Go Back   Cyber Tech Help Support Forums > Software > Malware Removal
Reload this Page Win10 Firefox safe mode?
Register FAQ Calendar Today's Active Topics Search

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old December 17th, 2022, 07:02 AM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
Win10 Firefox safe mode?
No favorite icons, small white window pops up at startup, with Option to continue in Safe Mode? Deleted Firefox w CCleaner. Seemed really fast for deletion. Firefox Icon still there, clicked it, started right up. Seemed to be Refreshed. With Firefox, tried downloading Malwarebytes, failed twice. Just now clicked on Firefox icon, appears as before, favorites back, recomended Pocket articles.
Reply With Quote
  #2  
Old December 17th, 2022, 12:12 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
OTL logfile created on: 12/17/2022 2:53:27 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Darrell\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.82 Gb Total Physical Memory | 6.91 Gb Available Physical Memory | 58.49% Memory free
13.63 Gb Paging File | 9.11 Gb Available in Paging File | 66.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102.83 Gb Total Space | 11.89 Gb Free Space | 11.56% Space Free | Partition Type: NTFS
Drive D: | 931.39 Gb Total Space | 930.09 Gb Free Space | 99.86% Space Free | Partition Type: NTFS
Drive F: | 232.44 Gb Total Space | 20.16 Gb Free Space | 8.67% Space Free | Partition Type: FAT32

Computer Name: DESKTOP-6T2GKA4 | User Name: Darrell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2022/12/16 23:51:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Darrell\Desktop\OTL.com
PRC - [2022/12/12 11:51:32 | 000,597,400 | ---- | M] (AVAST Software) -- C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
PRC - [2022/12/12 11:51:26 | 002,038,168 | ---- | M] (AVAST Software) -- C:\Program Files\Avast Software\Avast\afwServ.exe
PRC - [2022/10/11 11:45:45 | 000,676,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe
PRC - [2022/08/30 02:20:48 | 000,309,720 | ---- | M] (Google LLC) -- C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler. exe
PRC - [2021/08/13 17:03:36 | 002,390,800 | ---- | M] (Rivet Networks) -- C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
PRC - [2021/08/13 17:03:34 | 001,633,040 | ---- | M] (Rivet Networks) -- C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
PRC - [2020/09/23 12:09:38 | 000,021,216 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe


========== Modules (No Company Name) ==========

MOD - [2021/10/12 12:39:04 | 000,611,960 | ---- | M] () -- C:\Windows\SysWOW64\TextShaping.dll
MOD - [2021/02/09 16:23:48 | 000,047,472 | ---- | M] () -- C:\Windows\SysWOW64\umpdc.dll


