TmAMSI
2020-04-01 15:15 - 2019-12-10 10:07 - 000000000 ____D C:\WINDOWS\system32\tmumh
2020-04-01 15:15 - 2019-12-10 10:07 - 000000000 ____D C:\WINDOWS\system32\TmAMSI
2020-04-01 15:14 - 2019-12-10 10:50 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-04-01 15:14 - 2019-12-10 10:08 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Maximum Security
2020-04-01 15:14 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\registration
2020-04-01 15:14 - 2019-03-07 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HouseCall for Home Networks
2020-04-01 15:14 - 2018-10-11 15:09 - 000000000 ___RD C:\Users\HP\Google Drive
2020-04-01 15:14 - 2018-09-27 15:53 - 000000000 ____D C:\Tools
2020-04-01 15:14 - 2018-09-27 15:39 - 000000000 ____D C:\Users\HP\Downloads\Wise Registry Cleaner
2020-04-01 15:14 - 2018-09-27 15:39 - 000000000 ____D C:\Users\HP\Downloads\Wise Disk Cleaner
2020-04-01 15:14 - 2018-09-27 12:34 - 000000000 ___RD C:\Users\HP\3D Objects
2020-04-01 15:14 - 2018-09-27 12:34 - 000000000 ____D C:\Users\HP\AppData\Local\ConnectedDevicesPlatform
2020-04-01 15:14 - 2016-04-27 02:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-04-01 15:13 - 2019-03-07 12:59 - 000000000 ____D C:\Program Files (x86)\Trend Micro
2020-04-01 15:13 - 2018-10-16 14:14 - 000000000 ____D C:\Users\HP\AppData\Roaming\OpenOffice
2020-04-01 15:13 - 2018-10-15 15:51 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Adobe
2020-04-01 15:13 - 2018-09-27 12:34 - 000000000 ____D C:\Users\HP\AppData\Roaming\Adobe
2020-04-01 15:13 - 2018-09-27 12:34 - 000000000 ____D C:\Users\HP\AppData\Local\Publishers
2020-04-01 14:10 - 2018-09-27 12:34 - 000000000 ____D C:\Users\HP\AppData\Local\Google
2020-04-01 13:31 - 2019-01-14 14:23 - 000000000 ____D C:\Program Files (x86)\Bethesda.net Launcher
2020-04-01 11:17 - 2019-12-10 10:41 - 000000000 ____D C:\Users\HP
2020-03-31 17:14 - 2018-06-25 18:41 - 000000000 ____D C:\Program Files (x86)\HP
2020-03-31 16:53 - 2019-01-26 15:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-03-31 07:21 - 2018-09-27 12:35 - 000000000 ___RD C:\Users\HP\OneDrive
2020-03-31 07:21 - 2018-09-27 12:34 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2020-03-25 10:20 - 2018-09-27 12:34 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2020-03-25 10:11 - 2018-06-26 06:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-19 10:16 - 2019-12-10 10:48 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-19 10:16 - 2018-10-15 15:51 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories ========

