Here are my log files....
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2021
Ran by willi (administrator) on B-UNIT (ASUSTeK Computer Inc. K52F) (23-02-2021 10:18:53)
Running from C:\Users\willi\OneDrive\Desktop
Loaded Profiles: willi
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PerceptionSimulation\PerceptionSimulationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Spectrum.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2020-12-02] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1128013736-2862579630-230849842-1001\...\MountPoints2: {56e690d4-52bc-11eb-9bd5-e006e6a4f7ea} - "F:\OnePlus_setup.exe" /s
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0329F02B-0284-4575-B629-92D32A046E60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {062DE161-6ECA-49B1-A645-ABA3E5932C0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-15] (Google LLC -> Google LLC)
Task: {09376EB4-2D85-4565-BEC3-EA41EA68D34B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E1CB6BD-7A29-4D79-AAAC-12D65D8B9115} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2D8ABCCC-F045-40AC-B62C-7EF636915557} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32624 2020-10-22] (Microsoft Corporation -> Microsoft)
Task: {3D9E326F-2A9A-48A2-8A88-52E4A6080412} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143672 2019-04-02] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {5FA780CB-5C4B-43C2-BCE8-7BDC9B5F03F1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2311536 2020-10-22] (Microsoft Corporation -> Microsoft)
Task: {6A581CF9-0BF5-4554-B447-0C2D51A95AF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7415BF91-7CB6-489E-A90B-72CB6DC2F65D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {78807741-4BAA-4ABF-A074-FC0E42F50858} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78D6C372-4C49-451C-893D-6487495CAE34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-15] (Google LLC -> Google LLC)
Task: {8C3674D4-C6F2-4A95-A644-96C55ABD477B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910128 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {D94A860C-F48F-43CF-987A-FA026B1797ED} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910128 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7f10a078-a1d4-4ab2-bce0-3c6ac909ee32}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{aca19fb2-5058-4021-9af9-60446f4b4e86}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (AVG Online Security) -> EdgeExtension_51CA791EAVGOnlineSecurity_s1d0xtrs8dx04 => C:\Program Files\WindowsApps\51CA791E.AVGOnlineSecurity_19.4.444.0_neutral__s1d0xtrs8dx04 [2020-12-04]
Edge DefaultProfile: Default
Edge Profile: C:\Users\willi\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-23]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default [2021-02-23]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/media/ytm/images/applauncher/music_icon_48x48.png
CHR Extension: (Slides) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-15]
CHR Extension: (Docs) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-15]
CHR Extension: (Google Drive) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-15]
CHR Extension: (YouTube) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-15]
CHR Extension: (YouTube Music) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2020-12-26]
CHR Extension: (Sheets) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-08]
CHR Extension: (Gmail) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-15]
CHR Extension: (Chrome Media Router) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-08]
CHR Profile: C:\Users\willi\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-12-11]
CHR Profile: C:\Users\willi\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-02-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-25] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-25] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [137728 2019-12-07] (Microsoft Windows -> JMicron Technology Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-23 10:17 - 2021-02-23 10:20 - 000000000 ____D C:\FRST
2021-02-17 03:40 - 2021-02-17 03:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-02-16 21:30 - 2021-02-16 21:34 - 000000000 ____D C:\Users\willi\OneDrive\Documents\sm-a205u backup
2021-02-16 21:11 - 2020-11-19 19:53 - 082903228 ____N C:\Users\willi\Downloads\CSC_OMC_OYM_A205U1OYM7BTK1_CL19844280_QB35863963_REV00_user_low_ship.tar.md5
2021-02-16 21:11 - 2020-11-19 19:52 - 082882753 ____N C:\Users\willi\Downloads\HOME_CSC_OMC_OYM_A205U1OYM7BTK1_CL19844280_QB35863963_REV00_user_low_ship.tar.md5
2021-02-16 21:11 - 2020-11-19 19:52 - 030331070 ____N C:\Users\willi\Downloads\CP_A205U1UEU7BTK1_CP17421137_CL19844280_QB35863963_REV00_user_low_ship.tar.md5
2021-02-16 21:11 - 2020-11-19 19:49 - 002908338 ____N C:\Users\willi\Downloads\BL_A205U1UEU7BTK1_CL19844280_QB35863963_REV00_user_low_ship.tar.md5
2021-02-16 21:09 - 2020-11-19 19:49 - 3636459711 ____N C:\Users\willi\Downloads\AP_A205U1UEU7BTK1_CL19844280_QB35863963_REV00_user_low_ship_meta_OS10.tar.md5
2021-02-16 03:42 - 2021-02-16 03:42 - 000509288 _____ C:\Users\willi\Downloads\SM-A205U+Schematic.zip
2021-02-16 03:38 - 2021-02-16 03:56 - 3221962044 _____ C:\Users\willi\Downloads\[up_vnROM.net]_A205U1UEU7BTK1_A205U1OYM7BTK1_ACG_10.0.zip