========== Services (SafeList) ==========

SRV:64bit: - [2022/12/13 16:06:02 | 002,242,560 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\windowsudk.shellcommon.dll -- (UdkUserSvc)
SRV:64bit: - [2022/12/13 16:06:02 | 001,005,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2022/12/13 16:06:01 | 003,922,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2022/12/13 16:05:58 | 000,791,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcsvc.dll -- (dcsvc)
SRV:64bit: - [2022/12/13 16:05:54 | 000,622,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2022/12/13 16:05:54 | 000,570,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usosvc.dll -- (UsoSvc)
SRV:64bit: - [2022/12/13 16:05:50 | 000,427,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc)
SRV:64bit: - [2022/12/13 16:05:49 | 002,459,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\InstallService.dll -- (InstallService)
SRV:64bit: - [2022/12/13 16:05:49 | 001,503,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2022/12/13 16:05:48 | 001,119,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2022/12/13 16:05:48 | 000,242,808 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV:64bit: - [2022/12/13 16:05:48 | 000,184,832 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2022/12/13 16:05:47 | 000,503,808 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:64bit: - [2022/12/13 16:05:46 | 000,940,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:64bit: - [2022/12/13 16:05:45 | 000,852,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dl l -- (WManSvc)
SRV:64bit: - [2022/12/13 16:05:44 | 003,863,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConf ig.dll -- (PrintNotify)
SRV:64bit: - [2022/12/12 11:51:47 | 008,550,808 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Avast Software\Avast\aswidsagent.exe -- (aswbIDSAgent)
SRV:64bit: - [2022/12/12 11:51:32 | 000,597,400 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Avast Software\Avast\aswToolsSvc.exe -- (avast! Tools)
SRV:64bit: - [2022/12/12 11:51:28 | 000,597,400 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Avast Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2022/12/12 11:51:26 | 002,038,168 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Avast Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2022/11/29 06:13:26 | 000,160,096 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe -- (SupportAssistAgent)
SRV:64bit: - [2022/11/08 19:29:03 | 000,989,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:64bit: - [2022/11/08 19:29:00 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2022/11/08 19:28:50 | 000,850,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2022/11/08 19:28:46 | 001,116,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.d ll -- (DmEnrollmentSvc)
SRV:64bit: - [2022/11/08 19:28:46 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2022/11/08 19:28:45 | 000,058,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2022/11/08 19:28:44 | 000,881,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2022/11/08 19:28:43 | 000,984,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2022/11/08 19:28:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2022/11/08 19:28:37 | 005,859,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2022/11/08 19:28:32 | 002,254,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2022/11/08 19:28:31 | 000,994,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2022/10/26 08:20:16 | 000,022,224 | ---- | M] (Dell INC.) [Auto | Running] -- C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRe medationService.exe -- (Dell SupportAssist Remediation)
SRV:64bit: - [2022/10/11 11:45:35 | 001,483,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2022/10/11 11:45:31 | 003,820,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2022/10/11 11:45:22 | 000,943,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2022/10/11 11:45:20 | 000,987,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService)
SRV:64bit: - [2022/10/11 11:45:19 | 000,962,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2022/09/22 01:48:36 | 000,161,488 | ---- | M] (Dell Technologies Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe -- (DDVDataCollector)
SRV:64bit: - [2022/09/22 01:33:28 | 000,458,960 | ---- | M] (Dell Technologies Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe -- (DDVCollectorSvcApi)
SRV:64bit: - [2022/09/22 01:28:16 | 000,484,560 | ---- | M] (Dell Technologies Inc.) [Auto | Running] -- C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe -- (DDVRulesProcessor)
SRV:64bit: - [2022/09/13 17:51:00 | 001,866,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc)
SRV:64bit: - [2022/09/13 17:51:00 | 000,436,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc)
SRV:64bit: - [2022/09/07 18:17:54 | 000,348,496 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Update Health Tools\uhssvc.exe -- (uhssvc)
SRV:64bit: - [2022/08/15 22:52:20 | 000,156,064 | ---- | M] (Dell) [Auto | Running] -- C:\Program Files\Dell\TechHub\Dell.TechHub.exe -- (DellTechHub)
SRV:64bit: - [2022/08/09 23:42:32 | 000,205,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc)
SRV:64bit: - [2022/08/09 23:42:26 | 000,463,360 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV:64bit: - [2022/08/09 23:42:19 | 000,597,504 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc)
SRV:64bit: - [2022/08/09 23:42:07 | 000,745,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2022/08/09 23:42:07 | 000,461,824 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\AarSvc.dll -- (AarSvc)
SRV:64bit: - [2022/07/14 18:26:20 | 000,484,352 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV:64bit: - [2022/07/14 18:26:03 | 000,258,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\McpManagementService.dll -- (McpManagementService)
SRV:64bit: - [2022/07/14 18:25:56 | 001,384,960 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (UdkUserSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DeviceAssociationBrokerSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_31005)
SRV:64bit: - [2022/07/14 18:25:39 | 000,055,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (AarSvc_31005)
SRV:64bit: - [2022/07/14 18:25:34 | 000,489,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2022/07/14 18:25:29 | 001,522,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker)
SRV:64bit: - [2022/06/15 22:19:36 | 000,877,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum)
SRV:64bit: - [2022/06/15 22:19:36 | 000,307,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc)
SRV:64bit: - [2022/06/15 22:19:36 | 000,304,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:64bit: - [2022/06/15 22:19:36 | 000,304,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:64bit: - [2022/06/15 22:19:14 | 000,329,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2022/06/15 22:19:06 | 001,554,944 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2022/06/15 22:19:06 | 001,191,936 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2022/06/15 22:19:06 | 000,333,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall)
SRV:64bit: - [2022/06/15 22:19:06 | 000,196,096 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2022/06/15 22:19:04 | 001,223,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc)
SRV:64bit: - [2022/06/15 22:18:56 | 001,291,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2022/06/15 22:18:56 | 000,487,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MitigationClient.dll -- (TroubleshootingSvc)
SRV:64bit: - [2022/04/14 21:40:37 | 002,233,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2022/04/14 21:40:08 | 000,370,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2022/04/14 21:40:04 | 000,391,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc)
SRV:64bit: - [2022/03/08 23:36:16 | 000,379,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\DispBroker.Desktop.dll -- (DispBrokerDesktopSvc)
SRV:64bit: - [2022/03/08 23:36:14 | 000,643,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2022/03/08 23:35:45 | 000,771,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2022/03/08 23:35:39 | 001,049,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2022/02/08 23:25:00 | 001,025,024 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc)
SRV:64bit: - [2022/02/08 23:24:30 | 000,611,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2022/01/12 12:26:52 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.Stand ardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2022/01/12 12:26:46 | 000,223,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManag er.dll -- (shpamsvc)
SRV:64bit: - [2021/10/12 12:39:10 | 000,036,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2021/09/16 22:21:43 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2021/09/16 22:21:43 | 000,251,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2021/09/16 22:21:37 | 000,677,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc)
SRV:64bit: - [2021/09/16 22:21:37 | 000,382,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CredentialEnrollmentManager.e xe -- (CredentialEnrollmentManagerUserSvc_31005)
SRV:64bit: - [2021/09/16 22:21:37 | 000,382,696 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CredentialEnrollmentManager.e xe -- (CredentialEnrollmentManagerUserSvc)
SRV:64bit: - [2021/09/15 10:02:28 | 000,785,240 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ic lsclient.inf_amd64_76523213b78d9046\lib\SocketHeci Server.exe -- (Intel(R)
SRV:64bit: - [2021/09/15 10:02:28 | 000,729,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ic lsclient.inf_amd64_76523213b78d9046\lib\TPMProvisi oningService.exe -- (Intel(R)
SRV:64bit: - [2021/09/02 02:06:42 | 004,064,384 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\lm s.inf_amd64_fddb643595e0b8d0\LMS.exe -- (LMS)
SRV:64bit: - [2021/08/13 17:03:36 | 002,390,800 | ---- | M] (Rivet Networks) [Auto | Running] -- C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe -- (SmartByte Network Service x64)
SRV:64bit: - [2021/08/13 17:03:34 | 001,633,040 | ---- | M] (Rivet Networks) [Auto | Running] -- C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe -- (SmartByte Analytics Service)
SRV:64bit: - [2021/08/13 17:03:34 | 000,066,296 | ---- | M] (Rivet Networks, LLC.) [On_Demand | Stopped] -- C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe -- (RNDBWM)
SRV:64bit: - [2021/08/13 17:03:32 | 000,066,296 | ---- | M] (Rivet Networks, LLC.) [Auto | Running] -- C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe -- (RAPSService)
SRV:64bit: - [2021/07/25 04:54:02 | 000,538,736 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\me wmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistration Service.exe -- (WMIRegistrationService)
SRV:64bit: - [2021/07/15 12:16:07 | 000,124,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2021/06/18 05:35:16 | 000,087,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ig cc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinS ervice.exe -- (igccservice)
SRV:64bit: - [2021/06/18 05:34:48 | 000,521,256 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ii gd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHeciSvc.e xe -- (cphs)
SRV:64bit: - [2021/06/18 05:34:46 | 000,365,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ii gd_dch.inf_amd64_ffb22091d2be88a5\IntelCpHDCPSvc.e xe -- (cplspcon)
SRV:64bit: - [2021/06/18 05:34:18 | 000,398,888 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\cu i_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.ex e -- (igfxCUIService2.0.0.0)
SRV:64bit: - [2021/06/16 06:23:52 | 000,628,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\da l.inf_amd64_b5484efd38adbe8d\jhi_service.exe -- (jhi_service)
SRV:64bit: - [2021/05/20 02:47:15 | 000,056,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Avast Software\Avast\wsc_proxy.exe -- (AvastWscReporter)
SRV:64bit: - [2021/05/11 18:06:33 | 000,442,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2021/05/11 18:06:33 | 000,382,976 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent)
SRV:64bit: - [2021/04/22 00:08:18 | 001,257,032 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\re altekservice.inf_amd64_18c775e07a6aaafd\RtkAudUSer vice64.exe -- (RtkAudioUniversalService)
SRV:64bit: - [2021/04/14 03:26:38 | 001,192,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Microsoft.Graphics.Display.Di splayEnhancementService.dll -- (DisplayEnhancementService)
SRV:64bit: - [2021/03/10 17:45:43 | 000,205,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2021/03/10 17:45:28 | 000,288,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2021/03/10 17:45:26 | 000,072,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc)
SRV:64bit: - [2021/02/10 01:38:42 | 000,651,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2021/02/10 01:38:16 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService)
SRV:64bit: - [2021/02/10 01:38:07 | 000,382,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc)
SRV:64bit: - [2021/02/09 16:24:35 | 000,734,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2021/02/09 16:24:30 | 000,351,744 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2021/02/09 16:24:19 | 000,134,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV:64bit: - [2021/02/09 16:24:07 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2021/02/09 16:24:07 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2021/02/09 16:24:07 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2021/02/09 16:24:07 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2021/02/09 16:24:07 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2021/02/09 16:24:07 | 000,293,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2021/02/09 16:24:05 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2021/02/09 16:23:58 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc)
SRV:64bit: - [2021/02/09 16:23:57 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\Percepti onSimulationService.exe -- (perceptionsimulation)
SRV:64bit: - [2021/02/09 16:23:56 | 001,295,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2021/02/09 16:23:56 | 000,329,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker)
SRV:64bit: - [2021/02/09 16:23:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\autotimesvc.dll -- (autotimesvc)
SRV:64bit: - [2021/02/09 16:23:39 | 001,265,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2021/02/09 16:23:36 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:64bit: - [2021/02/09 16:23:20 | 000,466,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2021/02/09 16:23:19 | 000,247,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2021/02/09 16:23:19 | 000,245,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2021/02/09 16:23:19 | 000,085,504 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:64bit: - [2021/02/09 16:23:18 | 000,179,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:64bit: - [2021/02/09 16:23:17 | 000,051,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2021/02/09 16:23:14 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc)
SRV:64bit: - [2021/02/09 16:23:10 | 000,391,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc)
SRV:64bit: - [2021/02/09 16:23:07 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2021/02/09 16:23:06 | 000,159,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2021/02/09 16:23:02 | 000,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication)
SRV:64bit: - [2021/02/09 16:23:00 | 000,238,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2021/02/09 16:22:59 | 001,253,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc)
SRV:64bit: - [2021/02/09 16:22:59 | 001,023,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService)
SRV:64bit: - [2021/02/09 16:22:59 | 000,500,736 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserServi ce.dll -- (BluetoothUserService)
SRV:64bit: - [2021/02/09 16:22:59 | 000,091,648 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2021/02/09 07:12:12 | 002,243,976 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ia storac.inf_amd64_9c788f1d162b1224\RstMwService.exe -- (RstMwService)
SRV:64bit: - [2021/02/09 07:11:58 | 001,916,808 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ia storac.inf_amd64_9c788f1d162b1224\HfcDisableServic e.exe -- (HfcDisableService)
SRV:64bit: - [2020/12/06 20:30:02 | 000,917,184 | ---- | M] (Waves Audio Ltd.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\wa vesapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc6 4.exe -- (WavesSysSvc)
SRV:64bit: - [2019/12/10 16:14:44 | 000,017,976 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2019/12/07 01:09:54 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2019/12/07 01:09:51 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2019/12/07 01:09:37 | 000,028,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2019/12/07 01:09:33 | 000,341,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc)
SRV:64bit: - [2019/12/07 01:09:33 | 000,066,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:64bit: - [2019/12/07 01:08:54 | 000,048,640 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2019/12/07 01:08:52 | 000,171,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2019/12/07 01:08:33 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2019/12/07 01:08:27 | 000,094,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2019/12/07 01:08:27 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc)
SRV:64bit: - [2019/12/07 01:08:22 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2019/12/07 01:08:05 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc)
SRV:64bit: - [2019/09/24 02:43:16 | 000,382,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Auto | Running] -- C:\Windows\SysNative\drivers\AdminService.exe -- (AtherosSvc)
SRV - [2022/12/16 12:35:22 | 000,247,200 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2022/12/13 16:06:05 | 000,190,112 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\deviceaccess.dll -- (DeviceAssociationBrokerSvc)
SRV - [2022/12/13 16:06:05 | 000,139,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate)
SRV - [2022/12/13 16:06:04 | 001,862,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService)
SRV - [2022/12/13 16:06:03 | 000,754,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc)
SRV - [2022/12/13 16:05:44 | 003,863,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfi g.dll -- (PrintNotify)
SRV - [2022/12/13 12:27:29 | 000,191,120 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avastm)
SRV - [2022/12/13 12:27:29 | 000,191,120 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avast)
SRV - [2022/12/12 16:18:08 | 001,722,136 | ---- | M] (Google LLC) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\ele vation_service.exe -- (GoogleChromeElevationService)
SRV - [2022/12/08 04:18:38 | 001,739,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.46\ele vation_service.exe -- (MicrosoftEdgeElevationService)
SRV - [2022/12/07 19:51:44 | 001,794,040 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19614.99\elevat ion_service.exe -- (AvastSecureBrowserElevationService)
SRV - [2022/11/18 00:27:58 | 000,047,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe -- (DellClientManagementService)
SRV - [2022/11/08 19:28:57 | 000,802,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dl l -- (DmEnrollmentSvc)
SRV - [2022/11/08 19:28:54 | 000,631,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2022/11/08 19:28:53 | 005,422,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2022/11/07 12:59:44 | 000,055,712 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe -- (Dell Digital Delivery Services)
SRV - [2022/08/09 23:42:32 | 000,372,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc)
SRV - [2022/08/09 23:42:26 | 000,352,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\AarSvc.dll -- (AarSvc)
SRV - [2022/07/14 18:26:21 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc)
SRV - [2022/07/14 18:25:48 | 001,234,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker)
SRV - [2021/10/12 12:39:15 | 000,033,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2021/09/15 10:02:28 | 000,785,240 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\icl sclient.inf_amd64_76523213b78d9046\lib\SocketHeciS erver.exe -- (Intel(R)
SRV - [2021/09/15 10:02:28 | 000,729,944 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\icl sclient.inf_amd64_76523213b78d9046\lib\TPMProvisio ningService.exe -- (Intel(R)
SRV - [2021/09/02 02:06:42 | 004,064,384 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\lms .inf_amd64_fddb643595e0b8d0\LMS.exe -- (LMS)
SRV - [2021/07/25 04:54:02 | 000,538,736 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\mew miprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationS ervice.exe -- (WMIRegistrationService)
SRV - [2021/06/18 05:35:16 | 000,087,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinSe rvice.exe -- (igccservice)
SRV - [2021/06/18 05:34:48 | 000,521,256 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_ffb22091d2be88a5\IntelCpHeciSvc.ex e -- (cphs)
SRV - [2021/06/18 05:34:46 | 000,365,112 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_ffb22091d2be88a5\IntelCpHDCPSvc.ex e -- (cplspcon)
SRV - [2021/06/18 05:34:18 | 000,398,888 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\cui _dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV - [2021/06/16 06:23:52 | 000,628,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\dal .inf_amd64_b5484efd38adbe8d\jhi_service.exe -- (jhi_service)
SRV - [2021/04/22 00:08:18 | 001,257,032 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_18c775e07a6aaafd\RtkAudUServ ice64.exe -- (RtkAudioUniversalService)
SRV - [2021/02/09 16:24:21 | 000,104,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\MixedRealityRuntime.dll -- (MixedRealityOpenXRSvc)
SRV - [2021/02/09 16:23:47 | 000,962,048 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2021/02/09 16:23:39 | 000,733,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\BTAGService.dll -- (BTAGService)
SRV - [2021/02/09 07:12:12 | 002,243,976 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\ias torac.inf_amd64_9c788f1d162b1224\RstMwService.exe -- (RstMwService)
SRV - [2021/02/09 07:11:58 | 001,916,808 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\ias torac.inf_amd64_9c788f1d162b1224\HfcDisableService .exe -- (HfcDisableService)
SRV - [2020/12/06 20:30:02 | 000,917,184 | ---- | M] (Waves Audio Ltd.) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64 .exe -- (WavesSysSvc)
SRV - [2020/09/23 12:09:38 | 000,021,216 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2020/05/21 03:10:32 | 000,224,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdatem)
SRV - [2020/05/21 03:10:32 | 000,224,160 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe -- (edgeupdate)
SRV - [2020/03/29 14:33:45 | 003,294,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe -- (WdNisSvc)
SRV - [2020/03/29 14:33:45 | 000,103,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========
Reply With Quote
  #3  
Old December 17th, 2022, 12:16 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
DRV:64bit: - [2022/12/13 16:06:09 | 000,096,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:64bit: - [2022/12/13 16:05:55 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:64bit: - [2022/12/13 16:05:46 | 000,967,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2022/12/13 16:05:44 | 000,642,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2022/12/13 16:05:44 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2022/12/13 16:05:44 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini)
DRV:64bit: - [2022/12/12 11:51:47 | 000,391,272 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdriver.sys -- (aswbidsdriver)
DRV:64bit: - [2022/12/12 11:51:32 | 000,695,496 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2022/12/12 11:51:32 | 000,318,456 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2022/12/12 11:51:32 | 000,297,832 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsh.sys -- (aswbidsh)
DRV:64bit: - [2022/12/12 11:51:32 | 000,267,888 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2022/12/12 11:51:32 | 000,212,632 | ---- | M] (AVAST Software) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2022/12/12 11:51:32 | 000,105,248 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2022/12/12 11:51:32 | 000,095,960 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniv.sys -- (aswbuniv)
DRV:64bit: - [2022/12/12 11:51:32 | 000,080,376 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2022/12/12 11:51:31 | 000,555,560 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswNetHub.sys -- (aswNetHub)
DRV:64bit: - [2022/12/12 11:51:31 | 000,039,648 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2022/12/12 11:51:27 | 000,852,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2022/12/12 11:51:27 | 000,229,208 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot)
DRV:64bit: - [2022/12/12 11:51:27 | 000,031,424 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswArDisk.sys -- (aswArDisk)
DRV:64bit: - [2022/11/08 19:29:03 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon)
DRV:64bit: - [2022/11/08 19:28:45 | 000,419,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2022/11/08 19:28:43 | 000,496,128 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt)
DRV:64bit: - [2022/11/08 19:28:43 | 000,235,360 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2022/11/08 19:28:42 | 002,008,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2022/11/08 19:28:38 | 000,145,760 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt)
DRV:64bit: - [2022/11/08 19:28:28 | 000,620,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2022/11/08 19:28:28 | 000,169,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2022/10/13 15:19:32 | 000,025,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswElam.sys -- (aswElam)
DRV:64bit: - [2022/10/11 11:45:54 | 000,032,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2022/10/11 11:45:27 | 000,209,248 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:64bit: - [2022/10/11 11:45:18 | 000,306,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2022/10/11 11:45:18 | 000,169,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2022/10/11 11:45:18 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2022/10/11 11:45:18 | 000,064,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2022/09/13 17:51:06 | 000,181,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2022/09/13 17:51:06 | 000,098,816 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\cimfs.sys -- (CimFS)
DRV:64bit: - [2022/09/13 17:51:00 | 000,095,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2022/09/13 17:50:59 | 000,687,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2022/09/13 17:50:59 | 000,142,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem)
DRV:64bit: - [2022/09/13 17:50:59 | 000,083,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2022/09/13 17:50:59 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ba sicdisplay.inf_amd64_fc93ae411c02f280\BasicDisplay .sys -- (BasicDisplay)
DRV:64bit: - [2022/09/13 17:50:59 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ba sicrender.inf_amd64_ed345fdc37d65139\BasicRender.s ys -- (BasicRender)
DRV:64bit: - [2022/08/09 23:42:25 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix)
DRV:64bit: - [2022/08/09 23:42:06 | 000,187,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2022/06/15 22:19:07 | 000,093,184 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:64bit: - [2022/06/15 22:18:56 | 000,252,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:64bit: - [2022/05/19 23:21:02 | 000,037,808 | ---- | M] (Dell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\DellInstrumentation.s ys -- (DellInstrumentation)
DRV:64bit: - [2022/04/14 21:40:23 | 000,210,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:64bit: - [2022/04/14 21:40:04 | 000,386,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx)
DRV:64bit: - [2022/03/08 23:35:39 | 000,261,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat)
DRV:64bit: - [2022/03/08 23:35:37 | 000,332,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2022/02/08 23:24:28 | 000,694,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Acx01000.sys -- (Acx01000)
DRV:64bit: - [2022/02/08 23:24:27 | 000,158,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:64bit: - [2022/01/12 12:26:46 | 000,990,536 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2021/11/09 23:41:09 | 000,324,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2021/11/08 01:52:26 | 000,309,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\he ci.inf_amd64_649c7923a043d3be\x64\TeeDriverW10x64. sys -- (MEIx64)
DRV:64bit: - [2021/10/12 12:38:50 | 000,160,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2021/10/12 12:38:39 | 000,418,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2021/10/12 12:38:39 | 000,104,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2021/09/16 22:21:35 | 000,648,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2021/09/09 21:31:20 | 000,043,400 | ---- | M] (Dell Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dddriver64Dcsa.sys -- (DDDriver)
DRV:64bit: - [2021/08/13 16:54:18 | 000,166,032 | ---- | M] (Rivet Networks, LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SmbCo10X64.sys -- (SmbCoSvc)
DRV:64bit: - [2021/08/10 22:05:10 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2021/07/15 12:15:57 | 000,057,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2021/06/29 04:43:52 | 000,159,864 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus2.sys -- (dg_ssudbus)
DRV:64bit: - [2021/06/18 05:35:40 | 000,350,792 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\in tcdaud.inf_amd64_f883a2d2516832ef\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2021/06/18 05:34:08 | 028,973,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ii gd_dch.inf_amd64_ffb22091d2be88a5\igdkmd64.sys -- (igfx)
DRV:64bit: - [2021/06/09 12:23:44 | 000,097,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2021/06/09 12:23:31 | 000,159,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2021/06/09 12:23:29 | 000,057,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:64bit: - [2021/05/11 18:06:19 | 000,095,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2021/04/14 03:26:30 | 000,292,352 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2021/04/14 03:26:09 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2021/02/09 16:23:35 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2021/02/09 16:23:27 | 000,322,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\msquic.sys -- (MsQuic)
DRV:64bit: - [2021/02/09 16:23:20 | 000,113,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101)
DRV:64bit: - [2021/02/09 16:23:20 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:64bit: - [2021/02/09 16:23:10 | 000,183,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2021/02/09 16:23:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2021/02/09 16:22:57 | 000,255,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2021/02/09 16:22:57 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.L egacy.LEEnumerator.sys -- (BthLEEnum)
DRV:64bit: - [2021/02/09 16:22:57 | 000,026,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\IntelTA.sys -- (Telemetry)
DRV:64bit: - [2021/02/09 07:12:04 | 000,073,072 | ---- | M] (Intel Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorAfs.sys -- (iaStorAfs)
DRV:64bit: - [2021/02/09 07:12:02 | 001,347,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorAC.sys -- (iaStorAC)
DRV:64bit: - [2020/11/11 02:54:38 | 000,167,280 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2020/03/29 14:33:45 | 000,391,392 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2020/03/29 14:33:45 | 000,059,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2020/03/29 14:33:45 | 000,045,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2019/12/07 01:52:38 | 000,032,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2019/12/07 01:52:37 | 000,090,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sy s -- (SpatialGraphFilter)
DRV:64bit: - [2019/12/07 01:09:48 | 000,072,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NDKPing.sys -- (NDKPing)
DRV:64bit: - [2019/12/07 01:09:34 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\spaceparser.sys -- (spaceparser)
DRV:64bit: - [2019/12/07 01:09:33 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2019/12/07 01:09:33 | 000,088,080 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent)
DRV:64bit: - [2019/12/07 01:09:05 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2019/12/07 01:09:05 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2019/12/07 01:08:49 | 000,347,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2019/12/07 01:08:49 | 000,033,592 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2019/12/07 01:08:41 | 000,078,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam)
DRV:64bit: - [2019/12/07 01:08:39 | 000,023,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sy s -- (WdmCompanionFilter)
DRV:64bit: - [2019/12/07 01:08:37 | 000,188,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:64bit: - [2019/12/07 01:08:37 | 000,092,984 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2019/12/07 01:08:37 | 000,087,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2019/12/07 01:08:37 | 000,076,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2019/12/07 01:08:37 | 000,076,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2019/12/07 01:08:37 | 000,040,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2019/12/07 01:08:36 | 000,173,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2019/12/07 01:08:36 | 000,086,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2019/12/07 01:08:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101)
DRV:64bit: - [2019/12/07 01:08:36 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\portcfg.sys -- (portcfg)
DRV:64bit: - [2019/12/07 01:08:16 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2019/12/07 01:08:09 | 000,259,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2019/12/07 01:08:09 | 000,139,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2019/12/07 01:08:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2019/12/07 01:08:09 | 000,059,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT)
DRV:64bit: - [2019/12/07 01:08:09 | 000,059,392 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2019/12/07 01:08:09 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2019/12/07 01:08:09 | 000,042,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk)
DRV:64bit: - [2019/12/07 01:08:05 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2019/12/07 01:07:57 | 000,059,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2019/12/07 01:07:57 | 000,041,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2019/12/07 01:07:57 | 000,035,128 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash)
DRV:64bit: - [2019/12/07 01:07:57 | 000,027,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2019/12/07 01:07:57 | 000,023,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2019/12/07 01:07:57 | 000,019,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:64bit: - [2019/12/07 01:07:57 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\vr d.inf_amd64_81fbd405ff2470fc\vrd.sys -- (VirtualRender)
DRV:64bit: - [2019/12/07 01:07:56 | 000,110,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\uf xchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.s ys -- (UfxChipidea)
DRV:64bit: - [2019/12/07 01:07:56 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi)
DRV:64bit: - [2019/12/07 01:07:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2019/12/07 01:07:56 | 000,056,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2019/12/07 01:07:56 | 000,055,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2019/12/07 01:07:56 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2019/12/07 01:07:56 | 000,041,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2019/12/07 01:07:56 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient)
DRV:64bit: - [2019/12/07 01:07:56 | 000,033,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2019/12/07 01:07:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ur schipidea.inf_amd64_78ad1c14e33df968\urschipidea.s ys -- (UrsChipidea)
DRV:64bit: - [2019/12/07 01:07:56 | 000,029,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ur ssynopsys.inf_amd64_057fa37902020500\urssynopsys.s ys -- (UrsSynopsys)
DRV:64bit: - [2019/12/07 01:07:56 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2019/12/07 01:07:56 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\ge nericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn .sys -- (genericusbfn)
DRV:64bit: - [2019/12/07 01:07:56 | 000,018,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy .sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2019/12/07 01:07:54 | 001,853,752 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:64bit: - [2019/12/07 01:07:54 | 001,131,320 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2019/12/07 01:07:54 | 000,884,752 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC)
DRV:64bit: - [2019/12/07 01:07:54 | 000,558,904 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2019/12/07 01:07:54 | 000,537,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost)
DRV:64bit: - [2019/12/07 01:07:54 | 000,319,800 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:64bit: - [2019/12/07 01:07:54 | 000,305,464 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2019/12/07 01:07:54 | 000,168,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm)
DRV:64bit: - [2019/12/07 01:07:54 | 000,146,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2019/12/07 01:07:54 | 000,073,016 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2019/12/07 01:07:54 | 000,064,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip)
DRV:64bit: - [2019/12/07 01:07:54 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2019/12/07 01:07:54 | 000,043,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt)
DRV:64bit: - [2019/12/07 01:07:54 | 000,036,152 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2019/12/07 01:07:54 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2019/12/07 01:07:54 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2019/12/07 01:07:53 | 001,135,416 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2019/12/07 01:07:53 | 000,259,384 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2019/12/07 01:07:53 | 000,209,720 | ---- | M] (Microsemi Corportation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\SmartSAMD.sys -- (SmartSAMD)
DRV:64bit: - [2019/12/07 01:07:53 | 000,172,344 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i)
DRV:64bit: - [2019/12/07 01:07:53 | 000,135,992 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2019/12/07 01:07:53 | 000,124,216 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2019/12/07 01:07:53 | 000,107,320 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2019/12/07 01:07:53 | 000,105,480 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i)
DRV:64bit: - [2019/12/07 01:07:53 | 000,083,256 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2019/12/07 01:07:53 | 000,082,744 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2019/12/07 01:07:53 | 000,081,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:64bit: - [2019/12/07 01:07:53 | 000,068,408 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2019/12/07 01:07:53 | 000,064,312 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2019/12/07 01:07:53 | 000,063,800 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2019/12/07 01:07:53 | 000,058,680 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2019/12/07 01:07:53 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\um bus.inf_amd64_b78a9c5b6fd62c27\umbus.sys -- (umbus)
DRV:64bit: - [2019/12/07 01:07:53 | 000,034,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\ue fi.inf_amd64_c1628ffa62c8e54c\uefi.sys -- (UEFI)
DRV:64bit: - [2019/12/07 01:07:53 | 000,031,032 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2019/12/07 01:07:53 | 000,026,936 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2019/12/07 01:07:53 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:64bit: - [2019/12/07 01:07:53 | 000,016,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:64bit: - [2019/12/07 01:07:50 | 003,418,936 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2019/12/07 01:07:50 | 000,533,816 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2019/12/07 01:07:50 | 000,260,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio2.sys -- (usbaudio2)
DRV:64bit: - [2019/12/07 01:07:50 | 000,124,728 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2019/12/07 01:07:50 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy)
DRV:64bit: - [2019/12/07 01:07:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2019/12/07 01:07:50 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\co mpositebus.inf_amd64_7500cffa210c6946\CompositeBus .sys -- (CompositeBus)
DRV:64bit: - [2019/12/07 01:07:50 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2019/12/07 01:07:50 | 000,035,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd)
DRV:64bit: - [2019/12/07 01:07:50 | 000,018,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\sw enum.inf_amd64_16a14542b63c02af\swenum.sys -- (swenum)
DRV:64bit: - [2019/12/07 01:07:50 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM)
DRV:64bit: - [2019/12/07 01:07:47 | 000,279,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthA2dp.sys -- (BthA2dp)
DRV:64bit: - [2019/12/07 01:07:47 | 000,177,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys -- (iaLPSS2i_I2C_GLK)
DRV:64bit: - [2019/12/07 01:07:47 | 000,177,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys -- (iaLPSS2i_I2C_CNL)
DRV:64bit: - [2019/12/07 01:07:47 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sy s -- (iaLPSS2i_I2C_BXT_P)
DRV:64bit: - [2019/12/07 01:07:47 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2019/12/07 01:07:47 | 000,144,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthHfEnum.sys -- (BthHFEnum)
DRV:64bit: - [2019/12/07 01:07:47 | 000,112,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sy s -- (iaLPSS2i_GPIO2_CNL)
DRV:64bit: - [2019/12/07 01:07:47 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sy s -- (iaLPSS2i_GPIO2_GLK)
DRV:64bit: - [2019/12/07 01:07:47 | 000,093,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P. sys -- (iaLPSS2i_GPIO2_BXT_P)
DRV:64bit: - [2019/12/07 01:07:47 | 000,091,136 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2019/12/07 01:07:47 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:64bit: - [2019/12/07 01:07:47 | 000,066,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD)
DRV:64bit: - [2019/12/07 01:07:47 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.A vrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport)
DRV:64bit: - [2019/12/07 01:07:47 | 000,045,568 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdi2c.sys -- (amdi2c)
DRV:64bit: - [2019/12/07 01:07:47 | 000,036,352 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:64bit: - [2019/12/07 01:07:47 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelpmax.sys -- (intelpmax)
DRV:64bit: - [2019/12/07 01:07:47 | 000,018,432 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdgpio2.sys -- (amdgpio2)
DRV:64bit: - [2019/12/07 01:07:47 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2019/09/24 18:15:28 | 004,322,552 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw10x.sys -- (athr)
DRV:64bit: - [2019/09/24 02:43:16 | 000,069,584 | ---- | M] (Qualcomm) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2019/08/04 23:08:06 | 000,443,296 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER)
DRV:64bit: - [2019/06/20 16:01:02 | 000,083,736 | ---- | M] (Screenovate Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HfAudio.sys -- (HfAudio)
DRV:64bit: - [2018/11/20 12:48:08 | 001,139,640 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:64bit: - [2012/10/26 08:42:20 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/10/26 08:42:20 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (lvrs64)
DRV - [2022/09/13 17:50:59 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\bas icdisplay.inf_amd64_fc93ae411c02f280\BasicDisplay. sys -- (BasicDisplay)
DRV - [2022/09/13 17:50:59 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\bas icrender.inf_amd64_ed345fdc37d65139\BasicRender.sy s -- (BasicRender)
DRV - [2022/08/09 23:42:32 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix)
DRV - [2021/11/08 01:52:26 | 000,309,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\hec i.inf_amd64_649c7923a043d3be\x64\TeeDriverW10x64.s ys -- (MEIx64)
DRV - [2021/06/18 05:35:40 | 000,350,792 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\int cdaud.inf_amd64_f883a2d2516832ef\IntcDAud.sys -- (IntcDAud)
DRV - [2021/06/18 05:34:08 | 028,973,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_ffb22091d2be88a5\igdkmd64.sys -- (igfx)
DRV - [2021/04/02 16:38:50 | 000,097,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1E45634E-296B-4DB8-88D6-89A18CF6A41D}\MpKslDrv.sys -- (MpKsl579e3981)
DRV - [2019/12/07 01:07:57 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd .inf_amd64_81fbd405ff2470fc\vrd.sys -- (VirtualRender)
DRV - [2019/12/07 01:07:56 | 000,110,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\ufx chipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sy s -- (UfxChipidea)
DRV - [2019/12/07 01:07:56 | 000,032,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\urs chipidea.inf_amd64_78ad1c14e33df968\urschipidea.sy s -- (UrsChipidea)
DRV - [2019/12/07 01:07:56 | 000,029,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\urs synopsys.inf_amd64_057fa37902020500\urssynopsys.sy s -- (UrsSynopsys)
DRV - [2019/12/07 01:07:56 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\gen ericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn. sys -- (genericusbfn)
DRV - [2019/12/07 01:07:53 | 000,058,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\umb us.inf_amd64_b78a9c5b6fd62c27\umbus.sys -- (umbus)
DRV - [2019/12/07 01:07:53 | 000,034,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\uef i.inf_amd64_c1628ffa62c8e54c\UEFI.sys -- (UEFI)
DRV - [2019/12/07 01:07:50 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\com positebus.inf_amd64_7500cffa210c6946\CompositeBus. sys -- (CompositeBus)
DRV - [2019/12/07 01:07:50 | 000,018,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swe num.inf_amd64_16a14542b63c02af\swenum.sys -- (swenum)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {8462FE5B-5585-400E-B337-9F25A97D5841}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{8462FE5B-5585-400E-B337-9F25A97D5841}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=D CTE
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {8462FE5B-5585-400E-B337-9F25A97D5841}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{8462FE5B-5585-400E-B337-9F25A97D5841}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=D CTE


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm

IE - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?pc=DCTE
IE - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=DCTE
IE - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 3A D3 C5 83 E4 18 D6 01 [binary data]
IE - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\..\SearchScopes,DefaultScope = {8462FE5B-5585-400E-B337-9F25A97D5841}
IE - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.region: "US"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@update.avastbrowser. com/Avast Browser;version=3: C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserU pdate3.dll (AVAST Software)
FF - HKLM\Software\MozillaPlugins\@update.avastbrowser. com/Avast Browser;version=9: C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserU pdate3.dll (AVAST Software)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 108.0.1\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 108.0.1\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 68.12.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 68.12.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 108.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 108.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2020/05/07 10:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Darrell\AppData\Roaming\Mozilla\Extension s
[2020/05/07 10:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Darrell\AppData\Roaming\Mozilla\SystemExt ensionsDev