2020-04-01 15:16 - 2020-04-01 15:16 - 000000381 _____ () C:\Users\HP\AppData\Roaming\SaraBat.bat
2020-04-01 15:16 - 2020-04-01 15:16 - 000200840 _____ (Microsoft Corporation) C:\Users\HP\AppData\Roaming\SetupProd_OfficeInstall.exe
2019-03-07 12:53 - 2020-04-15 13:49 - 000411044 _____ () C:\Users\HP\AppData\Local\ars.cache
2019-03-07 12:53 - 2020-04-15 13:49 - 001961592 _____ () C:\Users\HP\AppData\Local\census.cache
2018-12-30 00:48 - 2020-04-15 14:05 - 000000036 _____ () C:\Users\HP\AppData\Local\housecall.guid.cache
2019-01-27 18:56 - 2019-01-27 18:56 - 000007605 _____ () C:\Users\HP\AppData\Local\Resmon.ResmonCfg
2018-12-30 01:55 - 2020-04-09 13:07 - 000000010 _____ () C:\Users\HP\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2020
Ran by HP (15-04-2020 14:20:38)
Running from C:\Users\HP\Desktop
Windows 10 Pro Version 1909 18363.720 (X64) (2019-12-10 14:48:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4113289908-434951168-1199682448-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4113289908-434951168-1199682448-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4113289908-434951168-1199682448-1002 - Limited - Disabled)
Guest (S-1-5-21-4113289908-434951168-1199682448-501 - Limited - Disabled)
HP (S-1-5-21-4113289908-434951168-1199682448-1003 - Administrator - Enabled) => C:\Users\HP
User (S-1-5-21-4113289908-434951168-1199682448-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-4113289908-434951168-1199682448-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Maximum Security (Enabled - Up to date) {AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Maximum Security (Enabled - Up to date) {148FC67B-DCDD-B560-0038-70855CFCCFEC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.9 - Arduino LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HouseCall for Home Networks (HKLM\...\DRScanner) (Version: 5.0.1188 - Trend Micro Inc.)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12624.20382 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4113289908-434951168-1199682448-1003\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-4113289908-434951168-1199682448-1003\...\f9a89bd2a46a7606) (Version: 17.0.4376.7 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.20.27508 (HKLM-x32\...\{7b178cda-9740-4701-a92a-f168d213b343}) (Version: 14.20.27508.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.20.27508 (HKLM-x32\...\{8c3f057e-d6a6-4338-ac6a-f1c795a6577b}) (Version: 14.20.27508.1 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
NVIDIA nView 148.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.47 - NVIDIA Corporation)
NVIDIA WMI 2.30.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.30.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 16.0 - Trend Micro Inc.)
Trend Micro Password Manager (HKLM\...\3A0FB4E3-2C0D-4572-A24D-67F1CAABDDP35_is1) (Version: 5.0.0.1092 - Trend Micro Inc.)
Trend Micro Troubleshooting Tool (HKLM\...\{4B83469E-CE4F-45D0-BC34-CCB7BF194477}) (Version: 6.0 - Trend Micro Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{B0D957AA-9ADA-4396-9757-B7EF0FCA648C}) (Version: 1.17.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VMware Workstation (HKLM\...\{54386C27-4DC2-449B-9A4F-460A1FE8DB65}) (Version: 15.5.1 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-04-01] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa [2020-04-01] (Apple Inc.) [Startup Task]
Kali Linux -> C:\Program Files\WindowsApps\KaliLinux.54290C8133FEE_1.4.1.0_x64__ey8k8hqnwqnmg [2020-04-01] (Kali Linux)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => D:\VMWare\vmdkShellExt.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => D:\VMWare\x64\vmdkShellExt64.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2017-10-20] (NVIDIA Corporation -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-09-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-30 00:48 - 2017-01-26 12:35 - 001078272 _____ () [File not signed] C:\Program Files\Trend Micro\TMIDS\tower\ffmpeg.dll
2018-12-30 00:48 - 2017-02-23 02:31 - 000079872 _____ () [File not signed] C:\Program Files\Trend Micro\TMIDS\tower\libegl.dll
2018-12-30 00:48 - 2017-02-23 02:31 - 001922560 _____ () [File not signed] C:\Program Files\Trend Micro\TMIDS\tower\libglesv2.dll