2021-02-15 18:30 - 2021-02-17 14:36 - 000002206 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-15 18:30 - 2021-02-15 18:30 - 000000000 ____D C:\Program Files\Google
2021-02-15 18:29 - 2021-02-15 18:29 - 001304160 _____ (Google LLC) C:\Users\willi\Downloads\ChromeSetup (1).exe
2021-02-15 18:29 - 2021-02-15 18:29 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-12 04:54 - 2021-02-12 04:54 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 04:53 - 2021-02-12 04:53 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-08 23:56 - 2021-02-09 00:36 - 000195350 _____ C:\WINDOWS\ntbtlog.txt
2021-02-08 23:56 - 2021-02-08 23:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-02-08 18:52 - 2021-02-08 18:52 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-08 18:52 - 2021-02-08 18:52 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-08 18:52 - 2021-02-08 18:52 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-08 17:08 - 2021-02-08 17:08 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-02-08 17:08 - 2021-02-08 17:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-02-08 17:08 - 2021-02-08 17:08 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-02-08 17:08 - 2021-02-08 17:08 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-02-08 17:08 - 2021-02-08 17:08 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-02-08 17:07 - 2021-02-08 17:07 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-02-08 17:07 - 2021-02-08 17:07 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-02-08 17:07 - 2021-02-08 17:07 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-02-08 17:07 - 2021-02-08 17:07 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-02-08 17:07 - 2021-02-08 17:07 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-08 17:07 - 2021-02-08 17:07 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-02-08 17:06 - 2021-02-08 17:06 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-02-08 17:06 - 2021-02-08 17:06 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-02-08 17:06 - 2021-02-08 17:06 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-02-08 17:06 - 2021-02-08 17:06 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-08 17:06 - 2021-02-08 17:06 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-02-08 17:05 - 2021-02-08 17:05 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-02-08 17:05 - 2021-02-08 17:05 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-02-08 17:04 - 2021-02-08 17:04 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-02-08 17:04 - 2021-02-08 17:04 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-02-08 17:04 - 2021-02-08 17:04 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-02-08 17:03 - 2021-02-08 17:03 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-02-08 17:03 - 2021-02-08 17:03 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-02-08 17:03 - 2021-02-08 17:03 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-02-08 17:03 - 2021-02-08 17:03 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-02-08 17:02 - 2021-02-08 17:02 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-02-08 17:02 - 2021-02-08 17:02 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-02-08 17:02 - 2021-02-08 17:02 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-02-08 17:02 - 2021-02-08 17:02 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-02-08 17:02 - 2021-02-08 17:02 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-02-08 17:01 - 2021-02-08 17:01 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-02-08 17:00 - 2021-02-08 17:00 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-02-08 17:00 - 2021-02-08 17:00 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-02-08 17:00 - 2021-02-08 17:00 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-02-08 16:59 - 2021-02-08 16:59 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-02-08 16:59 - 2021-02-08 16:59 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-02-08 16:59 - 2021-02-08 16:59 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-02-08 16:59 - 2021-02-08 16:59 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-02-08 10:45 - 2021-02-08 10:45 - 000009851 _____ C:\Users\willi\OneDrive\Documents\2021_02_08_10_43_33.htm
2021-02-08 10:29 - 2021-02-12 03:09 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6def0fd1e8afe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-23 09:24 - 2020-12-30 12:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-23 00:57 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-22 22:21 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-22 22:21 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-20 07:32 - 2020-12-04 04:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-19 12:16 - 2020-12-07 17:41 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-19 12:16 - 2020-12-07 17:41 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-19 09:37 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-19 08:23 - 2019-12-07 01:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-17 14:36 - 2020-12-02 17:02 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-17 05:33 - 2020-12-30 13:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-17 05:33 - 2020-12-30 12:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-17 05:32 - 2019-12-07 01:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-17 02:02 - 2020-12-02 16:45 - 000000000 ____D C:\Users\willi\AppData\Local\Packages