========== Chrome ==========
Reply With Quote
  #4  
Old December 17th, 2022, 12:18 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajlepbcjmdlnkjpabnhilkiabk kdaefi\2020.3.31.13582_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjlbmijklipillfnjjlbfkmad kjkobg\2020.3.31.13428_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdckffepdejfpihncjhnpfbfgl mcgghg\2020.3.31.14530_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjbkfnkbnokbjcibcpedpmjpgo lfecna\2020.3.31.13558_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaofdgieipflamaebpmogdmdki nnfapd\2020.3.31.12589_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedifiifgkbakcajifkllgiaok gdhjii\2020.3.31.14078_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdgjliiagjohahoadgfobmjaf fplmae\2020.3.31.14966_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkccgbkjcaanbnpfkhanpicfga ljjmlh\2020.3.31.14256_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfenjomehfjkcbdmnnklglfnjg lbmajg\2020.3.31.13347_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfkldahdllnibegjeedngpeeof plldca\2020.3.31.13662_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhjiaodkgjbcibdhknclmdhkif eimecm\2020.4.22.63196_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjjdaiphoamkomhbhbndbjoihj jgmdan\2020.3.31.13387_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdcehclnojflnhjfnhgjbafopp jcpkaa\2020.3.31.14596_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmglnmgnjhbnbbcobgpofjfimo mgdpjj\2020.3.31.13807_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda\1.0.0.6_0\
CHR - Extension: No name found = C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pngfgnbnonglhnipcnclchidpo heboid\2020.3.31.12607_0\