2018-12-30 00:48 - 2017-02-23 01:31 - 004834816 _____ () [File not signed] C:\Program Files\Trend Micro\TMIDS\tower\node.dll
2018-09-27 15:40 - 2018-04-30 08:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-12-30 00:48 - 2017-02-23 02:31 - 068185600 _____ (The NWJS Community) [File not signed] C:\Program Files\Trend Micro\TMIDS\tower\nw.dll
2018-12-30 00:48 - 2017-02-23 02:31 - 000421888 _____ (The NWJS Community) [File not signed] C:\Program Files\Trend Micro\TMIDS\tower\nw_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\trendmicro.com -> hxxps://pwm.trendmicro.com
IE trusted site: HKU\S-1-5-21-4113289908-434951168-1199682448-1003\...\trendmicro.com -> hxxps://pwm.trendmicro.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2015-10-30 03:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4113289908-434951168-1199682448-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)
VMware Network Adapter VMnet8: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)
VMware Network Adapter VMnet1: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Wi-Fi: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Wi-Fi: VMware Bridge Protocol -> vmware_bridge (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-4113289908-434951168-1199682448-1003\...\StartupApproved\Run: => "GoogleDriveSync"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{74615A64-ABA0-469F-BAEE-3EE867417CBB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{30C36990-6D8C-41A3-8150-D669A8A7A1B2}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe No File
FirewallRules: [TCP Query User{0082A157-EAA2-4EA8-99F4-34AD8902451E}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe No File
FirewallRules: [{CA5750E3-13A5-4503-BC30-B7BBD5F0D8DC}] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{DACBA573-652E-479C-B848-6E1350AFB914}] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{60133AF7-2026-418A-BA1C-01035A92220C}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{A8481122-99F7-4E02-AE53-E3EEC5A87C71}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{DA86BB6A-890C-41C5-A668-4558FD77E4B4}] => (Allow) C:\Program Files (x86)\Trend Micro\DRScanner\sdk\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org)
FirewallRules: [{1EB54E59-DF51-4A01-83AA-14ABC53D77C6}] => (Allow) C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe (Trend Micro, Inc. -> Trend Micro Inc.)
FirewallRules: [{09EF5A0F-5359-4141-A5EC-FBD881E80895}] => (Allow) C:\Users\HP\AppData\Local\Temp\HouseCall\tmase\nmap\bonjour.exe No File
FirewallRules: [{509DFBBB-E537-46D9-AE64-D1D2F839C07F}] => (Allow) C:\Users\HP\AppData\Local\Temp\HouseCall\tmase\nmap\nmap.exe No File
FirewallRules: [UDP Query User{AAE36484-73C5-4EA3-A10F-5808C1152162}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [TCP Query User{80276512-E7FD-4F27-B073-AAF7E5B51D0C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe No File
FirewallRules: [{023CE9D8-BD2D-4E2E-AA5B-C7F018F1C20D}] => (Allow) D:\VMWare\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{30095D49-DF68-46F0-81DA-884DAA9517D9}] => (Allow) D:\VMWare\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EA717EA0-4D18-4F05-92F4-2542D63532A4}] => (Allow) D:\VMWare\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{97EC6888-8F69-4CE1-955A-046B2A9FC444}] => (Allow) D:\VMWare\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{5423AFC7-3496-4385-82F5-47D7CF6F9D55}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{56DC7F47-F71F-4F1C-978A-7961A79F6458}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB237599-0BBD-4260-A1CB-677B49BC3E29}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{031D72CA-0BC6-4D8D-B61F-5FD49E519738}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{491A25A6-C5DF-4425-BB82-1E731EDFEABF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6542B61C-7AF2-4E1E-9D59-6C453B925E81}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5E9EB133-BE24-4C70-8B18-20BB026E317A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65F4FC9A-8553-405D-82E6-933142AA11BF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{63229E9C-1529-44B1-B10A-B939CD60F441}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