2021-02-17 01:51 - 2020-12-04 06:15 - 000000000 ____D C:\Users\willi\AppData\Local\PlaceholderTileLogoFolder
2021-02-16 21:33 - 2020-12-04 11:44 - 000000000 ____D C:\ProgramData\Samsung
2021-02-16 21:06 - 2020-12-08 00:09 - 000000000 ____D C:\Program Files (x86)\EasyVMS
2021-02-16 18:00 - 2020-12-12 04:16 - 000000000 ____D C:\RecordPlan
2021-02-15 18:29 - 2020-12-30 13:34 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-15 18:29 - 2020-12-30 13:34 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-15 18:18 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-14 22:00 - 2020-12-30 12:44 - 000000000 ____D C:\ProgramData\ssh
2021-02-12 05:17 - 2020-12-30 13:19 - 000972430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-12 05:12 - 2020-12-30 12:58 - 000266280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 05:08 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 05:08 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 05:08 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 04:19 - 2020-12-02 18:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 04:08 - 2020-12-02 18:00 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-12 04:07 - 2020-12-04 09:36 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-12 04:05 - 2020-12-11 08:50 - 000000000 ____D C:\Users\Default\.dotnet
2021-02-12 04:03 - 2020-12-07 22:23 - 000000000 ____D C:\Program Files\dotnet
2021-02-12 03:09 - 2020-12-30 13:34 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-12 02:59 - 2020-12-03 04:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-08 22:32 - 2020-12-30 12:04 - 000000000 ___SD C:\WINDOWS\system32\containers
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-08 22:32 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-08 22:31 - 2020-12-30 12:04 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-02-08 22:31 - 2020-12-30 12:04 - 000000000 ____D C:\WINDOWS\ADAM
2021-02-08 22:31 - 2019-12-07 01:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-08 22:31 - 2019-12-07 01:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-02-08 22:31 - 2019-12-07 01:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\IME
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-08 16:58 - 2020-12-30 13:03 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-02-08 10:31 - 2020-12-02 18:06 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-05 20:04 - 2020-12-04 04:55 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-12-04 04:55 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2021
Ran by willi (administrator) on B-UNIT (ASUSTeK Computer Inc. K52F) (23-02-2021 10:18:53)
Running from C:\Users\willi\OneDrive\Desktop
Loaded Profiles: willi
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PerceptionSimulation\PerceptionSimulationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Spectrum.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2020-12-02] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1128013736-2862579630-230849842-1001\...\MountPoints2: {56e690d4-52bc-11eb-9bd5-e006e6a4f7ea} - "F:\OnePlus_setup.exe" /s
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0329F02B-0284-4575-B629-92D32A046E60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {062DE161-6ECA-49B1-A645-ABA3E5932C0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-15] (Google LLC -> Google LLC)
Task: {09376EB4-2D85-4565-BEC3-EA41EA68D34B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E1CB6BD-7A29-4D79-AAAC-12D65D8B9115} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2D8ABCCC-F045-40AC-B62C-7EF636915557} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32624 2020-10-22] (Microsoft Corporation -> Microsoft)
Task: {3D9E326F-2A9A-48A2-8A88-52E4A6080412} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143672 2019-04-02] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {5FA780CB-5C4B-43C2-BCE8-7BDC9B5F03F1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2311536 2020-10-22] (Microsoft Corporation -> Microsoft)
Task: {6A581CF9-0BF5-4554-B447-0C2D51A95AF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7415BF91-7CB6-489E-A90B-72CB6DC2F65D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2434424 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {78807741-4BAA-4ABF-A074-FC0E42F50858} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78D6C372-4C49-451C-893D-6487495CAE34} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-15] (Google LLC -> Google LLC)
Task: {8C3674D4-C6F2-4A95-A644-96C55ABD477B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910128 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {D94A860C-F48F-43CF-987A-FA026B1797ED} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1910128 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7f10a078-a1d4-4ab2-bce0-3c6ac909ee32}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{aca19fb2-5058-4021-9af9-60446f4b4e86}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (AVG Online Security) -> EdgeExtension_51CA791EAVGOnlineSecurity_s1d0xtrs8dx04 => C:\Program Files\WindowsApps\51CA791E.AVGOnlineSecurity_19.4.444.0_neutral__s1d0xtrs8dx04 [2020-12-04]
Edge DefaultProfile: Default
Edge Profile: C:\Users\willi\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-23]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default [2021-02-23]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/media/ytm/images/applauncher/music_icon_48x48.png