O1 HOSTS File: ([2019/03/18 20:49:40 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.46\BHO \ie_to_edge_bho_64.dll (Microsoft Corporation)
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.46\BHO \ie_to_edge_bho.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\Avast Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [DellMobileConnectWelcome] C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConn ectWelcome.exe (Screenovate Technologies Ltd.)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtkAudUService] C:\WINDOWS\SysNative\DriverStore\FileRepository\re altekservice.inf_amd64_18c775e07a6aaafd\RtkAudUSer vice64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WavesSvc] C:\WINDOWS\SysNative\DriverStore\FileRepository\wa vesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.e xe (Waves Audio Ltd.)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003..\Run: [CCleaner Smart Cleaning] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
O4 - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003..\Run: [MicrosoftEdgeAutoLaunch_ECD4B92814E2592AB1B5E4FFE3 7D02EA] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3803857030-2765018022-3405165186-1003..\Run: [OneDrive] C:\Users\Darrell\AppData\Local\Microsoft\OneDrive\ OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: SupportUwpStartupTasks = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{92477ef5-8ebf-4470-9d3a-102da9b22dff}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2017/04/08 19:43:32 | 101,791,312 | ---- | M] (Autodesk, Inc.) - F:\Autodesk_Meshmixer_v3p1_Win64.exe -- [ FAT32 ]
O32 - AutoRun File - [2017/12/19 02:03:22 | 101,838,632 | ---- | M] (Autodesk, Inc. ) - F:\Autodesk_EAGLE_8.5.0_English_Win_64bit.exe -- [ FAT32 ]
O32 - AutoRun File - [2016/09/26 04:51:18 | 001,228,471 | ---- | M] () - F:\AutoCAD 2017 install components screenshots 9-26-16.odt -- [ FAT32 ]
O32 - AutoRun File - [2019/04/26 17:33:30 | 000,015,139 | ---- | M] () - F:\Autodesk 123D Design questions.odt -- [ FAT32 ]
O32 - AutoRun File - [2019/06/11 10:38:06 | 000,000,000 | ---D | M] - F:\AutoInsurance, Annuity -- [ FAT32 ]
O32 - AutoRun File - [2018/11/27 12:06:02 | 000,365,072 | ---- | M] () - F:\Automated ejectability analysis and parting surface_generation for mold tool design_1991_pp35.pdf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2022/12/17 02:26:43 | 008,551,608 | ---- | C] (Malwarebytes) -- C:\Users\Darrell\Desktop\AdwCleaner.exe
[2022/12/17 02:26:43 | 005,659,583 | ---- | C] (Swearware) -- C:\Users\Darrell\Desktop\ComboFix.exe
[2022/12/17 02:26:43 | 002,375,680 | ---- | C] (Farbar) -- C:\Users\Darrell\Desktop\FRST64.exe
[2022/12/17 02:26:43 | 002,078,720 | ---- | C] (Farbar) -- C:\Users\Darrell\Desktop\FRST.exe
[2022/12/17 02:26:43 | 001,802,704 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Darrell\Desktop\rkill.exe
[2022/12/17 02:26:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Darrell\Desktop\OTL.scr
[2022/12/17 02:26:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Darrell\Desktop\OTL.exe
[2022/12/17 02:26:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Darrell\Desktop\OTL.com
[2022/12/16 21:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2022/12/16 12:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2022/12/16 02:26:51 | 000,000,000 | ---D | C] -- C:\Users\Darrell\Desktop\Old Firefox Data
[2022/12/13 16:06:29 | 004,418,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2022/12/13 16:06:29 | 000,966,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFS.exe
[2022/12/13 16:06:29 | 000,669,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFSR.dll
[2022/12/13 16:06:29 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSE.dll
[2022/12/13 16:06:29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOVER.exe
[2022/12/13 16:06:29 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUTILITY.dll
[2022/12/13 16:06:29 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSERES.dll
[2022/12/13 16:06:28 | 005,006,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2022/12/13 16:06:27 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quickassist.exe
[2022/12/13 16:06:26 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quickassist.exe
[2022/12/13 16:06:22 | 000,961,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2022/12/13 16:06:20 | 002,341,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2022/12/13 16:06:20 | 002,255,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2022/12/13 16:06:20 | 001,015,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2022/12/13 16:06:19 | 003,560,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2022/12/13 16:06:19 | 001,302,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2022/12/13 16:06:19 | 001,136,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2022/12/13 16:06:19 | 000,539,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2022/12/13 16:06:18 | 024,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2022/12/13 16:06:18 | 018,767,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2022/12/13 16:06:18 | 002,454,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2022/12/13 16:06:17 | 004,799,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2022/12/13 16:06:17 | 002,524,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2022/12/13 16:06:17 | 002,522,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2022/12/13 16:06:17 | 001,957,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2022/12/13 16:06:17 | 001,537,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2022/12/13 16:06:17 | 001,353,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2022/12/13 16:06:17 | 001,345,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2022/12/13 16:06:17 | 000,944,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2022/12/13 16:06:17 | 000,531,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2022/12/13 16:06:17 | 000,408,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2022/12/13 16:06:16 | 005,820,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2022/12/13 16:06:15 | 019,866,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2022/12/13 16:06:15 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmsynth.dll
[2022/12/13 16:06:15 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmusic.dll
[2022/12/13 16:06:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmloader.dll
[2022/12/13 16:06:15 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dswave.dll
[2022/12/13 16:06:13 | 002,024,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2022/12/13 16:06:13 | 001,953,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe
[2022/12/13 16:06:13 | 001,763,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2022/12/13 16:06:13 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2022/12/13 16:06:13 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2022/12/13 16:06:13 | 000,387,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2022/12/13 16:06:13 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wslapi.dll
[2022/12/13 16:06:13 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2022/12/13 16:06:13 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsl.exe
[2022/12/13 16:06:13 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetppui.dll
[2022/12/13 16:06:13 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnpinst.exe
[2022/12/13 16:06:11 | 026,270,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2022/12/13 16:06:11 | 001,129,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2022/12/13 16:06:11 | 000,678,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computecore.dll
[2022/12/13 16:06:11 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosettings.dll
[2022/12/13 16:06:11 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmdevicehost.dll
[2022/12/13 16:06:11 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmusic.dll
[2022/12/13 16:06:11 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmsynth.dll
[2022/12/13 16:06:11 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmloader.dll
[2022/12/13 16:06:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dswave.dll
[2022/12/13 16:06:10 | 000,307,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2022/12/13 16:06:10 | 000,224,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2022/12/13 16:06:09 | 001,831,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2022/12/13 16:06:09 | 001,572,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2022/12/13 16:06:09 | 001,300,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2022/12/13 16:06:09 | 000,810,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2022/12/13 16:06:09 | 000,419,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2022/12/13 16:06:09 | 000,415,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2022/12/13 16:06:09 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2022/12/13 16:06:09 | 000,119,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2022/12/13 16:06:09 | 000,096,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2022/12/13 16:06:09 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.exe
[2022/12/13 16:06:09 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndadmin.exe
[2022/12/13 16:06:09 | 000,022,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2022/12/13 16:06:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll
[2022/12/13 16:06:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll
[2022/12/13 16:06:06 | 008,896,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayR eady.dll
[2022/12/13 16:06:06 | 002,636,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2022/12/13 16:06:06 | 001,009,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2022/12/13 16:06:06 | 000,908,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2022/12/13 16:06:06 | 000,897,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2022/12/13 16:06:06 | 000,706,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2022/12/13 16:06:06 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2022/12/13 16:06:06 | 000,533,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2022/12/13 16:06:06 | 000,483,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2022/12/13 16:06:06 | 000,411,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2022/12/13 16:06:06 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2022/12/13 16:06:06 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptui.dll
[2022/12/13 16:06:06 | 000,202,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2022/12/13 16:06:06 | 000,196,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\weretw.dll
[2022/12/13 16:06:06 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgcore.dll
[2022/12/13 16:06:06 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netjoin.dll
[2022/12/13 16:06:06 | 000,152,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2022/12/13 16:06:06 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneSettingsClient.dll
[2022/12/13 16:06:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2022/12/13 16:06:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2022/12/13 16:06:06 | 000,021,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerEnc.dll
[2022/12/13 16:06:05 | 003,927,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2022/12/13 16:06:05 | 002,753,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2022/12/13 16:06:05 | 001,083,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2022/12/13 16:06:05 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2022/12/13 16:06:05 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2022/12/13 16:06:05 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2022/12/13 16:06:05 | 000,319,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationDat a.dll
[2022/12/13 16:06:05 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppLockerCSP.dll
[2022/12/13 16:06:05 | 000,190,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2022/12/13 16:06:05 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2022/12/13 16:06:05 | 000,183,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.V2.dll
[2022/12/13 16:06:05 | 000,154,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2022/12/13 16:06:05 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tzautoupdate.dll
[2022/12/13 16:06:05 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srpapi.dll
[2022/12/13 16:06:05 | 000,093,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2022/12/13 16:06:05 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2022/12/13 16:06:05 | 000,060,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
[2022/12/13 16:06:05 | 000,059,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\virtdisk.dll
[2022/12/13 16:06:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2022/12/13 16:06:05 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCShellCommonProxyStub.dll
[2022/12/13 16:06:05 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appidtel.exe
[2022/12/13 16:06:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EnterpriseAppMgmtClient.dll
[2022/12/13 16:06:04 | 006,920,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2022/12/13 16:06:04 | 006,373,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2022/12/13 16:06:04 | 002,433,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2022/12/13 16:06:04 | 001,862,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2022/12/13 16:06:04 | 001,375,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdprt.dll
[2022/12/13 16:06:04 | 001,117,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2022/12/13 16:06:04 | 001,015,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2022/12/13 16:06:04 | 000,879,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2022/12/13 16:06:04 | 000,721,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.dll
[2022/12/13 16:06:04 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivit y.dll
[2022/12/13 16:06:04 | 000,294,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2022/12/13 16:06:04 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2022/12/13 16:06:04 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.HostName.dl l
[2022/12/13 16:06:04 | 000,062,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2022/12/13 16:06:04 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2022/12/13 16:06:04 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store .Preview.DOSettings.dll
[2022/12/13 16:06:03 | 014,770,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2022/12/13 16:06:03 | 004,749,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2022/12/13 16:06:03 | 004,514,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2022/12/13 16:06:03 | 001,332,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utiliti es.dll
[2022/12/13 16:06:03 | 000,943,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2022/12/13 16:06:03 | 000,754,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FlightSettings.dll
[2022/12/13 16:06:03 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Conve rsationalAgent.dll
[2022/12/13 16:06:03 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2022/12/13 16:06:03 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShellCommonCommonProxyStub.dll
[2022/12/13 16:06:03 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingDiagSpp.dll
[2022/12/13 16:06:03 | 000,336,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LsaIso.exe
[2022/12/13 16:06:03 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2022/12/13 16:06:03 | 000,070,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iumcrypt.dll
[2022/12/13 16:06:03 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxstrace.exe
[2022/12/13 16:06:02 | 006,191,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2022/12/13 16:06:02 | 003,966,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2022/12/13 16:06:02 | 002,242,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2022/12/13 16:06:02 | 001,772,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desk top.dll
[2022/12/13 16:06:02 | 001,214,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2022/12/13 16:06:02 | 001,005,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2022/12/13 16:06:02 | 000,783,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2022/12/13 16:06:02 | 000,773,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2022/12/13 16:06:02 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2022/12/13 16:06:02 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2022/12/13 16:06:02 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2022/12/13 16:06:02 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netjoin.dll
[2022/12/13 16:06:02 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2022/12/13 16:06:02 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2022/12/13 16:06:02 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.exe
[2022/12/13 16:06:02 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndadmin.exe
[2022/12/13 16:06:02 | 000,063,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sfc_os.dll
[2022/12/13 16:06:02 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll
[2022/12/13 16:06:02 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmproxy.dll
[2022/12/13 16:06:02 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmsprep.dll
[2022/12/13 16:06:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icsunattend.exe
[2022/12/13 16:06:01 | 003,922,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2022/12/13 16:06:01 | 002,465,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onec ore.dll
[2022/12/13 16:06:01 | 000,382,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2022/12/13 16:05:59 | 002,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationFramework.dll
[2022/12/13 16:05:59 | 001,289,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2022/12/13 16:05:59 | 001,092,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2022/12/13 16:05:59 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2022/12/13 16:05:58 | 002,380,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2022/12/13 16:05:58 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnostics.dll
[2022/12/13 16:05:58 | 001,874,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2022/12/13 16:05:58 | 001,752,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2022/12/13 16:05:58 | 000,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2022/12/13 16:05:58 | 000,791,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcsvc.dll
[2022/12/13 16:05:58 | 000,695,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxs.dll
[2022/12/13 16:05:58 | 000,648,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2022/12/13 16:05:58 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2022/12/13 16:05:58 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2022/12/13 16:05:58 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingDiagSpp.dll
[2022/12/13 16:05:58 | 000,363,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2022/12/13 16:05:58 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2022/12/13 16:05:58 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2022/12/13 16:05:58 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxssrv.dll
[2022/12/13 16:05:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxstrace.exe
[2022/12/13 16:05:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\declaredconfiguration.dll
[2022/12/13 16:05:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d8thk.dll
[2022/12/13 16:05:57 | 002,964,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2022/12/13 16:05:57 | 000,521,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2022/12/13 16:05:57 | 000,503,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2022/12/13 16:05:57 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2022/12/13 16:05:56 | 010,855,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2022/12/13 16:05:56 | 001,395,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2022/12/13 16:05:56 | 000,930,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2022/12/13 16:05:56 | 000,889,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
Reply With Quote
  #5  
Old December 17th, 2022, 12:20 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
[2022/12/13 16:05:56 | 000,570,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2022/12/13 16:05:56 | 000,489,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2022/12/13 16:05:56 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2022/12/13 16:05:56 | 000,420,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe
[2022/12/13 16:05:56 | 000,272,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2022/12/13 16:05:56 | 000,254,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\weretw.dll
[2022/12/13 16:05:56 | 000,229,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2022/12/13 16:05:56 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgcore.dll
[2022/12/13 16:05:56 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneSettingsClient.dll
[2022/12/13 16:05:56 | 000,172,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2022/12/13 16:05:56 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2022/12/13 16:05:56 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2022/12/13 16:05:56 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2022/12/13 16:05:56 | 000,025,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerEnc.dll
[2022/12/13 16:05:56 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmsgapi.dll
[2022/12/13 16:05:55 | 003,576,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2022/12/13 16:05:55 | 003,507,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2022/12/13 16:05:55 | 001,830,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2022/12/13 16:05:55 | 001,562,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2022/12/13 16:05:55 | 001,221,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2022/12/13 16:05:55 | 000,929,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2022/12/13 16:05:55 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notification s.dll
[2022/12/13 16:05:55 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppLockerCSP.dll
[2022/12/13 16:05:55 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll
[2022/12/13 16:05:55 | 000,193,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2022/12/13 16:05:55 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srpapi.dll
[2022/12/13 16:05:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidtel.exe
[2022/12/13 16:05:55 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\applockerfltr.sys
[2022/12/13 16:05:54 | 006,424,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2022/12/13 16:05:54 | 004,011,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminF lowUI.dll
[2022/12/13 16:05:54 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2022/12/13 16:05:54 | 001,414,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2022/12/13 16:05:54 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2022/12/13 16:05:54 | 000,966,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2022/12/13 16:05:54 | 000,717,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upshared.dll
[2022/12/13 16:05:54 | 000,692,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2022/12/13 16:05:54 | 000,646,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2022/12/13 16:05:54 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2022/12/13 16:05:54 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2022/12/13 16:05:54 | 000,570,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2022/12/13 16:05:54 | 000,522,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2022/12/13 16:05:54 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2022/12/13 16:05:54 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll
[2022/12/13 16:05:54 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2022/12/13 16:05:54 | 000,230,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe
[2022/12/13 16:05:54 | 000,221,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2022/12/13 16:05:54 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2022/12/13 16:05:54 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2022/12/13 16:05:54 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2022/12/13 16:05:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2022/12/13 16:05:54 | 000,082,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2022/12/13 16:05:54 | 000,072,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2022/12/13 16:05:54 | 000,069,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\virtdisk.dll
[2022/12/13 16:05:54 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2022/12/13 16:05:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCShellCommonProxyStub.dll
[2022/12/13 16:05:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtClient.dll
[2022/12/13 16:05:53 | 007,978,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2022/12/13 16:05:53 | 003,811,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2022/12/13 16:05:53 | 001,709,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2022/12/13 16:05:53 | 001,378,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2022/12/13 16:05:53 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.servic eprovider.dll
[2022/12/13 16:05:53 | 000,422,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2022/12/13 16:05:53 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2022/12/13 16:05:53 | 000,133,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2022/12/13 16:05:50 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2022/12/13 16:05:50 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2022/12/13 16:05:50 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2022/12/13 16:05:50 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapihost.exe
[2022/12/13 16:05:49 | 009,037,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2022/12/13 16:05:49 | 003,749,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2022/12/13 16:05:49 | 003,182,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2022/12/13 16:05:49 | 002,892,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2022/12/13 16:05:49 | 002,632,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2022/12/13 16:05:49 | 002,459,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2022/12/13 16:05:49 | 002,250,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2022/12/13 16:05:49 | 000,978,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2022/12/13 16:05:49 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2022/12/13 16:05:49 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2022/12/13 16:05:49 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2022/12/13 16:05:49 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Stor e.Preview.DOSettings.dll
[2022/12/13 16:05:48 | 008,233,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2022/12/13 16:05:48 | 001,503,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2022/12/13 16:05:48 | 001,191,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2022/12/13 16:05:48 | 001,119,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2022/12/13 16:05:48 | 001,104,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2022/12/13 16:05:48 | 000,902,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2022/12/13 16:05:48 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivi ty.dll
[2022/12/13 16:05:48 | 000,456,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2022/12/13 16:05:48 | 000,410,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationDa ta.dll
[2022/12/13 16:05:48 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licensingdiag.exe
[2022/12/13 16:05:48 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2022/12/13 16:05:48 | 000,242,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2022/12/13 16:05:48 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2022/12/13 16:05:48 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.HostName.d ll
[2022/12/13 16:05:48 | 000,187,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Clipc.dll
[2022/12/13 16:05:48 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2022/12/13 16:05:48 | 000,134,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oemlicense.dll
[2022/12/13 16:05:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2022/12/13 16:05:47 | 010,349,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.Play Ready.dll
[2022/12/13 16:05:47 | 002,389,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2022/12/13 16:05:47 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.3D. dll
[2022/12/13 16:05:47 | 002,009,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2022/12/13 16:05:47 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll
[2022/12/13 16:05:47 | 001,420,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2022/12/13 16:05:47 | 001,119,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2022/12/13 16:05:47 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll
[2022/12/13 16:05:47 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2022/12/13 16:05:47 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dl l
[2022/12/13 16:05:47 | 000,072,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2022/12/13 16:05:46 | 005,141,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2022/12/13 16:05:46 | 001,335,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2022/12/13 16:05:46 | 001,283,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2022/12/13 16:05:46 | 001,175,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2022/12/13 16:05:46 | 000,967,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2022/12/13 16:05:46 | 000,940,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2022/12/13 16:05:46 | 000,862,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pkeyhelper.dll
[2022/12/13 16:05:46 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.Schema.She ll.dll
[2022/12/13 16:05:46 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellCommonCommonProxyStub.dl l
[2022/12/13 16:05:46 | 000,726,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2022/12/13 16:05:46 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2022/12/13 16:05:46 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2022/12/13 16:05:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2022/12/13 16:05:46 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrinterCleanupTask.dll
[2022/12/13 16:05:46 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2022/12/13 16:05:46 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localui.dll
[2022/12/13 16:05:45 | 001,788,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilit ies.dll
[2022/12/13 16:05:45 | 001,580,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2022/12/13 16:05:45 | 001,568,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2022/12/13 16:05:45 | 001,543,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TaskFlowDataEngine.dll
[2022/12/13 16:05:45 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dl l
[2022/12/13 16:05:45 | 000,781,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Conv ersationalAgent.dll
[2022/12/13 16:05:45 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2022/12/13 16:05:45 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.ModernDepl oyment.ConfigProviders.dll
[2022/12/13 16:05:45 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppListBackupLauncher.dll
[2022/12/13 16:05:45 | 000,084,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsManagementServiceWinRt .ProxyStub.dll
[2022/12/13 16:05:45 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Enrollment StatusTracking.ConfigProvider.dll
[2022/12/13 16:05:45 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilotdiag.dll
[2022/12/13 16:05:44 | 000,642,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Vid.sys
[2022/12/13 16:05:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2022/12/13 16:05:43 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2022/12/13 16:00:44 | 000,000,000 | -H-D | C] -- C:\$WinREAgent
[2022/12/13 16:00:35 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2022/12/13 16:00:35 | 000,392,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2022/12/12 11:51:39 | 000,273,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2022/12/12 11:51:39 | 000,212,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2022/12/04 13:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DummyDir
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2022/12/17 02:41:45 | 000,797,554 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2022/12/17 02:41:45 | 000,676,248 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2022/12/17 02:41:45 | 000,125,954 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2022/12/17 02:39:19 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2022/12/17 02:37:17 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2022/12/17 02:37:16 | 781,803,519 | -HS- | M] () -- C:\hiberfil.sys
[2022/12/17 02:32:44 | 000,000,760 | ---- | M] () -- C:\WINDOWS\tasks\CCleanerCrashReporting.job
[2022/12/16 23:53:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Darrell\Desktop\OTL.scr
[2022/12/16 23:51:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Darrell\Desktop\OTL.com
[2022/12/16 23:40:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Darrell\Desktop\OTL.exe
[2022/12/16 23:38:38 | 005,659,583 | ---- | M] (Swearware) -- C:\Users\Darrell\Desktop\ComboFix.exe
[2022/12/16 23:38:08 | 002,078,720 | ---- | M] (Farbar) -- C:\Users\Darrell\Desktop\FRST.exe
[2022/12/16 23:37:18 | 002,375,680 | ---- | M] (Farbar) -- C:\Users\Darrell\Desktop\FRST64.exe
[2022/12/16 23:36:44 | 008,551,608 | ---- | M] (Malwarebytes) -- C:\Users\Darrell\Desktop\AdwCleaner.exe
[2022/12/16 23:33:20 | 001,802,704 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Darrell\Desktop\rkill.exe
[2022/12/16 20:47:59 | 000,005,780 | ---- | M] () -- C:\Users\Darrell\cc_20221216_204755.reg
[2022/12/16 02:04:02 | 000,015,854 | ---- | M] () -- C:\Users\Darrell\Desktop\MJK Omeprazole ordered AGAIN said sent to Doctor AGAIN222.odt
[2022/12/14 00:14:06 | 000,495,136 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2022/12/13 16:06:29 | 004,418,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2022/12/13 16:06:29 | 000,966,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFS.exe
[2022/12/13 16:06:29 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WFSR.dll
[2022/12/13 16:06:29 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSE.dll
[2022/12/13 16:06:29 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOVER.exe
[2022/12/13 16:06:29 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSUTILITY.dll
[2022/12/13 16:06:29 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMPOSERES.dll
[2022/12/13 16:06:28 | 005,006,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2022/12/13 16:06:27 | 000,768,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\quickassist.exe
[2022/12/13 16:06:26 | 000,958,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\quickassist.exe
[2022/12/13 16:06:22 | 000,961,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2022/12/13 16:06:20 | 002,341,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2022/12/13 16:06:20 | 002,255,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2022/12/13 16:06:20 | 001,015,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2022/12/13 16:06:19 | 024,272,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2022/12/13 16:06:19 | 003,560,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2022/12/13 16:06:19 | 001,302,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2022/12/13 16:06:19 | 001,136,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2022/12/13 16:06:19 | 000,539,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2022/12/13 16:06:18 | 018,767,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2022/12/13 16:06:18 | 002,524,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2022/12/13 16:06:18 | 002,454,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2022/12/13 16:06:17 | 004,799,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2022/12/13 16:06:17 | 002,522,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2022/12/13 16:06:17 | 001,957,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2022/12/13 16:06:17 | 001,537,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2022/12/13 16:06:17 | 001,353,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2022/12/13 16:06:17 | 001,345,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2022/12/13 16:06:17 | 000,944,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSMPEG2ENC.DLL
[2022/12/13 16:06:17 | 000,531,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2022/12/13 16:06:17 | 000,408,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2022/12/13 16:06:16 | 005,820,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2022/12/13 16:06:15 | 019,866,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2022/12/13 16:06:15 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmsynth.dll
[2022/12/13 16:06:15 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmusic.dll
[2022/12/13 16:06:15 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmloader.dll
[2022/12/13 16:06:15 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dswave.dll
[2022/12/13 16:06:13 | 002,024,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2022/12/13 16:06:13 | 001,953,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe
[2022/12/13 16:06:13 | 001,763,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2022/12/13 16:06:13 | 000,520,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2022/12/13 16:06:13 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2022/12/13 16:06:13 | 000,387,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SIHClient.exe
[2022/12/13 16:06:13 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wslapi.dll
[2022/12/13 16:06:13 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2022/12/13 16:06:13 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsl.exe
[2022/12/13 16:06:13 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetppui.dll
[2022/12/13 16:06:13 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnpinst.exe
[2022/12/13 16:06:12 | 026,270,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2022/12/13 16:06:11 | 001,129,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipUp.exe
[2022/12/13 16:06:11 | 000,678,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computecore.dll
[2022/12/13 16:06:11 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosettings.dll
[2022/12/13 16:06:11 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmdevicehost.dll
[2022/12/13 16:06:11 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmusic.dll
[2022/12/13 16:06:11 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmsynth.dll
[2022/12/13 16:06:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmloader.dll
[2022/12/13 16:06:11 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dswave.dll
[2022/12/13 16:06:10 | 000,810,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2022/12/13 16:06:10 | 000,307,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2022/12/13 16:06:10 | 000,224,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2022/12/13 16:06:10 | 000,012,367 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2022/12/13 16:06:09 | 001,831,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2022/12/13 16:06:09 | 001,572,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2022/12/13 16:06:09 | 001,300,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2022/12/13 16:06:09 | 000,419,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2022/12/13 16:06:09 | 000,415,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2022/12/13 16:06:09 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2022/12/13 16:06:09 | 000,119,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2022/12/13 16:06:09 | 000,096,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2022/12/13 16:06:09 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.exe
[2022/12/13 16:06:09 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndadmin.exe
[2022/12/13 16:06:09 | 000,022,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2022/12/13 16:06:09 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll
[2022/12/13 16:06:09 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll
[2022/12/13 16:06:06 | 008,896,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayR eady.dll
[2022/12/13 16:06:06 | 002,636,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2022/12/13 16:06:06 | 001,009,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2022/12/13 16:06:06 | 000,908,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2022/12/13 16:06:06 | 000,897,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2022/12/13 16:06:06 | 000,706,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2022/12/13 16:06:06 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2022/12/13 16:06:06 | 000,533,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2022/12/13 16:06:06 | 000,483,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2022/12/13 16:06:06 | 000,411,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2022/12/13 16:06:06 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2022/12/13 16:06:06 | 000,236,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptui.dll
[2022/12/13 16:06:06 | 000,202,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2022/12/13 16:06:06 | 000,196,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\weretw.dll
[2022/12/13 16:06:06 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgcore.dll
[2022/12/13 16:06:06 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netjoin.dll
[2022/12/13 16:06:06 | 000,152,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFaultSecure.exe
[2022/12/13 16:06:06 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneSettingsClient.dll
[2022/12/13 16:06:06 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2022/12/13 16:06:06 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2022/12/13 16:06:06 | 000,021,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerEnc.dll
[2022/12/13 16:06:05 | 006,373,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2022/12/13 16:06:05 | 003,927,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OneCoreUAPCommonProxyStub.dll
[2022/12/13 16:06:05 | 002,753,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2022/12/13 16:06:05 | 001,083,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2022/12/13 16:06:05 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2022/12/13 16:06:05 | 000,508,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2022/12/13 16:06:05 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2022/12/13 16:06:05 | 000,319,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationDat a.dll
[2022/12/13 16:06:05 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppLockerCSP.dll
[2022/12/13 16:06:05 | 000,190,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2022/12/13 16:06:05 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2022/12/13 16:06:05 | 000,183,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.V2.dll
[2022/12/13 16:06:05 | 000,154,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2022/12/13 16:06:05 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tzautoupdate.dll
[2022/12/13 16:06:05 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srpapi.dll
[2022/12/13 16:06:05 | 000,093,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2022/12/13 16:06:05 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usoapi.dll
[2022/12/13 16:06:05 | 000,060,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
[2022/12/13 16:06:05 | 000,059,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\virtdisk.dll
[2022/12/13 16:06:05 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2022/12/13 16:06:05 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCShellCommonProxyStub.dll
[2022/12/13 16:06:05 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appidtel.exe
[2022/12/13 16:06:05 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EnterpriseAppMgmtClient.dll
[2022/12/13 16:06:04 | 014,770,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2022/12/13 16:06:04 | 006,920,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2022/12/13 16:06:04 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
Reply With Quote
  #6  
Old December 17th, 2022, 12:21 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
[2022/12/13 16:06:04 | 001,862,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallService.dll
[2022/12/13 16:06:04 | 001,375,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdprt.dll
[2022/12/13 16:06:04 | 001,117,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2022/12/13 16:06:04 | 001,015,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2022/12/13 16:06:04 | 000,879,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2022/12/13 16:06:04 | 000,721,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.dll
[2022/12/13 16:06:04 | 000,565,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivit y.dll
[2022/12/13 16:06:04 | 000,294,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2022/12/13 16:06:04 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallServiceTasks.dll
[2022/12/13 16:06:04 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.HostName.dl l
[2022/12/13 16:06:04 | 000,062,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2022/12/13 16:06:04 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OnDemandConnRouteHelper.dll
[2022/12/13 16:06:04 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store .Preview.DOSettings.dll
[2022/12/13 16:06:03 | 004,749,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2022/12/13 16:06:03 | 004,514,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2022/12/13 16:06:03 | 001,332,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utiliti es.dll
[2022/12/13 16:06:03 | 000,943,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2022/12/13 16:06:03 | 000,754,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FlightSettings.dll
[2022/12/13 16:06:03 | 000,615,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Conve rsationalAgent.dll
[2022/12/13 16:06:03 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2022/12/13 16:06:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShellCommonCommonProxyStub.dll
[2022/12/13 16:06:03 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicensingDiagSpp.dll
[2022/12/13 16:06:03 | 000,336,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LsaIso.exe
[2022/12/13 16:06:03 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2022/12/13 16:06:03 | 000,070,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iumcrypt.dll
[2022/12/13 16:06:03 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sxstrace.exe
[2022/12/13 16:06:02 | 006,191,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2022/12/13 16:06:02 | 003,966,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2022/12/13 16:06:02 | 002,465,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onec ore.dll
[2022/12/13 16:06:02 | 002,242,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windowsudk.shellcommon.dll
[2022/12/13 16:06:02 | 001,772,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desk top.dll
[2022/12/13 16:06:02 | 001,214,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2022/12/13 16:06:02 | 001,005,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2022/12/13 16:06:02 | 000,783,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2022/12/13 16:06:02 | 000,773,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2022/12/13 16:06:02 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2022/12/13 16:06:02 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2022/12/13 16:06:02 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2022/12/13 16:06:02 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netjoin.dll
[2022/12/13 16:06:02 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2022/12/13 16:06:02 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2022/12/13 16:06:02 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.exe
[2022/12/13 16:06:02 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndadmin.exe
[2022/12/13 16:06:02 | 000,063,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sfc_os.dll
[2022/12/13 16:06:02 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll
[2022/12/13 16:06:02 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmproxy.dll
[2022/12/13 16:06:02 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlmsprep.dll
[2022/12/13 16:06:02 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icsunattend.exe
[2022/12/13 16:06:01 | 003,922,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2022/12/13 16:06:01 | 000,382,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2022/12/13 16:05:59 | 002,028,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationFramework.dll
[2022/12/13 16:05:59 | 001,874,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2022/12/13 16:05:59 | 001,289,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2022/12/13 16:05:59 | 001,092,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2022/12/13 16:05:59 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2022/12/13 16:05:58 | 002,380,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2022/12/13 16:05:58 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MdmDiagnostics.dll
[2022/12/13 16:05:58 | 001,752,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2022/12/13 16:05:58 | 000,858,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2022/12/13 16:05:58 | 000,791,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcsvc.dll
[2022/12/13 16:05:58 | 000,695,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxs.dll
[2022/12/13 16:05:58 | 000,648,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2022/12/13 16:05:58 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2022/12/13 16:05:58 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2022/12/13 16:05:58 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicensingDiagSpp.dll
[2022/12/13 16:05:58 | 000,363,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2022/12/13 16:05:58 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2022/12/13 16:05:58 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2022/12/13 16:05:58 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxssrv.dll
[2022/12/13 16:05:58 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sxstrace.exe
[2022/12/13 16:05:58 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\declaredconfiguration.dll
[2022/12/13 16:05:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d8thk.dll
[2022/12/13 16:05:57 | 010,855,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2022/12/13 16:05:57 | 002,964,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2022/12/13 16:05:57 | 000,521,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2022/12/13 16:05:57 | 000,503,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2022/12/13 16:05:57 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2022/12/13 16:05:56 | 003,507,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2022/12/13 16:05:56 | 001,395,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2022/12/13 16:05:56 | 000,930,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2022/12/13 16:05:56 | 000,889,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2022/12/13 16:05:56 | 000,570,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2022/12/13 16:05:56 | 000,489,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2022/12/13 16:05:56 | 000,437,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2022/12/13 16:05:56 | 000,420,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe
[2022/12/13 16:05:56 | 000,272,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2022/12/13 16:05:56 | 000,254,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\weretw.dll
[2022/12/13 16:05:56 | 000,229,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2022/12/13 16:05:56 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgcore.dll
[2022/12/13 16:05:56 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneSettingsClient.dll
[2022/12/13 16:05:56 | 000,172,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFaultSecure.exe
[2022/12/13 16:05:56 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2022/12/13 16:05:56 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\basesrv.dll
[2022/12/13 16:05:56 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2022/12/13 16:05:56 | 000,025,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerEnc.dll
[2022/12/13 16:05:56 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmsgapi.dll
[2022/12/13 16:05:55 | 006,424,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2022/12/13 16:05:55 | 003,576,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2022/12/13 16:05:55 | 001,830,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2022/12/13 16:05:55 | 001,562,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2022/12/13 16:05:55 | 001,221,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll
[2022/12/13 16:05:55 | 000,929,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2022/12/13 16:05:55 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Notification s.dll
[2022/12/13 16:05:55 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppLockerCSP.dll
[2022/12/13 16:05:55 | 000,379,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll
[2022/12/13 16:05:55 | 000,193,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2022/12/13 16:05:55 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srpapi.dll
[2022/12/13 16:05:55 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidtel.exe
[2022/12/13 16:05:55 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\applockerfltr.sys
[2022/12/13 16:05:54 | 004,011,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminF lowUI.dll
[2022/12/13 16:05:54 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2022/12/13 16:05:54 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2022/12/13 16:05:54 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll
[2022/12/13 16:05:54 | 000,966,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2022/12/13 16:05:54 | 000,717,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\upshared.dll
[2022/12/13 16:05:54 | 000,692,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2022/12/13 16:05:54 | 000,646,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe
[2022/12/13 16:05:54 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe
[2022/12/13 16:05:54 | 000,622,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2022/12/13 16:05:54 | 000,570,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2022/12/13 16:05:54 | 000,522,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2022/12/13 16:05:54 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2022/12/13 16:05:54 | 000,336,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll
[2022/12/13 16:05:54 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll
[2022/12/13 16:05:54 | 000,230,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\convertvhd.exe
[2022/12/13 16:05:54 | 000,221,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.V2.dll
[2022/12/13 16:05:54 | 000,169,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll
[2022/12/13 16:05:54 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usoapi.dll
[2022/12/13 16:05:54 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2022/12/13 16:05:54 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2022/12/13 16:05:54 | 000,082,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2022/12/13 16:05:54 | 000,072,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsNativeApi.dll
[2022/12/13 16:05:54 | 000,069,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\virtdisk.dll
[2022/12/13 16:05:54 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2022/12/13 16:05:54 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCShellCommonProxyStub.dll
[2022/12/13 16:05:54 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtClient.dll
[2022/12/13 16:05:53 | 007,978,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2022/12/13 16:05:53 | 003,811,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2022/12/13 16:05:53 | 001,709,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2022/12/13 16:05:53 | 001,378,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2022/12/13 16:05:53 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.immersiveshell.servic eprovider.dll
[2022/12/13 16:05:53 | 000,422,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2022/12/13 16:05:53 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2022/12/13 16:05:53 | 000,133,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2022/12/13 16:05:50 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2022/12/13 16:05:50 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2022/12/13 16:05:50 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2022/12/13 16:05:50 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapihost.exe
[2022/12/13 16:05:49 | 009,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2022/12/13 16:05:49 | 003,749,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2022/12/13 16:05:49 | 003,182,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2022/12/13 16:05:49 | 002,892,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2022/12/13 16:05:49 | 002,632,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2022/12/13 16:05:49 | 002,459,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallService.dll
[2022/12/13 16:05:49 | 002,250,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2022/12/13 16:05:49 | 001,503,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2022/12/13 16:05:49 | 000,978,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2022/12/13 16:05:49 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2022/12/13 16:05:49 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2022/12/13 16:05:49 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallServiceTasks.dll
[2022/12/13 16:05:49 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Stor e.Preview.DOSettings.dll
[2022/12/13 16:05:48 | 008,233,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneCoreUAPCommonProxyStub.dll
[2022/12/13 16:05:48 | 001,191,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2022/12/13 16:05:48 | 001,119,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ClipSVC.dll
[2022/12/13 16:05:48 | 001,104,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2022/12/13 16:05:48 | 000,902,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2022/12/13 16:05:48 | 000,737,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivi ty.dll
[2022/12/13 16:05:48 | 000,456,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2022/12/13 16:05:48 | 000,410,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationDa ta.dll
[2022/12/13 16:05:48 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licensingdiag.exe
[2022/12/13 16:05:48 | 000,267,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2022/12/13 16:05:48 | 000,242,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2022/12/13 16:05:48 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2022/12/13 16:05:48 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.HostName.d ll
[2022/12/13 16:05:48 | 000,187,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Clipc.dll
[2022/12/13 16:05:48 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tzautoupdate.dll
[2022/12/13 16:05:48 | 000,134,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oemlicense.dll
[2022/12/13 16:05:48 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OnDemandConnRouteHelper.dll
[2022/12/13 16:05:47 | 010,349,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.Play Ready.dll
[2022/12/13 16:05:47 | 002,389,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2022/12/13 16:05:47 | 002,308,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.3D. dll
[2022/12/13 16:05:47 | 002,009,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.dll
[2022/12/13 16:05:47 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdprt.dll
[2022/12/13 16:05:47 | 001,420,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2022/12/13 16:05:47 | 001,119,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2022/12/13 16:05:47 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll
[2022/12/13 16:05:47 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreenps.dll
[2022/12/13 16:05:47 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dl l
[2022/12/13 16:05:47 | 000,072,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2022/12/13 16:05:46 | 005,141,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2022/12/13 16:05:46 | 001,788,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilit ies.dll
[2022/12/13 16:05:46 | 001,335,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2022/12/13 16:05:46 | 001,283,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2022/12/13 16:05:46 | 001,175,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2022/12/13 16:05:46 | 000,967,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2022/12/13 16:05:46 | 000,940,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2022/12/13 16:05:46 | 000,862,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pkeyhelper.dll
[2022/12/13 16:05:46 | 000,838,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.CloudStore.Schema.She ll.dll
[2022/12/13 16:05:46 | 000,832,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShellCommonCommonProxyStub.dl l
[2022/12/13 16:05:46 | 000,726,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2022/12/13 16:05:46 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2022/12/13 16:05:46 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2022/12/13 16:05:46 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2022/12/13 16:05:46 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrinterCleanupTask.dll
[2022/12/13 16:05:46 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2022/12/13 16:05:46 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localui.dll
[2022/12/13 16:05:45 | 001,580,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpeechPal.dll
[2022/12/13 16:05:45 | 001,568,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2022/12/13 16:05:45 | 001,543,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TaskFlowDataEngine.dll
[2022/12/13 16:05:45 | 000,852,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dl l
[2022/12/13 16:05:45 | 000,781,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Conv ersationalAgent.dll
[2022/12/13 16:05:45 | 000,297,472 | ---- | M] () -- C:\WINDOWS\SysNative\Windows.Management.InprocObje cts.dll
[2022/12/13 16:05:45 | 000,203,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2022/12/13 16:05:45 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.ModernDepl oyment.ConfigProviders.dll
[2022/12/13 16:05:45 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppListBackupLauncher.dll
[2022/12/13 16:05:45 | 000,084,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsManagementServiceWinRt .ProxyStub.dll
[2022/12/13 16:05:45 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Enrollment StatusTracking.ConfigProvider.dll
[2022/12/13 16:05:45 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilotdiag.dll
[2022/12/13 16:05:44 | 003,014,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2022/12/13 16:05:44 | 000,642,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Vid.sys
[2022/12/13 16:05:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xinputhid.sys
[2022/12/13 16:05:44 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2022/12/12 11:51:47 | 000,391,272 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsdriver.sys
[2022/12/12 11:51:32 | 000,695,496 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2022/12/12 11:51:32 | 000,318,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2022/12/12 11:51:32 | 000,297,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbidsh.sys
[2022/12/12 11:51:32 | 000,267,888 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2022/12/12 11:51:32 | 000,212,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswStm.sys
[2022/12/12 11:51:32 | 000,105,248 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2022/12/12 11:51:32 | 000,095,960 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswbuniv.sys
[2022/12/12 11:51:32 | 000,080,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2022/12/12 11:51:31 | 000,555,560 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswNetHub.sys
[2022/12/12 11:51:31 | 000,039,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswKbd.sys
[2022/12/12 11:51:30 | 000,273,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2022/12/12 11:51:27 | 000,852,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2022/12/12 11:51:27 | 000,229,208 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswArPot.sys
[2022/12/12 11:51:27 | 000,031,424 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswArDisk.sys
[2022/12/09 21:26:50 | 000,023,687 | ---- | M] () -- C:\Users\Darrell\Desktop\Expenses.odt
[2022/11/30 19:05:04 | 000,019,095 | ---- | M] () -- C:\Users\Darrell\Desktop\2022 Donations excluding Epiphany Lutheran Church.odt
[2022/11/30 19:04:25 | 000,019,095 | ---- | M] () -- C:\Users\Darrell\Desktop\Tony.odt
[2022/11/29 23:16:48 | 000,027,349 | ---- | M] () -- C:\Users\Darrell\Documents\Diet%209-2022.odt_0.odt
[2022/11/29 17:08:53 | 000,019,703 | ---- | M] () -- C:\Users\Darrell\Documents\Earl Kemper.odt
[2022/11/28 23:14:48 | 000,196,834 | ---- | M] () -- C:\Users\Darrell\Documents\538 NFL standing 11-28-22.odt
[2022/11/27 09:36:54 | 000,188,224 | ---- | M] () -- C:\Users\Darrell\Documents\538NFLstanding11-26-22.odt
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2022/12/16 20:47:57 | 000,005,780 | ---- | C] () -- C:\Users\Darrell\cc_20221216_204755.reg
[2022/12/13 16:06:10 | 000,012,367 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2022/12/13 16:05:45 | 000,297,472 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Management.InprocObje cts.dll
[2022/11/30 19:05:03 | 000,019,095 | ---- | C] () -- C:\Users\Darrell\Desktop\2022 Donations excluding Epiphany Lutheran Church.odt
[2022/11/30 13:45:17 | 000,027,349 | ---- | C] () -- C:\Users\Darrell\Documents\Diet%209-2022.odt_0.odt
[2022/11/29 16:56:44 | 000,019,703 | ---- | C] () -- C:\Users\Darrell\Documents\Earl Kemper.odt
[2022/11/28 23:14:06 | 000,196,834 | ---- | C] () -- C:\Users\Darrell\Documents\538 NFL standing 11-28-22.odt
[2022/11/27 09:36:52 | 000,188,224 | ---- | C] () -- C:\Users\Darrell\Documents\538NFLstanding11-26-22.odt
[2022/11/12 19:42:08 | 000,005,536 | ---- | C] () -- C:\Users\Darrell\cc_20221112_194205.reg
[2022/10/25 17:39:40 | 000,012,472 | ---- | C] () -- C:\Users\Darrell\cc_20221025_183937.reg
[2022/10/11 11:45:43 | 001,333,760 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2022/08/29 16:22:04 | 000,006,614 | ---- | C] () -- C:\Users\Darrell\cc_20220829_172202.reg
[2022/07/28 19:37:10 | 000,055,688 | ---- | C] () -- C:\Users\Darrell\cc_20220728_203707.reg
[2022/07/14 18:26:05 | 000,018,944 | ---- | C] () -- C:\WINDOWS\SysWow64\WsdProviderUtil.dll
[2022/03/08 23:36:05 | 000,223,744 | ---- | C] () -- C:\WINDOWS\SysWow64\TpmTool.exe
[2021/10/12 12:39:04 | 000,611,960 | ---- | C] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2021/09/21 09:17:52 | 001,440,304 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-999-0-0-0.exe
[2021/09/21 09:17:52 | 001,440,304 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2021/09/21 09:17:52 | 000,956,432 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-999-0-0-0.dll
[2021/09/21 09:17:52 | 000,956,432 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2021/06/09 12:23:59 | 000,468,440 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowManagementAPI.dll
[2021/02/09 16:28:07 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2021/02/09 16:24:09 | 000,053,760 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2021/02/09 16:23:48 | 000,047,472 | ---- | C] () -- C:\WINDOWS\SysWow64\umpdc.dll
[2021/02/09 16:23:45 | 000,235,520 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2021/02/09 16:23:42 | 000,266,240 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.Wind owTabManager.dll
[2021/02/09 16:23:40 | 000,330,752 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2021/02/09 16:23:40 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll
[2021/02/09 16:23:40 | 000,010,752 | ---- | C] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter. exe
[2020/12/30 15:48:52 | 000,000,769 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32. bc
[2020/04/06 17:52:06 | 000,000,010 | ---- | C] () -- C:\Users\Darrell\AppData\Local\sponge.last.runtime .cache

