I'm scared my laptop might have a virus. it froze up yesterday, then the mic showed up in bottom right taskbar and froze up.
here are my logs.
FRST part 1
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by ericd (administrator) on LAPTOP-E (Dell Inc. Latitude E6420) (02-07-2020 11:46:56)
Running from C:\Users\ericd\Downloads
Loaded Profiles: ericd
Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2498368 2015-07-23] (NVIDIA Corporation -> )
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-451142573-3605570172-3169649013-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3200800 2018-05-21] (Valve -> Valve Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Startup: C:\Users\ericd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2020-01-19]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe (June Fabrics Technology Inc. -> )
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2EC2E556-FD6F-48EE-9375-7E69FEF5348F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BA836D1-0E13-4B84-AD60-C4A0349AB44F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60110339-9CF8-4B2E-914F-281151EFFA34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A4AC029-98A1-4EC0-85DB-92DBFE07C6BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.128.1
Tcpip\..\Interfaces\{34415256-6285-49f4-a30f-df95c2a21204}: [DhcpNameServer] 192.168.128.1
Tcpip\..\Interfaces\{9d5f3bff-3af9-439e-b735-2605a100444b}: [DhcpNameServer] 8.8.8.8
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: z0x29yf1.default
FF ProfilePath: C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\z0x29yf1.default [2020-01-18]
FF ProfilePath: C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\0p69qntc.default-release [2020-07-02]
FF Extension: (AdBlocker Ultimate) - C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\0p69qntc.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2020-07-01]
FF Extension: (DarkTheme) - C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\0p69qntc.default-release\Extensions\{99c277af-d778-4a0b-9faa-b1d8165f0a55}.xpi [2020-02-15]
FF Extension: (Web of Trust) - C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\0p69qntc.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2020-05-02]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [File not signed]
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c65x64.sys [480040 2015-06-19] (Intel(R) Intel Network Drivers -> Intel Corporation)
R1 MpKslbea63e47; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D9A03640-119F-439B-9D3A-289F73F6D4C8}\MpKslbea63e47.sys [43232 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D9A03640-119F-439B-9D3A-289F73F6D4C8}\MpKslDrv.sys [43232 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [401120 2020-06-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-02 11:46 - 2020-07-02 11:47 - 000010304 _____ C:\Users\ericd\Downloads\FRST.txt
2020-07-02 11:46 - 2020-07-02 11:47 - 000000000 ____D C:\FRST
2020-07-02 11:46 - 2020-07-02 11:46 - 000000000 ____D C:\Users\ericd\Downloads\FRST-OlderVersion
2020-07-02 11:45 - 2020-07-02 11:46 - 002291712 _____ (Farbar) C:\Users\ericd\Downloads\FRST64.exe
2020-07-01 15:15 - 2020-07-01 15:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-24 15:33 - 2020-06-24 15:33 - 000000000 ____D C:\Windows\system32\Tasks\Intel
2020-06-24 15:32 - 2020-06-24 15:32 - 002510856 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2020-06-14 14:35 - 2020-06-14 14:38 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-14 14:35 - 2020-06-14 14:35 - 001573568 _____ C:\Users\ericd\Downloads\SteamSetup.exe
2020-06-14 14:35 - 2020-06-14 14:35 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2020-06-14 14:35 - 2020-06-14 14:35 - 000001032 _____ C:\ProgramData\Desktop\Steam.lnk
2020-06-14 14:35 - 2020-06-14 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-06-11 12:05 - 2020-06-11 12:05 - 000000000 ____D C:\Program Files\UNP
2020-06-10 00:47 - 2020-06-10 00:47 - 025902080 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 022638592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 019851776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 018029056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 011608064 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 009712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 008015360 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 007822888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 007760384 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 007268864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 007012864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 006526448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 006292480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 005909504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 005765144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 005098352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 004610560 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 003525608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 003515392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 003398656 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002831872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002798592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-06-10 00:47 - 2020-06-10 00:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-06-10 00:47 - 2020-06-10 00:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-06-10 00:47 - 2020-06-10 00:47 - 002583496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002281472 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002259664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002230240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002204160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002184504 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002073176 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001952872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001803776 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001704448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001665720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001637888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001637376 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001581056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001559040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001556200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001539072 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001525760 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001507328 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001492480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001417760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001416224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001410048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001393664 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001382400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001344512 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001344000 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001343488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001336320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001306112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001284608 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001272160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001260032 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001214264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001193984 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001178608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001151824 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001138688 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001125376 _____ (Microsoft Corporation) C:\Windows\system32\CBDHSvc.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001107456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001099608 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001071616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001066496 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001060352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001034752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000994304 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000992256 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\tapi3.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 000943640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000940544 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000920064 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000897536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000894024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000852992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapi3.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000814080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000783496 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000747832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000740664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000736768 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000692224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000684856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000674304 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000673456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 000668672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
here are my logs.