02-04-2020 14:48:40 Removed Minecraft Launcher
11-04-2020 13:15:35 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/15/2020 02:22:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6988,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/15/2020 02:21:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (14232,R,98) WebPlatStorage: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\HP\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.log.

Error: (04/15/2020 02:21:16 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (14232,R,98) WebPlatStorage: An attempt to open the file "C:\Users\HP\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (04/15/2020 02:21:06 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (14232,R,98) WebPlatStorage: An attempt to open the file "C:\Users\HP\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (04/15/2020 02:20:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (14232,R,98) WebPlatStorage: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\HP\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.log.

Error: (04/15/2020 02:20:56 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (14232,R,98) WebPlatStorage: An attempt to open the file "C:\Users\HP\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.log" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (04/15/2020 02:20:46 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (14232,R,98) WebPlatStorage: An attempt to open the file "C:\Users\HP\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (04/15/2020 02:20:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: DllHost (14232,R,98) WebPlatStorage: Error -1032 (0xfffffbf8) occurred while opening logfile C:\Users\HP\AppData\Local\Microsoft\Internet Explorer\CacheStorage\edb.log.


System errors:
=============
Error: (04/15/2020 02:18:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The UserDataSvc_576a0 service terminated with the following error:
Access is denied.

Error: (04/15/2020 02:17:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The UserDataSvc_576a0 service terminated with the following error:
Access is denied.

Error: (04/15/2020 02:15:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The UserDataSvc_576a0 service terminated with the following error:
Class not registered

Error: (04/15/2020 02:15:10 PM) (Source: DCOM) (EventID: 10010) (User: ZEUS)
Description: The server Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca did not register with DCOM within the required timeout.

Error: (04/15/2020 02:14:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The VMware Workstation Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (04/15/2020 02:09:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The User Data Access_4be3a1c7 service terminated with the following error:
Access is denied.

Error: (04/15/2020 01:53:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The User Data Access_4be3a1c7 service terminated with the following error:
Access is denied.

Error: (04/15/2020 01:47:52 PM) (Source: DCOM) (EventID: 10010) (User: ZEUS)
Description: The server Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe!App.AppX65n3t4j73ch7cremsjxn7q8bph1ma8jw.mca did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2020-04-04 20:00:57.492
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0E3F3A2D-5DA2-413B-A0F7-5C3B63B3B6B7}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-04 19:39:03.031
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BC124C03-9405-4A1E-9652-73CDE24630DB}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-01 11:44:13.571
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6DB6B037-CD21-4DCE-A5FD-738FA52B3CFD}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-01 11:39:09.017
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {47E697F2-1E1D-4351-8F6E-8E07BE8E7142}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-01 11:28:48.254
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3D3DDC55-C9E6-40AD-8B80-703614C580F5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-01 14:22:49.556
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2020-04-01 12:32:48.809
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.313.554.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16900.4
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode

Date: 2020-04-01 12:22:47.208
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2020-04-01 12:19:57.231
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2020-04-01 11:17:32.593
Description:
Windows Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

CodeIntegrity:
===================================

Date: 2020-04-15 14:18:06.807
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 14:18:06.799
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 14:18:06.792
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 14:18:06.784
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 14:18:06.775
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 14:18:06.768
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 14:18:06.761
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-15 14:18:06.745
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\TmAMSI\TmAMSIProvider64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Hewlett-Packard L70 Ver. 01.38 12/11/2017
Motherboard: Hewlett-Packard 1909
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 14%
Total physical RAM: 32185.11 MB
Available physical RAM: 27395.18 MB
Total Virtual: 37049.11 MB
Available Virtual: 32079.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.26 GB) (Free:125.93 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:422.14 GB) NTFS
Drive f: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF

\\?\Volume{859af361-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{859af361-0000-0000-0000-10b037000000}\ () (Fixed) (Total:0.82 GB) (Free:0.3 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 859AF361)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=837 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: E58B55B7)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.

==================== End of Addition.txt =======================
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==========================

I don't see much there but let's run couple more checks.

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
RogueKiller Anti-Malware V14.4.0.0 (x64) [Apr 1 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : HP [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200414_084954, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/04/15 16:56:41 (Duration : 00:06:07)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/15/20
Scan Time: 5:08 PM
Log File: 31a0a0ec-7f5d-11ea-a0fb-a02bb8406570.json

-Software Information-
Version: 4.1.0.56
Components Version: 1.0.875
Update Package Version: 1.0.22508
License: Trial

-System Information-
OS: Windows 10 (Build 18362.720)
CPU: x64
File System: NTFS
User: ZEUS\HP

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 317150
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 47 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-15-2020
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\HP\AppData\Roaming\Wise Euask

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1649 octets] - [15/04/2020 17:15:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 
Back