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc8 7-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2022/12/13 16:05:53 | 007,978,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2022/12/13 16:06:05 | 006,373,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA 9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2021/02/09 16:23:02 | 001,075,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2021/02/09 16:23:42 | 000,804,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CD B-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2019/12/07 01:08:19 | 000,514,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
Reply With Quote
  #7  
Old December 17th, 2022, 12:40 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
OTL Extras logfile created on: 12/17/2022 2:38:33 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Darrell\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.82 Gb Total Physical Memory | 8.97 Gb Available Physical Memory | 75.85% Memory free
13.63 Gb Paging File | 10.95 Gb Available in Paging File | 80.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102.83 Gb Total Space | 12.36 Gb Free Space | 12.02% Space Free | Partition Type: NTFS
Drive D: | 931.39 Gb Total Space | 930.09 Gb Free Space | 99.86% Space Free | Partition Type: NTFS
Drive F: | 232.44 Gb Total Space | 20.16 Gb Free Space | 8.67% Space Free | Partition Type: FAT32

Computer Name: DESKTOP-6T2GKA4 | User Name: Darrell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = AvastHTML] -- C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = AvastHTML] -- C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)

[HKEY_USERS\S-1-5-21-3803857030-2765018022-3405165186-1003\SOFTWARE\Classes\<extension>]
.html [@ = AvastHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 (AVAST Software)
https [open] -- "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 (AVAST Software)
inffile [install] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 (AVAST Software)
https [open] -- "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 (AVAST Software)
inffile [install] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}]
"GUID" = {AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}
"DISPLAYNAME" = Trend Micro Internet Security
"STATE" = 266240
"PRODUCTEXE" = C:\Program Files\Trend Micro\Titanium\TmWscSvc\wschandler.exe
"REPORTINGEXE" = C:\Program Files\Trend Micro\Titanium\TmWscSvc\WSCStatusController.exe

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
"DISPLAYNAME" = Windows Defender Antivirus
"STATE" = 393472
"PRODUCTEXE" = windowsdefender://
"REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{EB19B86E-3998-C706-90EF-92B41EB091AF}]
"GUID" = {EB19B86E-3998-C706-90EF-92B41EB091AF}
"DISPLAYNAME" = Avast Antivirus
"STATE" = 266240
"PRODUCTEXE" = C:\Program Files\Avast Software\Avast\wsc_proxy.exe -- (AVAST Software)
"REPORTINGEXE" = C:\Program Files\Avast Software\Avast\wsc_proxy.exe -- (AVAST Software)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP\9b7e12b5-f795-4bb9-b1c6-5dc58231cd9d]
"GUID" = 9b7e12b5-f795-4bb9-b1c6-5dc58231cd9d
"CALLINGBINARY" = C:\Users\kempe\AppData\Local\Microsoft\OneDrive\On eDrive.exe -- (Microsoft Corporation)
"NAMESPACE" = C:\Users\kempe\OneDrive -- [2020/03/31 18:31:10 | 000,000,000 | R--D | M]
"DISPLAYNAME" = OneDrive
"EXEPATH" = C:\Users\kempe\AppData\Local\Microsoft\OneDrive\On eDrive.exe -- (Microsoft Corporation)
"ACCOUNTNAME" = kemperfam@comcast.net
"USERSID" = S-1-5-21-3803857030-2765018022-3405165186-1001
"TYPE" = 0
"SIGNED" = 1
"FLAGS" = 0
"STATE" = 0
"RESTOREURL" = https://onedrive.live.com?v=restore&...4-01T02:31:10Z

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{D322394B-73F7-C65E-BBB0-3B81E063D6D4}]
"GUID" = {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
"DISPLAYNAME" = Avast Antivirus
"STATE" = 266240
"PRODUCTEXE" = C:\Program Files\Avast Software\Avast\wsc_proxy.exe -- (AVAST Software)
"REPORTINGEXE" = C:\Program Files\Avast Software\Avast\wsc_proxy.exe -- (AVAST Software)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration\WicaUpgradableAVs]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 42 F2 E6 C6 44 FF D6 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{19B0EDD6-71C3-453C-955B-91290C1AC30D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edgewebview\application\108.0.1462 .46\msedgewebview2.exe |
"{42A6D510-3BDD-4728-B578-CB083C323D9E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edge\application\msedge.exe |
"{43D6D63A-203A-47D8-86EB-C7CC1687F51B}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{5D17F9C3-E4BD-4C5D-A554-0FE70E38414F}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{5DF11231-21D3-4A6E-8120-43B066C8F0B4}" = lport=5000 | protocol=6 | dir=in | app=c:\users\darrell\appdata\roaming\zoom\bin\airh ost.exe |
"{730603E5-4427-4AE3-B1A4-812B301309AC}" = lport=8319 | protocol=6 | dir=in | name=techsmith camtasia 2018 |
"{7FD2192B-CF33-4DD0-ADE7-5AF203BE9026}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{EB71502E-2B03-454E-BD85-6DE1DC018732}" = lport=5353 | protocol=17 | dir=in | app=c:\users\darrell\appdata\roaming\zoom\bin\airh ost.exe |
"{F584E0EF-A675-4E94-A5EC-47DD0DCD99F4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\avast software\browser\application\avastbrowser.exe |

========== Vista Active Application Exception List ==========
Reply With Quote
  #8  
Old December 17th, 2022, 12:41 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{0101D39A-6016-40F1-9ADE-F17047E6CE12}" = dir=in | name=onenote |
"{015A5D4E-1990-40FB-BF24-C9EE38FED956}" = dir=in | name=print 3d |
"{019BB8A5-D55B-4998-B13C-F339AEF8168D}" = dir=in | name=@{microsoft.windows.cortana_1.13.0.18362_neut ral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{01A10101-8B9A-452E-8809-FD24B956171B}" = dir=in | name=@{microsoft.zunemusic_10.20022.11011.0_x64__8 wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{01BB5B27-A597-4F5B-B4F9-532726EE6C9E}" = dir=out | name=microsoft edge |
"{02AAAEAE-73B1-40BE-9BFB-714E885AA34C}" = dir=out | name=@{microsoft.oneconnect_5.2204.1031.0_x64__8we kyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{03BE7DCC-5A2E-473F-9968-F7D4CE2DF3CA}" = dir=out | name=smartbyte |
"{0556D6A7-8715-48D7-9AD2-939E39D085B4}" = dir=in | name=@{microsoft.win32webviewhost_10.0.18362.449_n eutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{06CABCAD-EE6A-4CC0-AD13-718FBB000363}" = dir=out | name=@{microsoft.gethelp_10.1912.30071.0_x64__8wek yb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{0861E1AB-6701-4D50-BD0C-0230B0F6EE04}" = dir=out | name=@{microsoft.people_10.1909.3457.0_x64__8wekyb 3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{092AAEE8-6789-4F1A-9732-E85C1161A64D}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.1 9041.1023_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{0A4BDED5-4A61-4BB0-9648-E5E75AFBDEB8}" = dir=in | name=netflix |
"{0A565F19-A960-4E36-ABAF-A4A0536DA501}" = dir=out | name=waves maxxaudio pro for dell |
"{0B86D45B-23CF-403E-8A3F-4A3B685D7FAC}" = dir=in | name=@{microsoft.windows.photos_2022.30100.19004.0 _x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{0C66349D-4789-43DD-B191-602B4239F470}" = dir=out | name=waves maxxaudio pro for dell |
"{0CACF6FD-E5AB-456C-91C3-21DE0682262E}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.19041.1023. 0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{0E482094-7889-4FDE-A168-02BA7430F5C9}" = dir=out | name=skype |
"{1084FC5B-8D6C-465F-8DDF-751085FA1965}" = dir=in | name=microsoft edge |
"{115B51F4-107C-43A7-9576-3E5C1AD83D50}" = dir=out | name=@{microsoft.accountscontrol_10.0.19041.1023_n eutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{117637CE-1963-41F9-9416-7765D2861B17}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.1 4326.21238.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{1230B24F-3ECD-4044-AF72-28C4E4CDBBF2}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.32912.0_x 64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{13BC843B-C622-4687-B193-25B7680ED01F}" = dir=out | name=@{microsoft.messaging_4.1901.10241.1000_x64__ 8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{14087B89-5EB0-49E4-8EB5-54EB30D336C3}" = dir=in | name=@{microsoft.messaging_4.1901.10241.1000_x64__ 8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{15086E30-6772-487A-AB0F-CBEC6CDB794A}" = dir=out | name=@{microsoft.xboxidentityprovider_12.95.3001.0 _x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{178360F2-799D-4B90-8673-24872FBEA223}" = dir=out | name=print 3d |
"{17B7904D-096C-49FE-BD44-2B6087C6FCE2}" = dir=out | name=xbox game bar plugin |
"{17ED4714-6B84-460A-A34F-A30835683A2D}" = dir=in | app=c:\users\darrell\appdata\roaming\zoom\bin\zoom .exe |
"{1A02DAEC-F933-49F7-9E63-B7C177056464}" = dir=out | name=xbox tcui |
"{1B63E2EE-E2A8-4521-83C7-9996D2C8D922}" = dir=out | name=my dell |
"{1B725E55-3CAF-444A-AB91-3D85386D9F62}" = dir=out | name=@{microsoft.microsoft3dviewer_7.1908.9012.0_x 64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{1C88339A-3752-4484-A347-CB4877F535A1}" = dir=in | name=@{microsoft.zunevideo_10.20022.11011.0_x64__8 wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1D1063F5-A863-4D8B-B13A-4A525326EEA5}" = dir=in | name=xbox game bar |
"{1F01B3E2-5C20-4740-AA7E-6EF2848913C7}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.18362.449 .0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{20AAE6B1-9EB3-4E08-AB0D-2D67CAD7D9CC}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.1 1029.20108.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{228A7E57-0FEF-47E8-9FDB-320E1C0F1240}" = dir=in | name=@{microsoft.windows.shellexperiencehost_10.0. 18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{23393069-1AD2-4F6A-AB1E-B023F4754CDE}" = dir=out | name=dell mobile connect |
"{24C68D69-D39B-4721-8670-8466881EA9C1}" = dir=out | name=@{microsoft.windowsstore_12003.1001.1.0_x64__ 8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{277D6840-635C-476A-A591-1C69DBF8AC65}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.1 1029.20108.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{27893376-3B92-4050-BD2B-47ADE6547BA7}" = dir=in | name=dell supportassist for home pcs |
"{29769E94-2FF5-4526-BBA5-6705F1E16386}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1907.3152.0_ x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{299246ED-BBB0-44E3-9237-410A3EE71F1D}" = dir=out | name=onenote for windows 10 |
"{2A21529F-06A6-4B10-9BF6-135B1EC39A27}" = dir=in | name=@{microsoft.windows.photos_2020.19081.28230.0 _x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{2BDEC171-5CB7-47BE-9FAA-1D6D5391EE07}" = dir=in | name=@{microsoft.microsoftedge_44.18362.449.0_neut ral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{2BE60054-5778-4E53-8A8A-46A060CBC1A5}" = dir=in | name=@{microsoft.win32webviewhost_10.0.19041.1023_ neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{31D6F826-A600-4521-B35F-B998F7B18099}" = dir=in | name=microsoft solitaire collection |
"{32896636-A340-4747-B1A2-A84CE44F430A}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0. 19041.1266_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{339852F4-C6CD-49D2-A36C-714403A41A91}" = dir=in | name=cortana |
"{33D56FD4-E8F2-4327-9F6C-E0A6A33B5BCA}" = dir=out | name=@{microsoft.windows.cortana_1.13.0.18362_neut ral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{34164596-7970-4908-9239-E56255F5F370}" = dir=out | name=@{microsoft.windowscamera_2019.926.30.0_x64__ 8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{36B2E724-DCC4-47C6-8859-E461374E3690}" = dir=out | name=@{microsoft.xboxapp_48.62.6002.0_x64__8wekyb3 d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{36BB9B61-FFA9-4A4B-9DE6-DD95A8A5DB5E}" = dir=out | name=print 3d |
"{387AAB95-03B2-4D20-BAC8-192D6A14DBDB}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.18362. 449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{3AA62911-5A67-4F85-A4C7-DAC5F26FF5EE}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\avastui.exe |
"{3B0461C7-F57F-4B68-8687-287C4BA44EEA}" = dir=out | name=@{microsoft.windows.photos_2022.30100.19004.0 _x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{3BC66490-89C7-429F-B3CC-4BA7BBDBA0F2}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.190 41.1023.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{3CE33F57-561F-4140-8DE1-6EFDCB2D8BEF}" = protocol=17 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.92.3204.0_ x86__kzf8qxf38zg5c\skype\skype.exe |
"{3CFF9100-1E6F-45C1-B418-CC56481D1A1C}" = dir=out | name=office |
"{3D8706FE-E14C-4383-B218-4259E67D7DBC}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{3DC652CE-1B98-46C5-A4DF-EFAEFCF20CEB}" = dir=out | name=dell customer connect |
"{40F5A22B-96D5-47C7-9750-92850091EE55}" = dir=out | name=dell digital delivery |
"{413B0427-F7D2-495A-9803-949B83939EEC}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0. 19041.1949_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{44EDAF3E-E5DE-4E6F-972C-A58C6C72DBF9}" = dir=out | name=@{microsoft.win32webviewhost_10.0.18362.449_n eutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{45022782-CC74-46F5-B69F-37DA343DB298}" = dir=out | name=@{microsoft.windowsmaps_11.2208.6.0_x64__8wek yb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{45FB59B2-8BC3-41A2-B3DD-BBD03B4640C7}" = dir=in | name=@{c27eb4ba.dropboxoem_20.4.3.0_x64__xbfy0k16f ey96?ms-resource://c27eb4ba.dropboxoem/resources/oemappname} |
"{469649F9-056E-4216-ACFB-FC0C42F6DF7D}" = dir=out | name=@{microsoft.ppiprojection_10.0.18362.449_neut ral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{470CE014-7365-4256-AA86-B2566BC2E5C0}" = dir=in | name=@{microsoft.bingtranslator_5.6.0.0_x64__8weky b3d8bbwe?ms-resource://microsoft.bingtranslator/resources/appname} |
"{482AA8E7-23D6-4E74-923E-E5EC93F623DE}" = dir=out | name=@{microsoft.lockapp_10.0.19041.1023_neutral__ cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{4870CB31-F411-4B6A-BAA8-66A9B8C7B96F}" = dir=out | name=xbox game bar |
"{4B06B905-E257-452D-9AC5-5763C6999F81}" = dir=in | name=@{microsoft.messaging_4.1901.10241.1000_x64__ 8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{4F2B92C9-7C38-4868-BB6D-D6996D51B173}" = dir=out | name=@{microsoft.yourphone_0.0.13313.0_x64__8wekyb 3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} |
"{5059DF3C-85D7-4CDA-8F02-3C95EF28439A}" = dir=in | name=@{microsoft.zunevideo_10.22091.10031.0_x64__8 wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{518B250E-2CB4-4B6D-9BF9-21EA097F096F}" = dir=in | name=@{microsoft.desktopappinstaller_1.18.2691.0_x 64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{51F09988-1EAE-4377-B661-576692BDABFC}" = dir=out | name=microsoft store |
"{532A21D7-7DF5-4A60-B5C0-4745DB30F34A}" = dir=in | name=@{microsoft.windowsalarms_11.2210.7.0_x64__8w ekyb3d8bbwe?ms-resource://microsoft.windowsalarms/resources/appstorename} |
"{5401C3EC-7E65-4F2C-815C-14F452C5CF9D}" = dir=out | name=dell cinema guide |
"{54F1C444-4151-4506-8DBD-A292EF6AAE94}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.18362.44 9_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{58D41A03-EF63-45BD-B794-8F4D91492427}" = dir=out | name=@{microsoft.desktopappinstaller_1.18.2691.0_x 64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"{59A6CA29-36EA-4A8A-BDFA-39111E0CED56}" = dir=out | name=@{microsoft.storepurchaseapp_12207.44.6.0_x64 __8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{5C3AF086-C3A5-456A-9D6A-44F11D46C4F0}" = dir=out | name=@{microsoft.windowscalculator_11.2210.0.0_x64 __8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{5C9E4F22-EA73-45A5-BA25-84F2EA1D3DD5}" = dir=in | name=xbox game bar |
"{5D8F9137-C894-4E0F-851A-42AA64658EFB}" = dir=out | name=@{microsoft.xboxidentityprovider_12.58.1001.0 _x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{5FD54292-4B81-4472-9617-DFFEF52FE0E8}" = dir=out | name=@{microsoft.lockapp_10.0.18362.449_neutral__c w5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{622A9AAD-C29F-4353-A4DC-060E03C9D35C}" = dir=out | name=dell customer connect |
"{623AF6E6-058E-4EB2-8983-D9FC8B7F5CBA}" = dir=in | name=microsoft minesweeper |
"{6292C179-7A6C-43BD-8DFF-691C63C9B87D}" = dir=out | name=netflix |
"{64026566-554D-4DC1-8044-2778FF566D74}" = dir=out | name=@{microsoft.zunevideo_10.20022.11011.0_x64__8 wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{65781A3A-0547-46C6-A40E-961368CEFDBE}" = dir=out | name=@{microsoft.messaging_4.1901.10241.1000_x64__ 8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{6B189B8B-A9B9-436D-9EEA-64CB6AB5EC84}" = dir=out | name=microsoft pay |
"{6C0B1F54-842E-4F23-B631-205C5B885BBF}" = dir=out | name=@{microsoft.mspaint_6.1907.18017.0_x64__8weky b3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{6D32E267-950B-4DDF-9BBF-13612BA8D8B1}" = dir=out | name=dell digital delivery |
"{6DAFF4D6-A1C8-4FEF-BF2A-AE0026D6EB09}" = dir=in | name=@{microsoft.bingweather_4.53.43112.0_x64__8we kyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{6E3AD7AB-DEEA-48B7-B6D5-207DA3E0F1B3}" = dir=out | name=@{microsoft.mspaint_6.2203.1037.0_x64__8wekyb 3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} |
"{7173456E-9614-47D3-A163-0BE8032F088A}" = dir=out | name=@{microsoft.bingweather_4.53.43112.0_x64__8we kyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{74BF2CAA-54ED-45EB-8750-0CB8DCFC2105}" = dir=in | name=microsoft store |
"{753869FB-E710-4A42-B354-913ECBEE8731}" = dir=in | name=@{microsoft.windows.sechealthui_10.0.19041.18 65_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{76B2DBA1-9A65-40F8-A3FD-7A1B274AA866}" = dir=in | name=onenote for windows 10 |
"{779E96E7-0F03-4847-8966-96398F626225}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{77E8353D-B789-41B7-94D5-33A8C6311A3A}" = dir=out | name=@{microsoft.mixedreality.portal_2000.20011.13 12.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{784A8D03-0C11-4655-B15F-C9876494E860}" = dir=out | name=@{appup.intelgraphicsexperience_1.100.2727.0_ x64__8j3eq9eme6ctt?ms-resource://appup.intelgraphicsexperience/resources/system_item_title_intelgraphicscontrolpanel} |
"{79C3C6A0-443B-48FD-A1D6-55E81F1DF226}" = dir=out | name=@{microsoft.oneconnect_5.2002.431.0_x64__8wek yb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{7C44D638-B688-4A94-AA11-F2F40555BA9A}" = dir=out | name=solitaire & casual games |
"{7C57E29E-A52A-4A50-9FB9-3C11B70803D4}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.183 62.449.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{8073AA93-8BBA-4596-8584-64DED27671D9}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.19041.1023. 0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{81EB359E-3E57-4790-93A0-34972F1B4E72}" = dir=out | name=@{microsoft.zunevideo_10.22091.10031.0_x64__8 wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{84E666A4-96D8-4225-A257-0B1D45AE71A2}" = dir=out | name=@{microsoft.microsoft3dviewer_7.2211.24012.0_ x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} |
"{8507877F-E690-49D2-8E13-A1294410516D}" = dir=out | name=shell input application |
"{85EA7AFB-78E6-4436-912B-6E97B3FE17D8}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0 .18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{86EAB2DB-21DA-4DFA-A602-19336031B52B}" = dir=in | name=@{microsoft.bingtranslator_5.6.0.0_x64__8weky b3d8bbwe?ms-resource://microsoft.bingtranslator/resources/appname} |
"{8826492A-D0FD-4D3B-8A36-A8825F860A03}" = dir=in | name=print 3d |
"{88C70390-1406-42EB-8133-F692D92070EA}" = dir=in | name=@{microsoft.xboxapp_48.89.25001.0_x64__8wekyb 3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{8938719F-62E9-414F-9201-AACFEE840516}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_1 0.0.19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{898DAFE3-FB45-4959-97FB-FF14777BCCF1}" = dir=out | name=@{microsoft.bingtranslator_5.6.0.0_x64__8weky b3d8bbwe?ms-resource://microsoft.bingtranslator/resources/appname} |
"{89B6CF9D-6BB5-4C79-807E-C85B6BA5836B}" = dir=in | name=@{microsoft.windows.search_1.14.7.19041_neutr al_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{89E339A4-86A3-4818-B68D-F2B2A2B819CD}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.19041. 1023.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{8C1DE879-8A41-4B0E-9003-EBBBA2C45A32}" = dir=out | name=windows_ie_ac_001 |
"{8C44116D-A836-4CB5-B97C-24345EE66455}" = protocol=6 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.92.3204.0_ x86__kzf8qxf38zg5c\skype\skype.exe |
"{8CA4062F-4746-44F8-BAAB-E857EB9855BD}" = dir=out | name=@{microsoft.windowsmaps_5.1909.2813.0_x64__8w ekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{8DF81D27-4477-4403-B171-2D7985D52F82}" = dir=out | name=@{microsoft.win32webviewhost_10.0.19041.1023_ neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} |
"{9140E014-0C46-4D8F-B0E9-975691EB196F}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0. 18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{91D05661-912C-40D4-8E56-E9860D1CCB15}" = dir=in | name=@{microsoft.ppiprojection_10.0.18362.449_neut ral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{95A69E26-734E-43A8-AAC5-74739AB87556}" = dir=out | name=xbox game bar |
"{97C4FED8-6E4F-47F5-B451-6CCF867BA34A}" = protocol=17 | dir=in | app=c:\program files\windowsapps\screenovatetechnologies.dellmobi leconnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\dellmo bileconnectclient.exe |
"{989E24F2-5CDD-4A52-9112-6031BE380342}" = dir=out | name=office |
"{98B0121C-5EAA-4BB7-91F7-6EF9F02B0B35}" = dir=in | name=skype |
"{99F79FCF-B467-4873-88EC-E07BCA3409FA}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_ 10.0.19041.1023_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{9B79BB70-F681-4ADC-A033-A22FA2761AF8}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0. 18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{9D05879D-DBB9-4FCB-96FC-4692A7887FFB}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_1 0.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{9D584E54-04EA-42AE-9053-241D69D5984F}" = dir=out | name=@{microsoft.storepurchaseapp_12003.1001.1.0_x 64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} |
"{9FDA6B96-AE9D-4784-B5B7-59E22DD9B4CA}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10 .0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{A542C747-70F3-41BF-9BF5-3E5391EF2E16}" = protocol=6 | dir=in | app=c:\program files\windowsapps\screenovatetechnologies.dellmobi leconnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\dellmo bileconnectclient.exe |
"{A7477CBF-27F9-403D-8D68-486446B3EE05}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_ 10.0.18362.449_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} |
"{A899B188-D3A0-4602-8385-B3BDB701833D}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.18362.449.0 _neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{A961C77E-FC0B-44DE-96BE-A13FDAF50720}" = dir=out | name=ncsiuwpapp |
"{AB458D19-CD4F-48CD-8AE9-6EB7F0C96C95}" = dir=out | name=@{microsoft.accountscontrol_10.0.18362.449_ne utral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{AB47234D-B13A-4DE0-B00C-3F1FF2C8D044}" = dir=out | name=xbox tcui |
"{ACC4B863-A0C8-435F-9ECA-209EE47DCB2B}" = dir=out | name=xbox game bar plugin |
"{AE451C30-7BB3-4806-B917-B7D5EEDA4B11}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\avastui.exe |
"{B0F5AD15-F1B4-4D00-877E-CB426C554CF5}" = dir=in | name=@{microsoft.microsoftstickynotes_3.7.124.0_x6 4__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{B163DE28-DA62-4C7C-8CBB-F101AEF48D7E}" = dir=out | name=@{microsoft.bingnews_4.55.43072.0_x64__8wekyb 3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithtagline} |
"{B20158D3-E36C-43B0-A2F5-6DD9A80CC9C3}" = protocol=17 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.92.3204.0_ x86__kzf8qxf38zg5c\skype\skype.exe |
"{B2DB001F-CCD3-4F0A-A908-530E7DCFD25F}" = dir=out | name=@{microsoft.microsoftstickynotes_4.5.7.0_x64_ _8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{B4366E52-4E1B-4DD5-9F56-D527A0F640ED}" = dir=out | name=@{microsoft.windowscalculator_10.1910.0.0_x64 __8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} |
"{B5D0B649-0D7A-4393-ABDF-762F9F4CFE0D}" = dir=in | name=@{microsoft.oneconnect_5.2002.431.0_x64__8wek yb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{B5FB3A55-AA15-416B-AABD-A00E4CBF3B3C}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_1 0.0.19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{B649B735-BFDD-4B56-B3A8-06E31915A010}" = dir=out | name=@{microsoft.microsoftedge_44.18362.449.0_neut ral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{B7E44798-418D-4197-81B2-6707F837DF87}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.19041.18 65_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} |
"{B93C7DE1-1387-48D2-87BC-7CA7D3FC4F88}" = dir=in | name=dell supportassist for home pcs |
"{BA950BCD-6F60-441E-821E-450F6423DB8B}" = dir=out | name=@{appup.intelgraphicsexperience_1.100.4232.0_ x64__8j3eq9eme6ctt?ms-resource://appup.intelgraphicsexperience/resources/system_item_title_intelgraphicscontrolpanel} |
"{BAA3C43E-6BD4-4E5B-9E49-C441EFE7A93B}" = dir=out | name=dell cinema guide |
"{BCA464B2-0674-42F3-AE8A-DC41D134944B}" = dir=in | name=@{microsoft.oneconnect_5.2204.1031.0_x64__8we kyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} |
"{BD6862C8-4CCA-463A-99E7-27A0CFFA8FB9}" = dir=out | name=@{microsoft.gethelp_10.2208.2551.0_x64__8weky b3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} |
"{BD847A92-539D-4AA3-AC71-5BF0A0D71FD3}" = dir=out | name=microsoft pay |
"{BE12B34D-59B8-4BAA-A12F-1E3A9F5B0DF9}" = dir=out | name=@{microsoft.windows.photos_2020.19081.28230.0 _x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{BFEC1370-C926-411F-B518-8631D8AA2A57}" = dir=out | name=microsoft solitaire collection |
"{C0A98CB8-ACC6-4995-B855-8563134AC9D9}" = dir=out | name=@{microsoft.windows.search_1.14.7.19041_neutr al_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.search/resources/packagedisplayname} |
"{C21E9735-98E2-44A9-A30B-E31866DB241F}" = dir=out | name=@{microsoft.people_10.2105.4.0_x64__8wekyb3d8 bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{C37FE05C-9DA6-4BC5-A888-5554427FBC89}" = dir=out | name=@{microsoft.getstarted_10.2210.3.0_x64__8weky b3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{C5B2F59A-BEC5-4CFC-8022-C556EC3D8E0D}" = dir=out | name=@{microsoft.microsoftstickynotes_3.7.124.0_x6 4__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{C62B2AAA-FAF9-49E3-BEB0-90BEC47DF724}" = dir=out | name=@{microsoft.zunemusic_10.22031.10091.0_x64__8 wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C66E1F46-5A4B-48B6-9D27-B30B3BACFE62}" = dir=out | name=@{microsoft.zunemusic_10.20022.11011.0_x64__8 wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C6A1967F-4812-4717-9086-F8B6DA4C9D0A}" = dir=out | name=@{microsoft.xboxapp_48.89.25001.0_x64__8wekyb 3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{C753CEBD-53F2-4B0D-A822-73584D25575B}" = dir=out | name=@{c27eb4ba.dropboxoem_20.4.3.0_x64__xbfy0k16f ey96?ms-resource://c27eb4ba.dropboxoem/resources/oemappname} |
"{CB77FAD7-C482-401F-A691-5EA4710CCDE4}" = dir=out | name=skype |
"{CC9D24BA-E775-4551-89AF-587397E531C9}" = dir=in | name=solitaire & casual games |
"{CD3A7179-31DA-45EF-AF2E-674D5B1426B2}" = dir=out | name=@{microsoft.mixedreality.portal_2000.21051.12 82.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} |
"{D0C07905-2950-4337-B718-CEEFB1ED3A71}" = dir=in | name=@{microsoft.windowsstore_12003.1001.1.0_x64__ 8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{D1FFC9C2-9DCA-4745-89FC-4BB00E8B7A98}" = dir=out | name=dell supportassist for home pcs |
"{D2797CBE-B63B-48EF-B3EC-33B0BA4F420D}" = dir=out | name=@{microsoftwindows.client.cbs_120.2212.4190.0 _x64__cw5n1h2txyewy?ms-resource://microsoftwindows.client.cbs/resources/productpkgdisplayname} |
"{D3668CC4-381D-4C92-9DDE-DF9B73876B4B}" = dir=in | name=my dell |
"{D36C9B2C-1C05-457B-93BA-DB15986D9F0B}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.18362.449.0 _neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{D45EF269-A8F1-4510-9D98-0FFD311ED585}" = protocol=17 | dir=in | app=c:\users\darrell\appdata\roaming\zoom\bin\zoom .exe |
"{D7D5051A-8D4D-4FB5-95D1-FD35604F77EC}" = dir=out | name=my dell |
"{D957F959-72C3-47DE-870A-55C14DB39B5D}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.1 4326.21238.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{E02083BF-553C-4BFE-B1A0-4D0FEEF0032F}" = dir=out | name=onenote |
"{E0559773-7BA6-4219-8AB3-F5FC4F9C8CD2}" = dir=out | name=@{microsoft.windowscamera_2021.105.10.0_x64__ 8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} |
"{E0B37890-EC0E-46CD-81D2-8B0A4A7A29B1}" = dir=in | name=@{microsoft.microsoftstickynotes_4.5.7.0_x64_ _8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} |
"{E0E34119-6BBE-4D83-B6FF-9F9F2FD965A3}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.2203.761.0_x 64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{E1503025-A5D5-4C6E-9D44-E49ADFA4FD92}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.19041.102 3.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{E1B41752-621A-4497-93B9-FF39454BC663}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0. 18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{E1E1757E-8AA0-4E0C-B5A6-188FF04003BF}" = dir=in | name=@{microsoft.zunemusic_10.22031.10091.0_x64__8 wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{E23FE9A5-20D8-47FC-9DBE-3459A455BAA8}" = dir=out | name=@{microsoft.windowsalarms_11.2210.7.0_x64__8w ekyb3d8bbwe?ms-resource://microsoft.windowsalarms/resources/appstorename} |
"{E8DE95D3-44B1-404A-823C-550C4A85B642}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0 .19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} |
"{E8F69D99-F54A-4404-AF49-90631A65B07D}" = dir=in | app=c:\program files (x86)\turbotax\individual 2021\32bit\cefsharp.browsersubprocess.exe |
"{E934B9C0-CC5B-4E3A-AD75-5896AE4CA408}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0. 19041.1266_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{E979CADC-8A64-40AA-B05C-1E3C336C8A6E}" = dir=out | name=dell mobile connect 3.3 |
"{EB4C542C-03BF-4B97-B803-A1117F562EA3}" = dir=out | name=@{microsoft.getstarted_8.2.22942.0_x64__8weky b3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{EC1DF714-8FEF-4C51-98E8-DC9E8ABB9F8E}" = dir=out | name=dell supportassist for home pcs |
"{ECBB61A0-C19C-46F0-B689-4611A4C927D1}" = dir=in | name=skype |
"{EDC950A3-367C-438B-B8CA-C3ADAB888092}" = dir=out | name=@{microsoft.bingtranslator_5.6.0.0_x64__8weky b3d8bbwe?ms-resource://microsoft.bingtranslator/resources/appname} |
"{EF29E7E7-BF79-4F98-9633-2671736D6B64}" = dir=out | name=@{microsoft.bingweather_4.25.20211.0_x64__8we kyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{F320177D-95DC-4986-8D97-B046F16C987E}" = dir=out | name=cortana |
"{F3B567B1-C949-4DF5-A038-BBB9AECD0F33}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10 .0.19041.1023_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{F46F4974-6941-4E7E-9964-CF0D88D1D41F}" = dir=out | name=microsoft minesweeper |
"{F56F163D-8A7B-4BA0-B0A0-967D703AFA33}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.1 8362.449_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} |
"{F574EB90-D92D-4BFF-AB31-C46BDE20D273}" = dir=in | name=@{microsoft.xboxapp_48.62.6002.0_x64__8wekyb3 d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} |
"{FABAE57A-A359-4B07-8836-9FF2BFE94D05}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_1 0.0.18362.449_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} |
"{FDC5E396-4EA8-43E8-B0C4-75AF64A18A6C}" = protocol=6 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.92.3204.0_ x86__kzf8qxf38zg5c\skype\skype.exe |
"{FE04FB40-3378-4CAA-B552-794B25C059A9}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.32912.0_x 64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} |
"TCP Query User{D3F97472-FCAE-4FB8-9B7E-5993AD36E78B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{93784C56-ABA7-48BC-B623-0C39F660E037}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{0712F23C-FBAC-436C-9DDB-125F32D15033}" = Microsoft .NET Host FX Resolver - 6.0.12 (x64)
"{148D6ED8-24B8-443D-9C5B-5D6BF506671B}" = Intel(R) Chipset Device Software
"{1BF67DC1-8BB5-4AF5-BE20-3B53D9532D01}" = Microsoft .NET Runtime - 6.0.12 (x64)
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{3252E69D-9075-40FD-A9EF-F6D96091B5BF}" = Dynamic Application Loader Host Interface Service
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4625C928-49BB-44DC-92E3-B9EC0972C72D}" = Intel(R) Icls
"{4674F112-9AB7-4701-AEC0-C1FD1FE7CD4E}" = Dell Mobile Connect Drivers
"{485C0285-31CE-41A4-A763-6DEBCD77C2E6}" = Intel(R) Management Engine Components
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}" = Microsoft .NET Runtime - 5.0.17 (x64)
"{5B678BC6-D551-458B-893D-B442B21ECD21}" = Dell SupportAssist OS Recovery Plugin for Dell Update
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6798C408-2636-448C-8AC6-F4E341102D27}" = Windows PC Health Check
"{6B487AA5-94E3-4B20-A1AF-2FA0CEA5BD13}" = Intel(R) Rapid Storage Technology
"{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}" = Microsoft Update Health Tools
"{8BA25391-0BE6-443A-8EBF-86A29BAFC479}" = Microsoft .NET Host FX Resolver - 5.0.17 (x64)
"{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}" = SmartByte Drivers and Services
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B5DCDCBD-BBB3-4A09-A496-E2FB05EC56CE}" = Dell SupportAssist
"{B709B962-53AA-446A-A733-95D1A6C5DE50}" = Camtasia 2018
"{BCAEB4A4-3805-4C05-A63F-98F7891EE533}" = Dell SupportAssist Remediation
"{C6577DC3-0C37-48BF-817B-54941E2A9D5F}" = Intel(R) LMS
"{C9552825-7BF2-4344-BA91-D3CD46F4C442}" = Intel(R) Trusted Connect Service Client x64
"{E215AA9E-5DF2-44BC-9D6F-E1A1B0C348FB}" = Microsoft .NET Host - 6.0.12 (x64)
"{E663ED1E-899C-40E8-91D0-8D37B95E3C69}" = Microsoft .NET Host - 5.0.17 (x64)
"{EEA36044-96B5-4E2A-AC59-3FC742EEDEF4}" = Intel® Optane™ Pinning Explorer Extensions
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"{F0C8928A-BF8F-4AAF-B8BF-9CE865DBC711}" = Microsoft VC++ redistributables repacked.
"{F68DA8E2-38B6-47A7-AB62-BFE8B740F792}" = Dell Update for Windows Universal
"{F9790CBE-C3E6-4565-A1A2-17DD480ECF39}" = Intel(R) Management Engine Driver
"{FEAA68D6-DA1D-4440-91B6-43906444FA49}" = Intel(R) Management Engine Components
"{FEB772C1-919E-4145-9691-AFFAC915496F}" = Intel(R) OEM Extension
"Avast Antivirus" = Avast Free Antivirus
"CCleaner" = CCleaner
"MozillaMaintenanceService" = Mozilla Maintenance Service

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{19C3AB22-3718-4E4D-B203-242F5001565B}" = Avast Update Helper
"{19F2745D-A94D-40AB-A983-E9D0A57B1E50}" = TurboTax 2021
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm WLAN and Bluetooth Client Installation
"{35588924-6b2a-48cd-a3ee-b9118cad2d01}" = Microsoft .NET Runtime - 6.0.12 (x64)
"{52E6AD69-FBE7-42C0-9F5B-CD282EB7FD76}" = TurboTax 2020 WinPerReleaseMsi
"{5fd4f6d8-26d6-43b6-9b95-116b69ee0a69}" = Camtasia 2018
"{605c9341-3a21-429f-87f0-bfa9c26f885e}" = Dell SupportAssist Remediation
"{69bc85f1-55f9-44f2-b5df-3840fe07854c}" = Intel(R) Trusted Connect Services Client
"{70281077-96c3-4f75-938c-dc4746110c00}" = Intel(R) Chipset Device Software
"{847625FA-89A7-4EE0-8494-68A49BF977D6}" = Microsoft VC++ redistributables repacked.
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A09D951F-4BA3-4383-97B3-D1B91835E779}" = OpenOffice 4.1.7
"{a699b48e-5748-4980-ad92-0b61b1d9d718}" = Microsoft .NET Runtime - 5.0.17 (x64)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Avast Update Helper
"{C9552825-7BF2-4344-BA91-D3CD46F4C441}" = Intel(R) Trusted Connect Service Client x86
"{CF95CED4-3A1E-4486-B7FA-428C25D617ED}" = Dell Digital Delivery Services
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{dc44ee3f-d6c1-444d-a660-b0f1ac90b51d}" = Dell SupportAssist OS Recovery Plugin for Dell Update
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Avast Secure Browser" = Avast Secure Browser
"Google Chrome" = Google Chrome
"Microsoft Edge" = Microsoft Edge
"Microsoft Edge Update" = Microsoft Edge Update
"Microsoft EdgeWebView" = Microsoft Edge WebView2 Runtime
"Mozilla Thunderbird 68.12.1 (x86 en-US)" = Mozilla Thunderbird 68.12.1 (x86 en-US)
"TurboTax 2020" = TurboTax 2020

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3803857030-2765018022-3405165186-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall]
"OneDriveSetup.exe" = Microsoft OneDrive
"ZoomUMX" = Zoom

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/16/2022 1:27:16 AM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 8194
Description =

Error - 12/16/2022 1:28:17 AM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 8194
Description =

Error - 12/16/2022 10:50:18 PM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 8194
Description =

Error - 12/16/2022 10:51:29 PM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 8194
Description =

Error - 12/17/2022 4:52:12 AM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 8194
Description =

Error - 12/17/2022 4:53:33 AM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 8194
Description =

Error - 12/17/2022 6:36:11 AM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 13
Description =

Error - 12/17/2022 6:36:11 AM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 8193
Description =

Error - 12/17/2022 6:36:11 AM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 13
Description =

Error - 12/17/2022 6:36:11 AM | Computer Name = DESKTOP-6T2GKA4 | Source = VSS | ID = 8193
Description =

[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 12/16/2022 6:26:59 AM | Computer Name = DESKTOP-6T2GKA4 | Source = DCOM | ID = 10010
Description =

Error - 12/16/2022 6:26:59 AM | Computer Name = DESKTOP-6T2GKA4 | Source = DCOM | ID = 10010
Description =

Error - 12/16/2022 9:43:41 PM | Computer Name = DESKTOP-6T2GKA4 | Source = Service Control Manager | ID = 7000
Description = The LMS service failed to start due to the following error: %%2

Error - 12/17/2022 6:32:24 AM | Computer Name = DESKTOP-6T2GKA4 | Source = Microsoft-Windows-Kernel-Boot | ID = 29
Description =

Error - 12/17/2022 6:32:44 AM | Computer Name = DESKTOP-6T2GKA4 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:23:37 AM on ?12/?17/?2022 was unexpected.

Error - 12/17/2022 6:32:47 AM | Computer Name = DESKTOP-6T2GKA4 | Source = Service Control Manager | ID = 7000
Description = The LMS service failed to start due to the following error: %%2

Error - 12/17/2022 6:35:12 AM | Computer Name = DESKTOP-6T2GKA4 | Source = Microsoft-Windows-Kernel-Boot | ID = 29
Description =

Error - 12/17/2022 6:35:25 AM | Computer Name = DESKTOP-6T2GKA4 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:32:44 AM on ?12/?17/?2022 was unexpected.

Error - 12/17/2022 6:35:27 AM | Computer Name = DESKTOP-6T2GKA4 | Source = Service Control Manager | ID = 7000
Description = The LMS service failed to start due to the following error: %%2

Error - 12/17/2022 6:37:21 AM | Computer Name = DESKTOP-6T2GKA4 | Source = Service Control Manager | ID = 7000
Description = The LMS service failed to start due to the following error: %%2


< End of report >
Reply With Quote
  #9  
Old December 17th, 2022, 07:02 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-12-2022
Ran by Darrell (administrator) on DESKTOP-6T2GKA4 (Dell Inc. Inspiron 3670) (17-12-2022 09:53:06)
Running from C:\Users\Darrell\Desktop
Loaded Profiles: Darrell
Platform: Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHu b.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHu b.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury. API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.Da taManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Di agnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHu b.Instrumentation.SubAgent.exe
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208 949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.ex e
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler. exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler6 4.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRe medationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui _dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igc c_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinSe rvice.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_ffb22091d2be88a5\IntelCpHDCPSvc.ex e
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iig d_dch.inf_amd64_ffb22091d2be88a5\IntelCpHeciSvc.ex e
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mew miprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationS ervice.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal .inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ias torac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_18c775e07a6aaafd\RtkAudUServ ice64.exe <3>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64 .exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2 210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_18c775e07a6aaafd\RtkAudUServ ice64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConn ectWelcome.exe [345848 2019-06-20] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [215960 2022-12-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wav esapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.ex e [1237920 2019-09-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3803857030-2765018022-3405165186-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe 1 /RestartByRestartManager:53B6D25E-95D3-460f-808C-3F4CD2C5BA5D (No File)
HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\...\Run: [MicrosoftEdgeAutoLaunch_ECD4B92814E2592AB1B5E4FFE3 7D02EA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\Ins taller\chrmstp.exe [2022-12-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19614.99\Instal ler\chrmstp.exe [2022-12-14] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {39912D05-8A54-46F0-B237-53A4E9BD78EB} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)
Task: {3AC02C58-E44A-4C31-8FD0-35B210037960} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {3F9A5C4C-D1CE-4F93-A91B-3778248DAC7B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {491D967A-EE0A-418C-8902-056C5BBD828B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {59A4D528-690C-4CAC-A146-1D334E4DE399} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-07] (Avast Software s.r.o. -> AVAST Software)
Task: {6ABFD57E-7F65-4FB1-BC75-CD3C3E090600} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4954008 2022-12-12] (Avast Software s.r.o. -> AVAST Software)
Task: {712BFA3A-81ED-4596-B45F-D2E09044E5D4} - System32\Tasks\CCleanerSkipUAC - Darrell => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {743D239F-2355-4B3D-97A3-4013329F60E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-29] (Google LLC -> Google LLC)
Task: {84EE527C-BC2F-4B05-A9CC-D8C766D5028C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4d8b2fd2-cfb7-4fa2-bf90-13fe39ec8ef5" --version "6.07.10191" --silent
Task: {92FB749F-DA35-4477-AFC3-2BC8BCFB26F6} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-07] (Avast Software s.r.o. -> AVAST Software)
Task: {972DB3E6-4D4D-4AD7-9220-0DAC4457A6EC} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {A491FC27-E2DF-4D69-8BAF-C012F0B79A0D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump :5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundup date.moz_log --backgroundtask backgroundupdate
Task: {BF179482-DD89-44B5-A3E7-D331F8B725E9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {C0101658-AD35-41FA-A475-C6C3A591034D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\ SupportAssistInstaller.exe [664928 2022-11-29] (Dell Inc -> Dell Inc.)
Task: {C876A274-3000-4481-9399-A61B0D0E48E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-29] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{92477ef5-8ebf-4470-9d3a-102da9b22dff}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Darrell\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path= [2022-12-17] <==== ATTENTION
Edge Profile: C:\Users\Darrell\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-17]

FireFox:
========
FF DefaultProfile: j9t65ntk.default
FF ProfilePath: C:\Users\Darrell\AppData\Roaming\Mozilla\Firefox\P rofiles\j9t65ntk.default [2021-03-07]
FF ProfilePath: C:\Users\Darrell\AppData\Roaming\Mozilla\Firefox\P rofiles\9l053n1d.default-release-1671252331546 [2022-12-17]
FF Homepage: Mozilla\Firefox\Profiles\9l053n1d.default-release-1671252331546 -> hxxps://connect.xfinity.com/appsuite/#!!&app=io.ox/mail&folder=default0/INBOX
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserU pdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserU pdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default [2022-12-17]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://content.usaa.com/mcontent/static_assets/Media/usaaicon.ico?cacheid=850343182_p
CHR Extension: (USAA) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajlepbcjmdlnkjpabnhilkiabk kdaefi [2020-03-30]
CHR Extension: (BofA) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjlbmijklipillfnjjlbfkmad kjkobg [2020-03-30]
CHR Extension: (The Weather Channel) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdckffepdejfpihncjhnpfbfgl mcgghg [2020-03-30]
CHR Extension: (email) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjbkfnkbnokbjcibcpedpmjpgo lfecna [2020-03-30]
CHR Extension: (MSNBC) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaofdgieipflamaebpmogdmdki nnfapd [2020-03-30]
CHR Extension: (Fox News) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedifiifgkbakcajifkllgiaok gdhjii [2020-03-30]
CHR Extension: (Omaha World-Herald) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdgjliiagjohahoadgfobmjaf fplmae [2020-03-30]
CHR Extension: (Seattle Times) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkccgbkjcaanbnpfkhanpicfga ljjmlh [2020-03-30]
CHR Extension: (CNN) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfenjomehfjkcbdmnnklglfnjg lbmajg [2020-03-30]
CHR Extension: (Edward Jones) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfkldahdllnibegjeedngpeeof plldca [2020-03-30]
CHR Extension: (Yahoo Finance) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhjiaodkgjbcibdhknclmdhkif eimecm [2020-04-22]
CHR Extension: (MaxorPlus) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjjdaiphoamkomhbhbndbjoihj jgmdan [2020-03-30]
CHR Extension: (Bistro Menu) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdcehclnojflnhjfnhgjbafopp jcpkaa [2020-03-30]
CHR Extension: (DRUDGE REPORT 2020®) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmglnmgnjhbnbbcobgpofjfimo mgdpjj [2020-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-01-28]
CHR Extension: (ABC) - C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pngfgnbnonglhnipcnclchidpo heboid [2020-03-30]
CHR Profile: C:\Users\Darrell\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8550808 2022-12-12] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [597400 2022-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2038168 2022-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [597400 2022-12-12] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19614.99\elevat ion_service.exe [1794040 2022-12-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [55712 2022-11-07] (Dell Inc -> )
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRe medationService.exe [22224 2022-10-26] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe [160096 2022-11-29] (Dell Inc -> Dell Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31424 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229208 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391272 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267888 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555560 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695496 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318456 2022-12-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sy s [37808 2022-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 MpKsl579e3981; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1E45634E-296B-4DB8-88D6-89A18CF6A41D}\MpKslDrv.sys [97528 2021-04-02] (Microsoft Windows -> Microsoft Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-03-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-29] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-17 09:53 - 2022-12-17 09:53 - 000026316 _____ C:\Users\Darrell\Desktop\FRST.txt
2022-12-17 09:51 - 2022-12-17 09:53 - 000000000 ____D C:\FRST
2022-12-17 04:36 - 2022-12-17 04:36 - 000000000 ____D C:\Users\Darrell\Desktop\OTL
2022-12-17 02:26 - 2022-12-16 23:53 - 000602112 _____ (OldTimer Tools) C:\Users\Darrell\Desktop\OTL.scr
2022-12-17 02:26 - 2022-12-16 23:51 - 000602112 _____ (OldTimer Tools) C:\Users\Darrell\Desktop\OTL.com
2022-12-17 02:26 - 2022-12-16 23:40 - 000602112 _____ (OldTimer Tools) C:\Users\Darrell\Desktop\OTL.exe
2022-12-17 02:26 - 2022-12-16 23:38 - 005659583 _____ (Swearware) C:\Users\Darrell\Desktop\ComboFix.exe
2022-12-17 02:26 - 2022-12-16 23:38 - 002078720 _____ (Farbar) C:\Users\Darrell\Desktop\FRST.exe
2022-12-17 02:26 - 2022-12-16 23:37 - 002375680 _____ (Farbar) C:\Users\Darrell\Desktop\FRST64.exe
2022-12-17 02:26 - 2022-12-16 23:36 - 008551608 _____ (Malwarebytes) C:\Users\Darrell\Desktop\AdwCleaner.exe
2022-12-17 02:26 - 2022-12-16 23:33 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Darrell\Desktop\rkill.exe
2022-12-16 21:13 - 2022-12-16 21:13 - 000000000 ____D C:\Program Files\Malwarebytes
2022-12-16 21:12 - 2022-12-16 21:12 - 002542312 _____ (Malwarebytes) C:\Users\Darrell\Downloads\MBSetup-B7CA912B(1).exe
2022-12-16 21:11 - 2022-12-16 21:11 - 002542312 _____ (Malwarebytes) C:\Users\Darrell\Downloads\MBSetup-B7CA912B.exe
2022-12-16 20:47 - 2022-12-16 20:47 - 000005780 _____ C:\Users\Darrell\cc_20221216_204755.reg
2022-12-16 12:35 - 2022-12-16 20:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-16 02:26 - 2022-12-16 20:45 - 000000000 ____D C:\Users\Darrell\Desktop\Old Firefox Data
2022-12-13 16:06 - 2022-12-13 16:06 - 000012367 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-13 16:05 - 2022-12-13 16:05 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjec ts.dll
2022-12-13 16:00 - 2022-12-13 16:00 - 000000000 ___HD C:\$WinREAgent
2022-12-12 11:51 - 2022-12-12 11:51 - 000273816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-12-12 11:51 - 2022-12-12 11:51 - 000212632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-12-04 13:01 - 2022-12-04 13:01 - 000000000 ____D C:\Program Files (x86)\DummyDir
2022-11-30 19:05 - 2022-11-30 19:05 - 000019095 _____ C:\Users\Darrell\Desktop\2022 Donations excluding Epiphany Lutheran Church.odt
2022-11-30 13:45 - 2022-11-29 23:16 - 000027349 _____ C:\Users\Darrell\Documents\Diet%209-2022.odt_0.odt
2022-11-29 16:56 - 2022-11-29 17:08 - 000019703 _____ C:\Users\Darrell\Documents\Earl Kemper.odt
2022-11-28 23:14 - 2022-11-28 23:14 - 000196834 _____ C:\Users\Darrell\Documents\538 NFL standing 11-28-22.odt
2022-11-27 09:36 - 2022-11-27 09:36 - 000188224 _____ C:\Users\Darrell\Documents\538NFLstanding11-26-22.odt
2022-11-22 21:50 - 2022-11-22 21:49 - 000000000 _____ C:\Users\Darrell\Downloads\tOG5Jfe7 - Copy.htm
2022-11-22 21:49 - 2022-11-22 21:49 - 000000000 _____ C:\Users\Darrell\Downloads\tOG5Jfe7.htm
2022-11-21 23:13 - 2022-11-21 23:13 - 014032270 _____ C:\Users\Darrell\Downloads\Awesome Photos (1).mp4

==================== One month (modified) ==================
Reply With Quote
  #10  
Old December 17th, 2022, 07:03 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-17 09:50 - 2020-05-07 10:19 - 000000000 ____D C:\Users\Darrell\AppData\LocalLow\Mozilla
2022-12-17 09:49 - 2020-05-21 03:10 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-17 09:49 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-17 09:49 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-17 09:49 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-17 09:39 - 2022-02-09 11:34 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-17 09:33 - 2021-02-09 16:36 - 000004172 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronizatio n-{5E21194C-4D90-491F-A532-B0EAF6C7FDCD}
2022-12-17 09:30 - 2020-03-29 11:17 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-17 09:29 - 2021-02-09 16:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-17 06:53 - 2022-11-08 20:59 - 000000000 ____D C:\Users\Darrell\Documents\JAK
2022-12-17 05:00 - 2020-03-30 20:34 - 000000000 ____D C:\Users\Darrell\Desktop\Shortcuts
2022-12-17 04:16 - 2021-03-07 12:48 - 000000000 ____D C:\Program Files\CCleaner
2022-12-17 03:22 - 2020-02-11 21:35 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2022-12-17 03:10 - 2021-02-09 16:38 - 000797554 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-17 03:10 - 2019-12-07 01:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-17 03:05 - 2021-04-02 16:44 - 000000000 ____D C:\ProgramData\Avast Software
2022-12-17 03:05 - 2021-02-09 16:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-17 03:05 - 2021-02-09 16:29 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-17 03:05 - 2020-03-30 20:29 - 000000000 __SHD C:\Users\Darrell\IntelGraphicsProfiles
2022-12-17 03:05 - 2020-02-11 21:28 - 000000000 ____D C:\Intel
2022-12-17 03:05 - 2019-12-07 01:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-12-17 02:33 - 2021-02-09 16:30 - 000000000 ____D C:\Users\Darrell
2022-12-17 02:32 - 2022-09-20 17:35 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-16 22:49 - 2022-09-20 17:35 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-16 22:49 - 2021-12-11 01:23 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3803857030-2765018022-3405165186-1003
2022-12-16 22:49 - 2021-08-18 22:50 - 000002258 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Darrell
2022-12-16 22:49 - 2021-03-07 12:48 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-16 22:49 - 2021-02-09 16:36 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineUA
2022-12-16 22:49 - 2021-02-09 16:36 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2022-12-16 22:49 - 2021-02-09 16:36 - 000003302 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2022-12-16 22:49 - 2021-02-09 16:36 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskM achineCore
2022-12-16 22:49 - 2021-02-09 16:36 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2022-12-16 22:49 - 2021-02-09 16:36 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3803857030-2765018022-3405165186-1003
2022-12-16 22:49 - 2021-02-09 16:36 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3803857030-2765018022-3405165186-1001
2022-12-16 22:49 - 2021-02-09 16:36 - 000002258 _____ C:\WINDOWS\system32\Tasks\SmartByte Telemetry
2022-12-16 22:47 - 2021-04-02 16:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-12-16 22:18 - 2020-03-31 16:36 - 000000000 ____D C:\Users\Darrell\AppData\Local\D3DSCache
2022-12-16 20:51 - 2021-08-24 23:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-16 20:49 - 2021-04-25 13:54 - 000000000 ____D C:\Users\Darrell\AppData\Local\CrashDumps
2022-12-16 17:43 - 2021-02-09 16:30 - 000000000 ____D C:\Users\kempe
2022-12-16 17:43 - 2020-05-07 10:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-16 12:37 - 2021-03-07 12:54 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-16 02:04 - 2022-05-26 18:45 - 000015854 _____ C:\Users\Darrell\Desktop\MJK Omeprazole ordered AGAIN said sent to Doctor AGAIN222.odt
2022-12-15 12:08 - 2020-03-29 11:17 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-14 21:21 - 2021-02-09 16:30 - 000002391 _____ C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\OneDrive.lnk
2022-12-14 11:31 - 2021-04-02 16:47 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-12-14 00:45 - 2021-04-02 16:47 - 000000000 ____D C:\Users\Darrell\AppData\Local\AVAST Software
2022-12-14 00:14 - 2021-02-09 16:29 - 000495136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-14 00:13 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-13 16:08 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-13 16:05 - 2021-02-09 16:30 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-13 15:59 - 2022-04-03 17:19 - 000000000 ____D C:\Program Files\dotnet
2022-12-13 15:59 - 2020-02-11 21:31 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-13 15:56 - 2020-03-29 22:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-13 15:55 - 2020-03-29 22:59 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-13 12:27 - 2021-04-02 16:47 - 000003456 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2022-12-13 12:27 - 2021-04-02 16:47 - 000003332 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCo re
2022-12-12 11:51 - 2021-04-02 16:45 - 000852000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000695496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000555560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000391272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000318456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000267888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000229208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000080376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000031424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-12-12 11:51 - 2021-04-02 16:45 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-12-12 11:51 - 2019-12-07 01:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-11 02:04 - 2020-04-06 11:01 - 000000000 ____D C:\Users\Darrell\AppData\Roaming\Zoom
2022-12-09 21:26 - 2020-07-15 09:16 - 000023687 _____ C:\Users\Darrell\Desktop\Expenses.odt
2022-12-08 18:00 - 2022-09-06 14:26 - 000000000 ____D C:\Users\Darrell\Documents\Chateau
2022-12-04 19:56 - 2022-09-06 14:08 - 000000000 ____D C:\Users\Darrell\Documents\Political Cartoons
2022-11-30 22:46 - 2022-11-08 21:15 - 000000000 ____D C:\Users\Darrell\Documents\Health
2022-11-30 19:04 - 2020-12-14 14:48 - 000019095 _____ C:\Users\Darrell\Desktop\Tony.odt
2022-11-22 21:51 - 2022-09-07 18:36 - 000000000 ____D C:\Users\Darrell\Documents\Spam
2022-11-21 23:10 - 2022-11-08 14:52 - 000000000 ____D C:\Users\Darrell\Documents\Finance
2022-11-18 10:59 - 2020-02-11 21:32 - 000000000 ____D C:\ProgramData\Dell
2022-11-18 10:47 - 2020-08-21 22:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2022-07-28 19:37 - 2022-07-28 19:37 - 000055688 _____ () C:\Users\Darrell\cc_20220728_203707.reg
2022-08-29 16:22 - 2022-08-29 16:22 - 000006614 _____ () C:\Users\Darrell\cc_20220829_172202.reg
2022-10-25 17:39 - 2022-10-25 17:39 - 000012472 _____ () C:\Users\Darrell\cc_20221025_183937.reg
2022-11-12 19:42 - 2022-11-12 19:42 - 000005536 _____ () C:\Users\Darrell\cc_20221112_194205.reg
2022-12-16 20:47 - 2022-12-16 20:47 - 000005780 _____ () C:\Users\Darrell\cc_20221216_204755.reg
2020-04-06 17:52 - 2021-03-27 16:48 - 000000010 _____ () C:\Users\Darrell\AppData\Local\sponge.last.runtime .cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote
  #11  
Old December 17th, 2022, 07:04 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2022
Ran by Darrell (17-12-2022 09:53:52)
Running from C:\Users\Darrell\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2364 (X64) (2021-02-10 00:36:39)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3803857030-2765018022-3405165186-500 - Administrator - Disabled)
Darrell (S-1-5-21-3803857030-2765018022-3405165186-1003 - Administrator - Enabled) => C:\Users\Darrell
DefaultAccount (S-1-5-21-3803857030-2765018022-3405165186-503 - Limited - Disabled)
Guest (S-1-5-21-3803857030-2765018022-3405165186-501 - Limited - Disabled)
kempe (S-1-5-21-3803857030-2765018022-3405165186-1001 - Administrator - Enabled) => C:\Users\kempe
WDAGUtilityAccount (S-1-5-21-3803857030-2765018022-3405165186-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Enabled - Up to date) {AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 108.0.19614.99 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Camtasia 2018 (HKLM\...\{B709B962-53AA-446A-A733-95D1A6C5DE50}) (Version: 18.0.7.4045 - TechSmith Corporation) Hidden
Camtasia 2018 (HKLM-x32\...\{5fd4f6d8-26d6-43b6-9b95-116b69ee0a69}) (Version: 18.0.7.4045 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.07 - Piriform)
Dell Digital Delivery Services (HKLM-x32\...\{CF95CED4-3A1E-4486-B7FA-428C25D617ED}) (Version: 5.0.64.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{4674F112-9AB7-4701-AEC0-C1FD1FE7CD4E}) (Version: 2.0.8401 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{B5DCDCBD-BBB3-4A09-A496-E2FB05EC56CE}) (Version: 3.13.0.236 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{5B678BC6-D551-458B-893D-B442B21ECD21}) (Version: 5.5.4.16189 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{dc44ee3f-d6c1-444d-a660-b0f1ac90b51d}) (Version: 5.5.4.16189 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{BCAEB4A4-3805-4C05-A63F-98F7891EE533}) (Version: 5.5.5.16206 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{605c9341-3a21-429f-87f0-bfa9c26f885e}) (Version: 5.5.5.16206 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{F68DA8E2-38B6-47A7-AB62-BFE8B740F792}) (Version: 4.7.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{148D6ED8-24B8-443D-9C5B-5D6BF506671B}) (Version: 10.1.17903.8106 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{4625C928-49BB-44DC-92E3-B9EC0972C72D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{C6577DC3-0C37-48BF-817B-54941E2A9D5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{485C0285-31CE-41A4-A763-6DEBCD77C2E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{FEAA68D6-DA1D-4440-91B6-43906444FA49}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{F9790CBE-C3E6-4565-A1A2-17DD480ECF39}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) OEM Extension (HKLM\...\{FEB772C1-919E-4145-9691-AFFAC915496F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{6B487AA5-94E3-4B20-A1AF-2FA0CEA5BD13}) (Version: 17.5.9.1040 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{EEA36044-96B5-4E2A-AC59-3FC742EEDEF4}) (Version: 17.5.9.1040 - Intel Corporation)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.12 (x64) (HKLM\...\{E215AA9E-5DF2-44BC-9D6F-E1A1B0C348FB}) (Version: 48.51.51943 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.12 (x64) (HKLM\...\{0712F23C-FBAC-436C-9DDB-125F32D15033}) (Version: 48.51.51943 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.12 (x64) (HKLM\...\{1BF67DC1-8BB5-4AF5-BE20-3B53D9532D01}) (Version: 48.51.51943 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.12 (x64) (HKLM-x32\...\{35588924-6b2a-48cd-a3ee-b9118cad2d01}) (Version: 6.0.12.31918 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3803857030-2765018022-3405165186-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{F0C8928A-BF8F-4AAF-B8BF-9CE865DBC711}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{847625FA-89A7-4EE0-8494-68A49BF977D6}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.12.1 - Mozilla)
Mozilla Thunderbird 68.12.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 68.12.1 (x86 en-US)) (Version: 68.12.1 - Mozilla)
OpenOffice 4.1.7 (HKLM-x32\...\{A09D951F-4BA3-4383-97B3-D1B91835E779}) (Version: 4.17.9800 - Apache Software Foundation)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8791.1 - Realtek Semiconductor Corp.)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
TurboTax 2020 (HKLM-x32\...\TurboTax 2020) (Version: 2020.0 - Intuit, Inc)
TurboTax 2020 WinPerReleaseMsi (HKLM-x32\...\{52E6AD69-FBE7-42C0-9F5B-CD282EB7FD76}) (Version: 020.000.1918 - Intuit Inc.) Hidden
TurboTax 2021 (HKLM-x32\...\{19F2745D-A94D-40AB-A983-E9D0A57B1E50}) (Version: 021.000.0538 - Intuit Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\...\ZoomUMX) (Version: 5.11.1 (6602) - Zoom Video Communications, Inc.)

Packages:
=========
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0 _x64__htrsf667h5kn2 [2021-07-11] (Dell Inc)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4. 1.0_x64__htrsf667h5kn2 [2022-11-19] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0. 64.0_x64__htrsf667h5kn2 [2022-12-04] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-09-19] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_ 3.13.5.0_x64__htrsf667h5kn2 [2022-12-07] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.7.31.0_x86_ _htrsf667h5kn2 [2022-11-03] (Dell Inc)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.4232.0_x64__8j3eq9eme6ctt [2022-12-15] (INTEL CORP) [Startup Task]
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsfor Dell_2.6.4028.0_x86__mcezb6ze687jp [2020-02-11] (CYBERLINK CORPORATION.)
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_3 .1.9160.0_x86__8wekyb3d8bbwe [2020-09-28] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1. 0.50901.0_x64__8wekyb3d8bbwe [2022-05-04] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.0.30.0_x64__htr sf667h5kn2 [2022-04-16] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_ 1.0.0.0_x64__8wekyb3d8bbwe [2020-06-27] (Microsoft Corporation)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.39 20.0_x86__mcezb6ze687jp [2020-02-11] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15 .0.4409.0_x64__mcezb6ze687jp [2020-03-29] (CYBERLINK CORPORATION.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0 _x64__8wekyb3d8bbwe [2021-07-11] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforD ell_1.1.131.0_x64__fh4rh281wavaa [2020-02-11] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => -> No File
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.d ll [2019-12-10] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.d ll [2019-12-10] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-12] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\ABC.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=pngfgnbnonglhnipcnclchidpoheboid
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\Avalara.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cgnaiieijpkbhcbepkfeheoiddcbklmg
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\BofA.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=apjlbmijklipillfnjjlbfkmadkjkobg
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\DRUDGE REPORT 2020®.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nmglnmgnjhbnbbcobgpofjfimomgdpjj
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\Edward Jones.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jfkldahdllnibegjeedngpeeofplldca
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\Fox News.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fedifiifgkbakcajifkllgiaokgdhjii
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\Omaha World-Herald.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ggdgjliiagjohahoadgfobmjaffplmae
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\Seattle Times.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hkccgbkjcaanbnpfkhanpicfgaljjmlh
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\The Weather Channel.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=bdckffepdejfpihncjhnpfbfglmcgghg
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\USAA.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ajlepbcjmdlnkjpabnhilkiabkkdaefi
ShortcutWithArgument: C:\Users\Darrell\Desktop\Shortcuts\Yahoo Finance.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jhjiaodkgjbcibdhknclmdhkifeimecm
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\ABC.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=pngfgnbnonglhnipcnclchidpoheboid
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\Bistro Menu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kdcehclnojflnhjfnhgjbafoppjcpkaa
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\BofA.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=apjlbmijklipillfnjjlbfkmadkjkobg
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\CNN.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jfenjomehfjkcbdmnnklglfnjglbmajg
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\DRUDGE REPORT 2020®.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nmglnmgnjhbnbbcobgpofjfimomgdpjj
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\Edward Jones.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jfkldahdllnibegjeedngpeeofplldca
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\email.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cjbkfnkbnokbjcibcpedpmjpgolfecna
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\Fox News.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fedifiifgkbakcajifkllgiaokgdhjii
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\MaxorPlus.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jjjdaiphoamkomhbhbndbjoihjjgmdan
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\MSNBC.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eaofdgieipflamaebpmogdmdkinnfapd
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\Omaha World-Herald.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ggdgjliiagjohahoadgfobmjaffplmae
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\Seattle Times.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hkccgbkjcaanbnpfkhanpicfgaljjmlh
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\The Weather Channel.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=bdckffepdejfpihncjhnpfbfglmcgghg
ShortcutWithArgument: C:\Users\Darrell\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps\USAA.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ajlepbcjmdlnkjpabnhilkiabkkdaefi

==================== Loaded Modules (Whitelisted) =============

2022-12-15 03:47 - 2022-12-15 03:48 - 041845248 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1. 100.4232.0_x64__8j3eq9eme6ctt\IGCC.dll
2018-03-08 06:18 - 2018-03-08 06:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections .dll
2020-11-11 19:57 - 2020-11-11 19:57 - 000537088 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate .dll
2022-11-07 12:53 - 2022-11-07 12:53 - 001548800 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\SQLite.Interop.dll
2018-02-06 16:25 - 2018-02-06 16:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dl l
2018-03-23 11:10 - 2018-03-23 11:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.Ea gerFetching.dll
2021-02-17 03:19 - 2021-02-17 03:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 04:45 - 2021-12-17 04:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 07:55 - 2016-12-18 07:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.d ll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-3803857030-2765018022-3405165186-1003 -> DefaultScope {8462FE5B-5585-400E-B337-9F25A97D5841} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-18 20:49 - 2019-03-18 20:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3803857030-2765018022-3405165186-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3803857030-2765018022-3405165186-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_ECD4B92814E2592AB1B5E4FFE 37D02EA"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{17ED4714-6B84-460A-A34F-A30835683A2D}] => (Allow) C:\Users\Darrell\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3D8706FE-E14C-4383-B218-4259E67D7DBC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{779E96E7-0F03-4847-8966-96398F626225}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{730603E5-4427-4AE3-B1A4-812B301309AC}] => (Allow) LPort=8319
FirewallRules: [TCP Query User{D3F97472-FCAE-4FB8-9B7E-5993AD36E78B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{93784C56-ABA7-48BC-B623-0C39F660E037}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3AA62911-5A67-4F85-A4C7-DAC5F26FF5EE}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AE451C30-7BB3-4806-B917-B7D5EEDA4B11}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A542C747-70F3-41BF-9BF5-3E5391EF2E16}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMo bileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{97C4FED8-6E4F-47F5-B451-6CCF867BA34A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobi leConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMo bileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{E8F69D99-F54A-4404-AF49-90631A65B07D}] => (Allow) C:\Program Files (x86)\TurboTax\Individual 2021\32bit\CefSharp.BrowserSubprocess.exe (INTUIT INC. -> The CefSharp Authors)
FirewallRules: [{D45EF269-A8F1-4510-9D98-0FFD311ED585}] => (Allow) C:\Users\Darrell\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5DF11231-21D3-4A6E-8120-43B066C8F0B4}] => (Allow) C:\Users\Darrell\AppData\Roaming\Zoom\bin\airhost. exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{EB71502E-2B03-454E-BD85-6DE1DC018732}] => (Allow) C:\Users\Darrell\AppData\Roaming\Zoom\bin\airhost. exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5D17F9C3-E4BD-4C5D-A554-0FE70E38414F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{43D6D63A-203A-47D8-86EB-C7CC1687F51B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{2351AD2E-0818-44DE-941A-FC9CFE91CACC}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{D350F9E4-6A29-4685-8152-1B74DBE360AA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{F5A3DD27-656E-4EC1-BEBD-C4460326E9A6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{A6225D9A-4BF7-410A-8C75-5C28DB72303F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{8C44116D-A836-4CB5-B97C-24345EE66455}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_ x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDC5E396-4EA8-43E8-B0C4-75AF64A18A6C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_ x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B20158D3-E36C-43B0-A2F5-6DD9A80CC9C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_ x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3CE33F57-561F-4140-8DE1-6EFDCB2D8BEF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_ x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{19B0EDD6-71C3-453C-955B-91290C1AC30D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462 .46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F584E0EF-A675-4E94-A5EC-47DD0DCD99F4}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7FD2192B-CF33-4DD0-ADE7-5AF203BE9026}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================
Reply With Quote
  #12  
Old December 17th, 2022, 07:04 PM
Shirley Jester Shirley Jester is offline
CTH Subscriber
  
Join Date: Jun 2010
O/S: Windows 10 Pro
Location: Seattle
Posts: 100
Application errors:
==================
Error: (12/17/2022 02:36:11 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (12/17/2022 02:36:11 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/17/2022 02:36:11 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (12/17/2022 02:36:11 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (12/17/2022 12:53:33 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {92f599bd-8298-458f-b6fe-633a6c340b69}

Error: (12/17/2022 12:52:12 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {92f599bd-8298-458f-b6fe-633a6c340b69}

Error: (12/16/2022 06:51:29 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {92f599bd-8298-458f-b6fe-633a6c340b69}

Error: (12/16/2022 06:50:18 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {92f599bd-8298-458f-b6fe-633a6c340b69}


System errors:
=============
Error: (12/17/2022 04:18:34 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/17/2022 04:18:11 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-6T2GKA4)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/17/2022 03:05:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/17/2022 02:37:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/17/2022 02:35:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/17/2022 02:35:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:32:44 AM on ‎12/‎17/‎2022 was unexpected.

Error: (12/17/2022 02:35:12 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (12/17/2022 02:32:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.


Windows Defender:
================Event[0]:

Date: 2021-04-02 17:38:38
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.313.431.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16900.4
Error code: 0x80070643
Error description: Fatal error during installation.

Date: 2021-04-02 17:38:36
Description:
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18000.5
Previous Engine Version: 1.1.16900.4
Error Code: 0x8050800c
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

CodeIntegrity:
===============
Date: 2022-12-17 09:51:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume6\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-12-17 03:06:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 2.17.1 12/16/2020
Motherboard: Dell Inc. 0R6JMP
Processor: Intel(R) Core(TM) i5-9400 CPU @ 2.90GHz
Percentage of memory in use: 38%
Total physical RAM: 12103.97 MB
Available physical RAM: 7457.36 MB
Total Virtual: 13959.97 MB
Available Virtual: 8343.95 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:102.83 GB) (Free:20.47 GB) (Model: PM991 NVMe Samsung 128GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:930.09 GB) (Model: ST1000DM010-2EP102) NTFS

\\?\Volume{46b9d0ed-46e1-40d3-a9d4-628700ebb703}\ (WINRETOOLS) (Fixed) (Total:0.93 GB) (Free:0.46 GB) NTFS
\\?\Volume{57f6e043-8694-487f-808f-27adc0d0e4a6}\ (Image) (Fixed) (Total:13.79 GB) (Free:0.14 GB) NTFS
\\?\Volume{621e87ba-772b-4c4d-8cb8-7e36738ddff1}\ (DELLSUPPORT) (Fixed) (Total:1.42 GB) (Free:0.59 GB) NTFS
\\?\Volume{001ca3d5-055f-4c19-bc34-491aee7a54d1}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 931.5 GB) (Disk ID: F122CD4E)

Partition: GPT.

================================================== ========
Disk: 1 (Size: 119.2 GB) (Disk ID: F122CD13)

Partition: GPT.

==================== End of Addition.txt =======================
Reply With Quote
Reply

Bookmarks

« Previous Topic | Next Topic »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 07:48 AM.