CHR Extension: (Slides) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-15]
CHR Extension: (Docs) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-15]
CHR Extension: (Google Drive) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-15]
CHR Extension: (YouTube) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-15]
CHR Extension: (YouTube Music) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2020-12-26]
CHR Extension: (Sheets) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-08]
CHR Extension: (Gmail) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-15]
CHR Extension: (Chrome Media Router) - C:\Users\willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-08]
CHR Profile: C:\Users\willi\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-12-11]
CHR Profile: C:\Users\willi\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-02-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-25] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-25] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [137728 2019-12-07] (Microsoft Windows -> JMicron Technology Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-23 10:17 - 2021-02-23 10:20 - 000000000 ____D C:\FRST
2021-02-17 03:40 - 2021-02-17 03:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-02-16 21:30 - 2021-02-16 21:34 - 000000000 ____D C:\Users\willi\OneDrive\Documents\sm-a205u backup
2021-02-16 21:11 - 2020-11-19 19:53 - 082903228 ____N C:\Users\willi\Downloads\CSC_OMC_OYM_A205U1OYM7BTK1_CL19844280_QB35863963_REV00_user_low_ship.tar.md5
2021-02-16 21:11 - 2020-11-19 19:52 - 082882753 ____N C:\Users\willi\Downloads\HOME_CSC_OMC_OYM_A205U1OYM7BTK1_CL19844280_QB35863963_REV00_user_low_ship.tar.md5
2021-02-16 21:11 - 2020-11-19 19:52 - 030331070 ____N C:\Users\willi\Downloads\CP_A205U1UEU7BTK1_CP17421137_CL19844280_QB35863963_REV00_user_low_ship.tar.md5
2021-02-16 21:11 - 2020-11-19 19:49 - 002908338 ____N C:\Users\willi\Downloads\BL_A205U1UEU7BTK1_CL19844280_QB35863963_REV00_user_low_ship.tar.md5
2021-02-16 21:09 - 2020-11-19 19:49 - 3636459711 ____N C:\Users\willi\Downloads\AP_A205U1UEU7BTK1_CL19844280_QB35863963_REV00_user_low_ship_meta_OS10.tar.md5
2021-02-16 03:42 - 2021-02-16 03:42 - 000509288 _____ C:\Users\willi\Downloads\SM-A205U+Schematic.zip
2021-02-16 03:38 - 2021-02-16 03:56 - 3221962044 _____ C:\Users\willi\Downloads\[up_vnROM.net]_A205U1UEU7BTK1_A205U1OYM7BTK1_ACG_10.0.zip
2021-02-15 18:30 - 2021-02-17 14:36 - 000002206 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-15 18:30 - 2021-02-15 18:30 - 000000000 ____D C:\Program Files\Google
2021-02-15 18:29 - 2021-02-15 18:29 - 001304160 _____ (Google LLC) C:\Users\willi\Downloads\ChromeSetup (1).exe
2021-02-15 18:29 - 2021-02-15 18:29 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-12 04:54 - 2021-02-12 04:54 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 04:53 - 2021-02-12 04:53 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-08 23:56 - 2021-02-09 00:36 - 000195350 _____ C:\WINDOWS\ntbtlog.txt
2021-02-08 23:56 - 2021-02-08 23:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-02-08 18:52 - 2021-02-08 18:52 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-08 18:52 - 2021-02-08 18:52 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-08 18:52 - 2021-02-08 18:52 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-08 17:08 - 2021-02-08 17:08 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-02-08 17:08 - 2021-02-08 17:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-02-08 17:08 - 2021-02-08 17:08 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-02-08 17:08 - 2021-02-08 17:08 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-02-08 17:08 - 2021-02-08 17:08 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-02-08 17:08 - 2021-02-08 17:08 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-02-08 17:07 - 2021-02-08 17:07 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-02-08 17:07 - 2021-02-08 17:07 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-02-08 17:07 - 2021-02-08 17:07 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-02-08 17:07 - 2021-02-08 17:07 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-02-08 17:07 - 2021-02-08 17:07 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-08 17:07 - 2021-02-08 17:07 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-02-08 17:06 - 2021-02-08 17:06 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-02-08 17:06 - 2021-02-08 17:06 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-02-08 17:06 - 2021-02-08 17:06 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-02-08 17:06 - 2021-02-08 17:06 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-08 17:06 - 2021-02-08 17:06 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-02-08 17:05 - 2021-02-08 17:05 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-02-08 17:05 - 2021-02-08 17:05 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-02-08 17:04 - 2021-02-08 17:04 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-02-08 17:04 - 2021-02-08 17:04 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-02-08 17:04 - 2021-02-08 17:04 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-02-08 17:03 - 2021-02-08 17:03 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-02-08 17:03 - 2021-02-08 17:03 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-02-08 17:03 - 2021-02-08 17:03 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-02-08 17:03 - 2021-02-08 17:03 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-02-08 17:02 - 2021-02-08 17:02 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-02-08 17:02 - 2021-02-08 17:02 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-02-08 17:02 - 2021-02-08 17:02 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-02-08 17:02 - 2021-02-08 17:02 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-02-08 17:02 - 2021-02-08 17:02 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-02-08 17:01 - 2021-02-08 17:01 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-02-08 17:00 - 2021-02-08 17:00 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-02-08 17:00 - 2021-02-08 17:00 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-02-08 17:00 - 2021-02-08 17:00 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-02-08 16:59 - 2021-02-08 16:59 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-02-08 16:59 - 2021-02-08 16:59 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-02-08 16:59 - 2021-02-08 16:59 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-02-08 16:59 - 2021-02-08 16:59 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-02-08 10:45 - 2021-02-08 10:45 - 000009851 _____ C:\Users\willi\OneDrive\Documents\2021_02_08_10_43_33.htm
2021-02-08 10:29 - 2021-02-12 03:09 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6def0fd1e8afe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-23 09:24 - 2020-12-30 12:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-23 00:57 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-22 22:21 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-22 22:21 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-20 07:32 - 2020-12-04 04:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-19 12:16 - 2020-12-07 17:41 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-19 12:16 - 2020-12-07 17:41 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-19 09:37 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-19 08:23 - 2019-12-07 01:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-17 14:36 - 2020-12-02 17:02 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-17 05:33 - 2020-12-30 13:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-17 05:33 - 2020-12-30 12:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-17 05:32 - 2019-12-07 01:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-17 02:02 - 2020-12-02 16:45 - 000000000 ____D C:\Users\willi\AppData\Local\Packages
2021-02-17 01:51 - 2020-12-04 06:15 - 000000000 ____D C:\Users\willi\AppData\Local\PlaceholderTileLogoFolder
2021-02-16 21:33 - 2020-12-04 11:44 - 000000000 ____D C:\ProgramData\Samsung
2021-02-16 21:06 - 2020-12-08 00:09 - 000000000 ____D C:\Program Files (x86)\EasyVMS
2021-02-16 18:00 - 2020-12-12 04:16 - 000000000 ____D C:\RecordPlan
2021-02-15 18:29 - 2020-12-30 13:34 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-15 18:29 - 2020-12-30 13:34 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-15 18:18 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-14 22:00 - 2020-12-30 12:44 - 000000000 ____D C:\ProgramData\ssh
2021-02-12 05:17 - 2020-12-30 13:19 - 000972430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-12 05:12 - 2020-12-30 12:58 - 000266280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 05:08 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 05:08 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 05:08 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 04:19 - 2020-12-02 18:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 04:08 - 2020-12-02 18:00 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-12 04:07 - 2020-12-04 09:36 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-12 04:05 - 2020-12-11 08:50 - 000000000 ____D C:\Users\Default\.dotnet
2021-02-12 04:03 - 2020-12-07 22:23 - 000000000 ____D C:\Program Files\dotnet
2021-02-12 03:09 - 2020-12-30 13:34 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-12 02:59 - 2020-12-03 04:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-08 22:32 - 2020-12-30 12:04 - 000000000 ___SD C:\WINDOWS\system32\containers
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-08 22:32 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-08 22:32 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-08 22:31 - 2020-12-30 12:04 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-02-08 22:31 - 2020-12-30 12:04 - 000000000 ____D C:\WINDOWS\ADAM
2021-02-08 22:31 - 2019-12-07 01:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-08 22:31 - 2019-12-07 01:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-02-08 22:31 - 2019-12-07 01:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\IME
2021-02-08 22:31 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-08 16:58 - 2020-12-30 13:03 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-02-08 10:31 - 2020-12-02 18:06 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-05 20:04 - 2020-12-04 04:55 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-12-04 04:55 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)