FRST part 1
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by ericd (administrator) on LAPTOP-E (Dell Inc. Latitude E6420) (02-07-2020 11:46:56)
Running from C:\Users\ericd\Downloads
Loaded Profiles: ericd
Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2005.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2498368 2015-07-23] (NVIDIA Corporation -> )
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-451142573-3605570172-3169649013-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3200800 2018-05-21] (Valve -> Valve Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation)
Startup: C:\Users\ericd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2020-01-19]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe (June Fabrics Technology Inc. -> )
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2EC2E556-FD6F-48EE-9375-7E69FEF5348F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BA836D1-0E13-4B84-AD60-C4A0349AB44F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60110339-9CF8-4B2E-914F-281151EFFA34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A4AC029-98A1-4EC0-85DB-92DBFE07C6BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MpCmdRun.exe [491104 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.128.1
Tcpip\..\Interfaces\{34415256-6285-49f4-a30f-df95c2a21204}: [DhcpNameServer] 192.168.128.1
Tcpip\..\Interfaces\{9d5f3bff-3af9-439e-b735-2605a100444b}: [DhcpNameServer] 8.8.8.8
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: z0x29yf1.default
FF ProfilePath: C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\z0x29yf1.default [2020-01-18]
FF ProfilePath: C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\0p69qntc.default-release [2020-07-02]
FF Extension: (AdBlocker Ultimate) - C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\0p69qntc.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2020-07-01]
FF Extension: (DarkTheme) - C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\0p69qntc.default-release\Extensions\{99c277af-d778-4a0b-9faa-b1d8165f0a55}.xpi [2020-02-15]
FF Extension: (Web of Trust) - C:\Users\ericd\AppData\Roaming\Mozilla\Firefox\Profiles\0p69qntc.default-release\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2020-05-02]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-22] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-22] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-07-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [File not signed]
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c65x64.sys [480040 2015-06-19] (Intel(R) Intel Network Drivers -> Intel Corporation)
R1 MpKslbea63e47; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D9A03640-119F-439B-9D3A-289F73F6D4C8}\MpKslbea63e47.sys [43232 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D9A03640-119F-439B-9D3A-289F73F6D4C8}\MpKslDrv.sys [43232 2020-07-01] (Microsoft Windows -> Microsoft Corporation)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [401120 2020-06-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-02 11:46 - 2020-07-02 11:47 - 000010304 _____ C:\Users\ericd\Downloads\FRST.txt
2020-07-02 11:46 - 2020-07-02 11:47 - 000000000 ____D C:\FRST
2020-07-02 11:46 - 2020-07-02 11:46 - 000000000 ____D C:\Users\ericd\Downloads\FRST-OlderVersion
2020-07-02 11:45 - 2020-07-02 11:46 - 002291712 _____ (Farbar) C:\Users\ericd\Downloads\FRST64.exe
2020-07-01 15:15 - 2020-07-01 15:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-24 15:33 - 2020-06-24 15:33 - 000000000 ____D C:\Windows\system32\Tasks\Intel
2020-06-24 15:32 - 2020-06-24 15:32 - 002510856 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2020-06-14 14:35 - 2020-06-14 14:38 - 000000000 ____D C:\Program Files (x86)\Steam
2020-06-14 14:35 - 2020-06-14 14:35 - 001573568 _____ C:\Users\ericd\Downloads\SteamSetup.exe
2020-06-14 14:35 - 2020-06-14 14:35 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2020-06-14 14:35 - 2020-06-14 14:35 - 000001032 _____ C:\ProgramData\Desktop\Steam.lnk
2020-06-14 14:35 - 2020-06-14 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-06-11 12:05 - 2020-06-11 12:05 - 000000000 ____D C:\Program Files\UNP
2020-06-10 00:47 - 2020-06-10 00:47 - 025902080 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 022638592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 019851776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 018029056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 011608064 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 009712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 008015360 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 007822888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 007760384 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 007268864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 007012864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 006526448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 006292480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 005909504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 005765144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 005098352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 004610560 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 003525608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 003515392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 003398656 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002831872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002798592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-06-10 00:47 - 2020-06-10 00:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-06-10 00:47 - 2020-06-10 00:47 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-06-10 00:47 - 2020-06-10 00:47 - 002583496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002281472 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002259664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002230240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002204160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002184504 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 002073176 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001952872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001803776 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001704448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001665720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001637888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001637376 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001581056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001559040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001556200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001539072 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001525760 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001507328 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001492480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001417760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001416224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001410048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001393664 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001382400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001344512 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001344000 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001343488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001336320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001306112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001284608 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001272160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001260032 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001214264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001193984 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001178608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001151824 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001138688 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001125376 _____ (Microsoft Corporation) C:\Windows\system32\CBDHSvc.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001107456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001099608 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 001071616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001066496 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001060352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001034752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 001012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000994304 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000992256 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\tapi3.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 000943640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000940544 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000920064 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000897536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000894024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000852992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapi3.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000814080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000783496 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000747832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000740664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000736768 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000692224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000684856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000674304 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-06-10 00:47 - 2020-06-10 00:47 - 000673456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-06-10 00:47 - 2020-06-10 00:47 - 000668672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll