من اخیراً هنگام مرور (pshscanning.xyz) یک پاپ آپ داشتم. در آن مک آفی خوانده شده بود اما نام تجاری مربوط به نورتون بود که به وضوح برخی از موارد ناموزون در جریان بود. من بلافاصله آن را بستم اما با این کار رایانه من خراب شد و بسیار کند شده است ، و اغلب طرفداران بلند خراب می شوند و من متوجه شده ام که برخی از حساب های من (ایمیل و غیره) به طور تصادفی از سیستم خارج می شوند.
گزارش های FRST من در زیر است. من یک گزینه "یک ماه" در لیست سفید دارم ، مطمئن نبودم که این مورد را بررسی کنم یا نه بنابراین علامت آن را برداشته ام.
من همچنین متوجه چیز عجیبی از گزارش شدم. من قبلا قبل از اینکه به بیت دیفندر تغییر کنم مک آفی داشتم. فکر کردم آن را حذف نصب کرده ام اما هنوز در این اسکن ظاهر می شود ؟! در بخش "برنامه ها و برنامه ها" اثری از آن دیده نمی شود و من از ابزار حذف محصولات مصرفی McAfee استفاده کرده ام اما هنوز هم نمی توانم از شر آن خلاص شوم!
هر کمکی به طور گسترده مورد استقبال قرار می گیرد.
پیشاپیش متشکرم .
نتیجه اسکن Farbar Recovery Scan Tool (FRST) (x64) نسخه: 14-12-2020
توسط wangl (مدیر) در DESKTOP-DNIM3TM (LENOVO 81Q9) اجرا شد (28-12-2020 13:10) : 10)
در حال اجرا از C: Users wangl Downloads
بارگذاری شده پروفایل: wangl
بستر های نرم افزاری: Windows 10 Home Version 2004 19041.685 (X64) زبان: انگلیسی (ایالات متحده)
مرورگر پیش فرض: Edge
حالت بوت: عادی
==================== فرایندها (در لیست سفید) ============== =====
(اگر مدخلی در لیست اصلاحات موجود باشد ، روند بسته خواهد شد. پرونده منتقل نخواهد شد.)
(Adobe Inc. -> Adobe Inc. ) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitd efender Agent DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Agent ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Bitdewender Security bdnt .exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Bitdefender Security bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Bitdefender Security updatesrv.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Bitdefender VPN bdvpnapp.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Bitdefender VPN BdvVVN BddVV BddVV BddVV BddVV BddVV V BN exe
(Dolby Laboratories، Inc. ->) C: Windows System32 dolbyaposvc DAX3API.exe <2>
(Google LLC -> Google LLC) C: Program Files (x86) Google بروزرسانی 1.3.36.52 GoogleCrashHandler.exe
(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.36.52 GoogleCrashHandler64.exe
(Intel Corporat ion -> Intel Corporation) C: Windows System32 DriverStore FileRepository dptf_cpu.inf_amd64_9196e89091d8bdbb esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C: Windows System System32 FileRepository dal.inf_amd64_ffc75848a6342fdf jhi_service.exe
(Intel® pGFX -> Intel Intel Corporation) C: Windows System32 DriverStore FileRepository cui_dch.inf_amd64_e7523682cc7575cc7075cc7075cc7075cc7075cc> cx7528cc Intellectual_Cab> IntelXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXC ) C: Windows System32 DriverStore FileRepository cui_dch.inf_amd64_e7523682cc7528cc igfxEMN.exe
(Intel® pGFX -> Intel Intel Corporation) C: Windows System32 DriverStore FileRepository iigda02.22e02_02_02_02_02_02_02_02_02_01_01_02_01_01 19659007] (Intel® Wireless Connectivity Solutions -> Intel Corporation) C: Windows System32 DriverStore FileRepository piecomponent.inf_amd64_16c0b30f7916739a Intel_PIE_Service.exe
(Lenovo -> Lenovo Group Ltd.) C: Windows Ltd. ImController Service Lenovo.Modern.ImCo ntroller.exe
(Lenovo -> Lenovo Group Ltd.) C: Windows System32 Drivers Lenovo udc Service UDClientService.exe
(Lenovo -> Lenovo Group Ltd.) C: Windows System32 Drivers Lenovo udc Service UDCUserAgent.exe
(Lenovo -> Lenovo Group Ltd.) C: Windows System32 YMC.exe
(Lenovo -> Lenovo (پکن) Limited) C: Windows System32 AutoModeDetect.exe
(Lenovo -> Lenovo (پکن) محدود) C: Windows System32 LNBITSSvc.exe
(LENOVO INC) C: Program Files WindowsApps E0469640.LenovoUtility_3. 1.19.0_x64__5grkq8ppsgwt4 VFS ProgramFilesX64 Lenovo LenovoUtility utility.exe
(شرکت مایکروسافت -> شرکت مایکروسافت) C: Program Files Common Files microsoft shared ClickToRun OfficeClickToRun.exe [19659Corporation-19659] > Microsoft Corporation) C: Program Files Microsoft Office root Office16 lync.exe
(Microsoft Corporation -> Microsoft Corporation) C: Users wangl AppData Local Microsoft OneDrive OneDrive.exe [19659007] (مایکروسافت وای ndows -> Microsoft Corporation) C: Windows System32 dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 InputMethod CHS ChsIME.exe
(Microsoft Windows -> Microsoft شرکت) C: Windows System32 smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 wlanext.exe
(ناشر سازگاری سخت افزار Microsoft Windows -> Fortemedia) C: Windows System32 FMService64.exe
(ناشر مایکروسافت ویندوز -> شرکت مایکروسافت) C: ProgramData Microsoft Windows Defender Platform 4.18.2011.6-0 MsMpEng.exe
(OpenVPN Inc. ->) C : Program Files OpenVPN bin openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C: Program Files OpenVPN bin openvpnserv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C: Windows System32 RtkAudUService64.exe <2>
(فناوری هوشمند صدا -> اینتل) C: Windows System32 cAVS IAS IntelAudioService.exe
(TBT_DCH_DRV_PRO ntel Corporation) C: Windows ThunderboltService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Service.exe
(Texas Instruments Inc. -> Texas Instruments) ) C: Windows System32 TISmartAmpService.exe <2>
(شرکت فناوری Wacom -> Wacom Technology ، شرکت)
===================== رجیستری (در لیست سفید) ===================== [19659007]
(اگر ورودی در لیست اصلاحات موجود باشد ، مورد رجیستری به حالت پیش فرض بازیابی می شود یا حذف می شود. پرونده منتقل نخواهد شد.)
HKLM … Run: [RtkAudUService] => C: WINDOWS System32 RtkAudUService64.exe [1082592 2020-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM … Run: [BdVpnApp] => C: Program Files Bitdefender Bitdefender VPN BdVpnApp.exe [224376 2020-12-07] (Bitdefender SRL -> Bitdefender)
HKU S-1-5 -21-2401386706-1030334005-2979581481-1001 … Run: [Lync] => C: Program Files Microsoft Office root Office16 lync.exe [26327872 2020-12-23] (Microsoft Corporation -> Microsoft Corporation) [19659007] HKU S-1-5-21-2401386706-1030334005-2979581481-1001 … Run: [com.squirrel.Teams.Teams] => C: Users wangl AppData Local Microsoft Teams Update.exe [2350776 2020-06-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU S-1-5-21-2401386706-1030334005-2979581481-1001 … Run: [OPENVPN-GUI] => C: Program Files OpenVPN bin openvpn-gui.exe [669112 2020-04-16] (OpenVPN Inc. ->)
HKLM … Windows x64 Print Processors Canon MG3500 series پردازنده چاپ: C: Windows Syste m32 spool prtprocs x64 CNMPDBV.DLL [30208 2013-04-04] (ناشر سازگاری سخت افزار Microsoft Windows -> CANON INC.)
HKLM … Print Monitor Canon BJ Language Monitor MG3500 series: C: WINDOWS system32 CNMLMBV.DLL [391168 2013-04-04] (ناشر سازگاری سخت افزار مایکروسافت ویندوز -> CANON INC.)
HKLM Software Microsoft Active Setup اجزای نصب شده: [OpenVPN_UserSetup] -> reg add HKCU Software Microsoft Windows CurrentVersion Run / v OPENVPN-GUI / t REG_SZ / d "C: Program Files OpenVPN bin openvpn-gui.exe" / f
HKLM Software Microsoft Active Setup اجزای نصب شده: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C: Program Files (x86) Google Chrome Application 87.0.4280.88 Installer chrmstp.exe [2020-12-07] (Google LLC -> Google LLC)
====== =============================================
(اگر ورودی در لیست اصلاحات موجود باشد ، از رجیستری حذف شد. پرونده منتقل نمی شود مگر اینکه جداگانه ذکر شود.)
وظیفه: {122B0DA2-63BA-4ECC-8294-3F4E2B244B79} – System32 Tasks Lenovo ImController Lenovo iM Controller Monitor => C: WINDOWS system32 ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
وظیفه: {1DF8AA5E-A6AD-4E50-BD18-921FCD02E04D} – System32 Tasks Microsoft Windows Windows Defender Windows Defender Verification => C: ProgramData Microsoft Windows Defender platform 4.18.2011.6-0 MpCmdRun.exe [545704 2020-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
وظیفه: {1DFF1E2B-4730-48D9-AD81-5B2C1A9974B9 } – System32 Tasks Lenovo ImController Lenovo iM Controller Scheduled Maintenance => "٪ windir٪ system32 sc.exe" START ImControllerService
وظیفه: {226383EE-7B63-4CE6-ACE4-E80455A7850C} – System32 Tasks Lenovo ImController TimeBasedEvents 1b7b1e2d-97a6-48bd-ba3f-b7d450037c64 => C: WINDOWS Lenovo ImController Service Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Gr oup Ltd.)
وظیفه: {308E2714-EE1C-490C-8D6C-391AD668F042} – System32 Tasks Lenovo BatteryGauge BatteryGaugeMaintenance => C: ProgramData Lenovo ImController Plugins LenovoBatage x64 LenovoBatge x64 [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
وظیفه: {36EA6C6E-EBAC-4B04-A2F8-0C33D074C7EA} – System32 Tasks Mozilla Firefox Default Browser Agent 308046B0AF4A39CB Fox => C: Cilla: Moz default-browser-agent.exe [693456 2020-12-23] (شرکت موزیلا -> بنیاد موزیلا)
وظیفه: {3DA3E345-6AFA-42EB-B1A6-F73A08BEF2EE} – System32 Tasks Adobe Acrobat Update Task => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
وظیفه: {4646C41D-3C0D-4C27-823C-0C8778042D50} – System32 Tasks Lenovo ImController Plugins LenovoSystemUpdatePlugin_WeeklyTask =>٪ windir٪ System32 reg.exe add hklm SOFTWARE Lenovo SystemUpdatePlugin scheduler / v start / t reg_dword / d 1 / f / reg7: 32 [1965] Task: 32] 19 [1965] 47924673-F0FA-4978-A5E3-1801 88837B7D} – آدرس system32 وظایف بیت دیفندر AgentTask_AD394AE64E874073B10A89FEEC305A3C => C: برنامه فایلها بیت دیفندر بیت دیفندر امنیت bdagent.exe [955872 2020-11-13] (بیت دیفندر SRL -> بیت دیفندر)
وظیفه: {4C59AC52-E099-4B4A-BB6F-60A73EC64DF3 } – System32 Tasks Lenovo ImController TimeBasedEvents 605ad5fb-8313-43ef-ba30-49342af9b41c => C: WINDOWS Lenovo ImController Service Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group) Ltd.)
وظیفه: {51AE8A5B-C2B2-47D5-A740-F3C11430ECF7} – System32 Tasks Microsoft Office Office ویژگی های ورود به سیستم ورود به سیستم => C: Program Files Microsoft Office root Office16 sdxhelper.exe [143720 2020-12-23] (شرکت مایکروسافت -> شرکت مایکروسافت)
وظیفه: {57934D06-0C96-4909-9B01-457B774939C4} – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpd exe [155432 2019-10-21] (Google Inc -> Google LLC)
وظیفه: {6295C516-6895-4AC5-B241-BEF3EBEBF1C5} – System32 Tasks Lenovo ImController TimeBasedEvents 0550d039-c fca-4289-ab95-215bb67c3a50 => C: WINDOWS Lenovo ImController Service Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
وظیفه: {722C4DBF-E108-4E43 -88CF-1B5E075DD5AB} – System32 Tasks Microsoft Windows Windows Defender Windows Defender Cleanup => C: ProgramData Microsoft Windows Defender platform 4.18.2011.6-0 MpCmdRun.exe [545704 2020-12-25] (ناشر Microsoft Windows -> Microsoft Corporation)
وظیفه: {8DF7945E-F611-4CE5-B5DA-287909436A34} – System32 Tasks Microsoft Windows Windows Defender Windows Defender Cache Maintenance => C: ProgramData Microsoft Windows Defender platform 4.18.2011.6-0 MpCmdRun.exe [545704 2020-12-25] (ناشر Microsoft Windows -> Microsoft Corporation)
وظیفه: {96D783E8-C840-4502-A5A6-C1EBA5403058} – System32 Tasks LenovoUtility Startup => C: Windows explorer.exe lenovo-utility: //
وظیفه: {9F5B578C-9318-41C9-9F25-B3333E31510A} – System32 Tasks Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => بیت: برنامه F Files efender Agent WatchDog.exe [895080 2020-10-28] (Bitdefender SRL -> Bitdefender)
وظیفه: {ABEADF44-39F9-46AE-B300-8780B085A614} – System32 Tasks Microsoft Office Office Automatic Updates 2.0 => C: File Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
وظیفه: {B68AE374-9BE2-4DBE-9518-64115EA9F4F8} – System32 Tasks Lenovo ImCont TimeBasedEvents f9ffaffa-4b36-4812-af3d-4d80349d0ad2 => C: WINDOWS Lenovo ImController Service Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {CA -00D7-4766-82C2-1B5691B0FF24} – System32 Tasks Lenovo UDC Lenovo UDC Monitor => C: WINDOWS system32 Drivers lenovo udc data InfBackup UdcInfInstaller.exe [172880 2020-10-21] (Lenovo -> Lenovo Group Ltd.)
وظیفه: {CB778667-9E1A-4B6C-A39D-D743D0EF557D} – System32 Tasks Microsoft Office Office Feature Updates => C: Program Files Microsoft Office root Office16 sdxhelper. exe [143720 2020-12-23] (میکرو oft Corporation -> Microsoft Corporation)
وظیفه: {E29C1741-53E2-4277-8024-EAC327E3EC29} – System32 Tasks Microsoft Windows Windows Defender Windows Defender Scheduled Scan => C: ProgramData Microsoft Windows Defender platform 4.18.2011.6-0 MpCmdRun.exe [545704 2020-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
وظیفه: {EB63D775-FFBB-4898-A111-A1E8A6729AD0} – System32 Tasks GoogleUpdateTaskMachineCore:> Program Files (x86) Google Update GoogleUpdate.exe [155432 2019-10-21] (Google Inc -> Google LLC)
وظیفه: {EC7C6E9C-1DEA-40EE-94B8-3F089984AFD8} – System32 Tasks Lenovo SensorReset = > C: ProgramData Lenovo SensorReset RestartSensorSvc.bat [49 2019-07-10] () [File not signed] <==== ATTENTION
وظیفه: {ECBCCC77-D1E1-4BA9-AB46-4FFF2F5B0A7C} – System32 Tasks Office Office ClickToRun Monitor Service => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
وظیفه: {F24E4156-A8 A0-414E-9606-386B8E1C71FD} – System32 Tasks Lenovo Vantage Lenovo.Vantage.ServiceMaintainance =>٪ systemroot٪ system32 sc.exe شروع LenovoVantageService
(اگر مطلبی در لیست اصلاحات موجود باشد ، فایل task (.job) منتقل خواهد شد. پرونده ای که توسط این وظیفه در حال اجرا است ، منتقل نخواهد شد.)
========================================================== ============================================= (19659007) (اگر موردی در لیست اصلاحات موجود باشد ، اگر یک مورد رجیستری باشد ، حذف می شود یا به طور پیش فرض بازیابی می شود.) [19659007]
Tcpip Parameters: [DhcpNameServer] 192.168.0.1
Tcpip .. Interfaces {9d09e555-7f4c-4daa-a609-8782e5818a09}: [DhcpNameServer] 192.658007.1 Interfaces {fb580388-f239-45a9-bc63-d57e42d0d064}: [DhcpNameServer] 8.8.8.8
Tcpip .. Interfaces {fe1a6002-dcde-459b-8455-860ded8d77313] [DhcpNameServer]: [DhcpNameServer] 19659007]
Edge:
======
Edge DefaultProfile: Default
Profile Edge: C: Users wangl AppData Local Microsoft Edge User Data Default [2020-12-28]
Edge Extension: (Honey) – C: Users wangl AppData Local Microsoft Edge User Data Default Extensions amnbcmdbanbkjhnfoeceemmmdiepnbpp [2020-11-16]
Edge Extension: (McAfee C WebAd) :کاربر s wangl AppData Local Microsoft Edge User Data Default Extensions fdhgeoginicibhagdmblfikbgbkahibd [2020-12-17]
Edge Extension: (Malwarebytes Browser Guard) – C: Users wangl AppData Local Microsoft Edge کاربر داده ها پیش فرض ضمیمهها ihcjicgdanjaechkgeegckofjjedodee [2020-12-24]
لبه فرمت: (از AdBlock – بهترین مسدود کننده آگهی) – C: کاربران wangl APPDATA محلی مایکروسافت لبه کاربر داده ها پیش فرض ضمیمهها ndcileolkflehcjpmjnfbnaibdcgglog [2020-12-17]
Edge HKLM-x32 … Edge Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: aya84c8z.default [19659007] FF ProfilePath: C: Users wangl AppData Roaming Mozilla Firefox Profiles aya84c8z.default [2020-12-20]
FF ProfilePath: C: Users wangl AppData Roaming Mozilla Firefox Profiles 32qdk7s0.default-release [2020-12-28]
FF Session Restore: Mozilla Firefox Profiles 32qdk7s0.default-release -> فعال است.
FF Extension: (AdBlocker Ultimate) – C: Users wangl AppData رومینگ Mo zilla Firefox Profiles 32qdk7s0.default-release Extensions [email protected] [2020-12-20]
FF Extension: (ضد ردیاب Bitdefender) – C: Users wangl AppData Roaming Mozilla Firefox Profiles 32qdk7s0.default-release Extensions [email protected] [2020-12-21] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM … Firefox Extensions: [[email protected]] – C: Program Files Bitdefender Bitdefender Security bdwteff.xpi
FF Extension: (Bitdefender Wallet) – C: Program Files Bitdefender Bitdefender Security bdwteff.xpi [2020-07-16] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM … Firefox برنامه های افزودنی: [[email protected]] – C: Program Files Bitdefender Bitdefender Security bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) – C: Program Files Bitdefender Bitdefender Security bdtbef.xpi [2020-09-17] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM … Thunderbird Extensions: [[email protected]] – C: Program Files Bitdefender Bitdefender Security bdtbext
FF Extension: (Bitdefender Antispam Toolbar) – C: Program Files Bitdefender B itdefender Security bdtbext [2020-12-08] [Legacy] [not signed]
FF HKLM-x32 … Firefox Extensions: [[email protected]] – C: Program Files Bitdefender Bitdefender Security bdwteff.xpi
FF HKLM-x32 … Firefox Extensions: [[email protected]] – C: Program Files Bitdefender Bitdefender Security bdtbef.xpi
FF HKLM-x32 … Thunderbird Extensions: [[email protected]] – C: Program Files Bitdefender Bitdefender Security bdtbext
FF Plugin: @ microsoft.com / SharePoint، version = 14.0 -> C: Program Files Microsoft Office root Office16 NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF plugin: @ videolan.org / vlc، version = 3.0.10 -> C: Program Files VideoLAN VLC npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @ microsoft.com / Lync، version = 15.0 -> C: Program Files Microsoft Office root VFS ProgramFilesX86 Mozilla Firefox plugins npmeetingjoinpluginoc.dll [2020-09-14] (شرکت مایکروسافت – > Microsoft Corporation)
FF Plugin-x32: @ microsoft.com /SharePoint،version=14.0 -> C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 NPSPWRAP.DLL [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ videolan.org / vlc، version = 3.0.8 -> C: Program Files (x86) VideoLAN VLC npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader – > C: Program Files (x86) Adobe Acrobat Reader DC Reader AIR nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C: Program Files mozilla firefox defaults pref bd_js_config.js [2020-12-20] <==== توجه (به فایل * .cfg اشاره می کند)
FF ExtraCheck: C: Program Files mozilla firefox bd_config.cfg [2020-12-20] <== == ATTENTION
Chrome:
=======
CHR Profile: C: Users wangl AppData Local Google Chrome User Data Default [2020-12-28] [19659007] CHR StartupUrls: پیش فرض -> "hxxps: //www.bing.com/؟ PC = ER07"
CHR DefaultSearchURL: پیش فرض -> hxxps: //uk.search.yahoo.com/searc h؟ fr = mcafee & type = E210GB0G0 & p = {searchTerms}
CHR DefaultSearch کلید واژه: پیش فرض -> mcafee
CHR DefaultSuggestURL: Default -> hxxps: //uk.search.yahoo.com/sugg/gossip-gossip-gossip-gossip-gossip-gossip-gossip-gossip-gossip/ partner؟ output = fxjson & appid = mca & source = yahoo_mcafee_searchassist & command = {searchTerms}
الحاق CHR: (اسلایدها) – C: Users wangl AppData Local Google Chrome User Data Default Extensions aapocclcgogmggm [45] 19659007] پسوند CHR: (اسناد) – C: Users wangl AppData Local Google Chrome User Data User Default Extensions aohghmighlieiainnegkcijnfilokake [2019-10-21]
CHR Extension: (Google Drive) – C: Users wangl AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) – C: Users wangl AppData Local Google Chrome User Data پیش فرض برنامه های افزودنی blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-21]
پسوند CHR: (عزیزم) – C: کاربران wangl AppData محلی Google Chrome داده های کاربر پیش فرض برنامه های افزودنی bmnlcjabg npnenekpadlanbbkooimhnj [2020-11-27]
افزونه CHR: (Adobe Acrobat) – C: Users wangl AppData Local Google Chrome User Data Default Extensions efaidnbmnnnibpcajpcglfffmmaj [194590] CH 196590] 196590) – C: Users wangl AppData Local Google Chrome User Data Default Extensions felcaaldnbdncclmgdcncolpebgiejap [2019-10-21]
CHR Extension: (Bitdefender Wallet) – C: Users wangl AppData Local Google Chrome User Data Default Extensions gannpgaobkkhmpomoijebaigcapoeebl [2020-12-20]
CHR Extension: (Google Docs Offline) – C: Users wangl AppData Local Google Chrome User Data Default Extensions ghbmnnnnoglnnolno [2020-12-02]
افزونه CHR: (AdBlock – بهترین مسدودكننده تبلیغات) – C: Users wangl AppData Local Google Chrome User Data Default Extensions gighmmpiobklfepjocnamgkkbiglidom [2020-12-20]
CHR Extensions: Browser Guard) – C: Users wangl AppData Local Google Chrome User Data Default Extensions ihcjicgdanjaechkgeegckofjjedodee [2020-12-20]
افزونه CHR: (ضد ردیاب Bitdefender) – C: Users wangl AppData Local Google Chrome User User User Default Extensions khndhdhbebhaddchcgnalcjlaekbbeof [2020-12-20]
CHR Extension (CHR Extension) پرداخت های فروشگاه وب) – C: Users wangl AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2019-10-21]
CHR Extension: (Gmail) – C: Users wangl AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) – C: Users wangl AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-20]
CHR HKLM-x32 … Chrome Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32 … Chrome Extension: [803576 2020-10-02] CH 1965900L] 19659007] CH 1965900L … Chrome Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32 … Chrome Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
============== ======= خدمات (در لیست سفید) ====================
(در صورت ورود y در لیست اصلاحات موجود است ، از رجیستری حذف می شود. پرونده منتقل نخواهد شد مگر اینکه جداگانه ذکر شود.)
R2 AdobeARMservice؛ C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AfVpnService؛ C: Program Files Bitdefender Bitdefender VPN hydra.sdk.windows.service.exe [197624 2020-11-02] (Pango Inc. -> AnchorFree Inc.)
R2 BDAuxSrv؛ C: Program Files Bitdefender Bitdefender Security bdservicehost.exe [803576 2020-10-02] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv؛ C: Program Files Bitdefender Bitdefender Security bdservicehost.exe [803576 2020-10-02] (Bitdefender SRL -> Bitdefender)
S2 bdredline؛ C: Program Files Common Files Bitdefender SetupInformation Bitdefender RedLine bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService؛ C: Program Files Bitdefender Bitdefender VPN bdvpnservice.exe [250392 2020-12-07] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc؛ C: Program Files Common Files Microsoft Shared ClickToRun OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI؛ C: WINDOWS system32 dolbyaposvc DAX3API.exe [1646536 2019-06-16] (Dolby Laboratories، Inc. ->)
R2 FMAPOService؛ C: WINDOWS System32 FMService64.exe [360320 2019-09-05] (ناشر سازگاری سخت افزار مایکروسافت ویندوز -> Fortemedia)
R2 ImControllerService؛ C: WINDOWS Lenovo ImController Service Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC؛ C: WINDOWS System32 LNBITSSvc.exe [1808728 2020-05-27] (Lenovo -> Lenovo (پکن) Limited)
S3 OpenVPNService؛ C: Program Files OpenVPN bin openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies، Inc. ->)
R2 OpenVPNServiceInteractive؛ C: Program Files OpenVPN bin openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy؛ C: Program Files OpenVPN bin openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
R2 ProductAgentService؛ C: Program Files Bitdefender Agent ProductAgentService.exe [1355768 2020-10-28] (Bitdefender SRL -> Bitdefender)
R2 TeamViewer؛ C: Program Files (x86) TeamViewer TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TISmartAmpService؛ C: WINDOWS System32 TISmartAmpService.exe [560312 2019-06-24] (Texas Instruments Inc. -> Texas Instruments)
R2 UDCService؛ C: WINDOWS System32 Drivers Lenovo udc Service UDClientService.exe [108376 2020-10-21] (Lenovo -> Lenovo Group Ltd.)
R2 UPDATESRV؛ C: Program Files Bitdefender Bitdefender Security updatesrv.exe [170840 2020-11-13] (Bitdefender SRL -> Bitdefender)
R2 VSSERV؛ C: Program Files Bitdefender Bitdefender Security bdservicehost.exe [803576 2020-10-02] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc؛ C: ProgramData Microsoft Windows Defender platform 4.18.2011.6-0 NisSrv.exe [2491880 2020-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend؛ C: ProgramData Microsoft Windows Defender platform 4.18.2011.6-0 MsMpEng.exe [128376 2020-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 YMC؛ C: WINDOWS System32 YMC.exe [856960 2019-05-26] (Lenovo -> Lenovo Group Ltd.)
==================== درایورها (در لیست سفید) ====================
(اگر مطلبی در لیست اصلاحات موجود باشد ، از رجیستری حذف می شود. پرونده انجام نمی شود منتقل شود مگر اینکه جداگانه ذکر شود.)
R1 atc؛ C: WINDOWS System32 DRIVERS atc.sys [2151624 2020-09-16] (Bitdefender SRL -> Bitdefender S.R.L. بخارست ، رومانی)
R2 BdDci؛ C: WINDOWS System32 DRIVERS bddci.sys [796200 2020-05-26] (Bitdefender SRL -> Bitdefender)
S0 bdelam؛ C: WINDOWS System32 drivers bdelam.sys [22960 2019-03-21] (ناشر ضد بدافزار Microsoft Windows Early Launch -> Bitdefender)
R0 bdprivmon؛ C: WINDOWS System32 DRIVERS bdprivmon.sys [46056 2020-01-17] (Bitdefender SRL -> © Bitdefender SRL)
S3 BthA2dp؛ C: WINDOWS System32 Drivers BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R0 Gemma؛ C: WINDOWS System32 DRIVERS gemma.sys [473608 2020-09-14] (Bitdefender SRL -> BitDefender S.R.L. بخارست ، رومانی)
R0 gzflt؛ C: WINDOWS System32 DRIVERS gzflt.sys [195232 2020-09-03] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis؛ C: WINDOWS System32 DRIVERS ignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
R3 tap0901؛ C: WINDOWS System32 drivers tap0901.sys [47920 2020-02-20] (ناشر سازگاری سخت افزار Microsoft Windows -> The OpenVPN Project)
R0 trufos؛ C: WINDOWS System32 DRIVERS trufos.sys [640760 2020-06-09] (Bitdefender SRL -> Bitdefender)
S0 WdBoot؛ C: WINDOWS System32 Drivers wd WdBoot.sys [48536 2020-12-25] (ناشر ضد بدافزار Microsoft Windows Early Launch -> Microsoft Corporation)
R0 WdFilter؛ C: WINDOWS System32 Drivers wd WdFilter.sys [429296 2020-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv؛ C: WINDOWS System32 Drivers wd WdNisDrv.sys [70896 2020-12-25] (Microsoft Windows -> Microsoft Corporation)
===================== = NetSvcs (با لیست سفید) ====================
(اگر مطلبی در لیست اصلاحات موجود باشد ، از رجیستری حذف می شود. پرونده منتقل نخواهد شد مگر اینکه جداگانه ذکر شود.)
===================== یک ماه (ایجاد شده) (همه) ==== =====
(اگر مدخلی در لیست اصلاحات موجود باشد ، پرونده / پوشه منتقل می شود.)
2020-12-28 12:56 – 2020-12-28 12:56 – 011108224 _____ (McAfee، LLC) C: Users wangl Downloads MCPR.exe
2020-12-28 12:42 – 2020-12-28 12:50 – 000030162 _____ C: Users wangl Downloads Addition.txt
2020-12-28 12:39 – 2020-12-28 13:10 – 000026284 _____ C: Users wangl Downloads FRST.txt
2020-12- 28 12:39 – 2020-12-28 13:10 – 000000000 ____D C: FRST
2020-12-28 12:37 – 2020-12-28 12:37 – 002286592 _____ (Farbar) C: کاربران wangl Downl oads FRST64.exe
2020-12-28 12:28 – 2020-12-28 12:28 – 000000000 ____D C: Users wangl AppData Local ESET
2020-12-28 12: 24 – 2020-12-28 12:24 – 006341552 _____ (ESET) C: Users wangl Downloads eset_internet_security_live_installer.exe
2020-12-25 06:46 – 2020-12-28 13:09 – 092274688 _____ C: WINDOWS system32 config SOFTWARE
2020-12-25 06:45 – 2020-12-25 06:46 – 000000000 ____D C: WINDOWS Microsoft Antimalware
2020-12-24 23 23 : 16 – 2020-12-24 23:13 – 002977337 _____ C: Users Public bdsyslog.zip
2020-12-24 23:13 – 2020-12-24 23:13 – 002977337 _____ C: کاربران Public Desktop bdsyslog.zip
2020-12-24 23:13 – 2020-12-24 23:13 – 002977337 _____ C: ProgramData Desktop bdsyslog.zip
2020-12-24 22:59 – 2020-12-24 22:56 – 000795000 ____N (شرکت مایکروسافت) C: WINDOWS system32 MpSigStub.exe
2020-12-24 22:55 – 2020-12-24 22:55 – 000637112 _____ (Bitdefender) C: WINDOWS system32 Drivers trufosalt.sys
2020-12-24 22: 5 4 – 2020-12-24 22:54 – 011444280 _____ (Bitdefender SRL) C: Users wangl Downloads BDSysLog_i.exe
2020-12-24 22:41 – 2020-12-24 22:41 – 000000000 ____D C: Users wangl AppData Local CrashDumps
2020-12-24 21:47 – 2020-12-24 21:47 – 018580160 _____ (TeamViewer) C: Users wangl Downloads Bitdefender_Remote_EN .exe
2020-12-24 20:16 – 2020-12-24 20:16 – 000000000 ____D C: Users wangl AppData Local Adobe_Systems_Incorporate
2020-12-24 20:15 – 2020 -12-24 20:20 – 000000000 ____D C: Users wangl Documents My Digital Editions
2020-12-24 20:15 – 2020-12-24 20:15 – 000002272 _____ C: ProgramData Microsoft Windows Menu Start Programs Adobe Digital Editions 4.5.lnk
2020-12-24 20:15 – 2020-12-24 20:15 – 000002260 _____ C: Users Public Desktop Adobe Digital Editions 4.5.lnk
2020-12-24 20:15 – 2020-12-24 20:15 – 000002260 _____ C: ProgramData Desktop Adobe Digital Editions 4.5.lnk
2020-12-24 20:15 – 2020-12-24 20:15 – 000000000 ____D C: ProgramData Microsoft Windows Menu Start Programs Adobe
2020-12-24 20:14 – 2020-12-24 20:15 – 009003224 _____ (Adobe Systems Incorporated) C: Users wangl DownloadsADE_4.5_Installer.exe
2020-12-24 20:13 – 2020-12-24 20:13 – 000001346 _____ C:UserswanglDownloads9780760370988.acsm
2020-12-24 10:56 – 2020-12-24 10:56 – 000001287 _____ C:UserswanglDownloads9781952897009.acsm
2020-12-24 10:45 – 2020-12-24 10:45 – 000001283 _____ C:UserswanglDownloads9781529039603.acsm
2020-12-24 10:16 – 2020-12-24 10:16 – 000000000 ____D C:WINDOWSsystem32TasksMozilla
2020- 12-23 19:33 – 2020-12-24 22:46 – 000000000 ____D C:Program FilesMozilla Firefox
2020-12-22 18:29 – 2020-12-22 18:29 – 000083288 _____ ( Zoom Video Communications, Inc.) C:UserswanglDownloadsZoom_cm_fe5fksee8kMogZ9vvrZo4_mrI-ObOMuAArgSqF0ABpQ75Z6qyRIJTsdvPZs@e5608XgsW9HqKIrw_k85aa1a3d3dde6c72_.exe
2020-12-21 23:17 – 2020-12-21 23:17 – 002277844 _____ C:WINDOWSMinidump122120-7296-01.dmp
2020-12-21 16:08 – 2020-12-21 16:08 – 013543464 _____ C:UserswanglDownloadsbitdefender_windows_ff280201-df62-4455-85c4-40eed058f8f6.exe
2020-12-21 16:08 – 2020-12-21 16:08 – 013543464 _____ C:UserswanglDownloadsbitdefender_windows_1a1788a5-1e03-4286-afe1-d1540c41ab91.exe
2020-12-21 16:07 – 2020-12-21 16:07 – 012457392 _____ C:UserswanglDownloadsbitdefender_vpn.exe
2020-12-21 16:06 – 2020-12-21 16:06 – 013543464 _____ C:UserswanglDownloadsbitdefender_windows_c1061cfe-2701-4a0e-8f9f-f95005997e75.exe
2020-12-21 16:06 – 2020-12-21 16:06 – 000087732 _____ C:ProgramDataagent.update.1608566801.bdinstall.v2.bin
2020-12-20 19:23 – 2020-12-20 19:23 – 001578340 _____ C:UserswanglDownloadsRefundApplicationForm.pdf
2020-12-20 14:06 – 2020-12-27 23:52 – 000012164 _____ C:UserswanglDocumentsClasses.xlsx
2020-12-20 03:26 – 2020-12-20 03:26 – 000111592 _____ C: ProgramDatacl.1608434781.bdinstall.v2.bin
2020-12-20 03:26 – 2020-12-20 03:26 – 000111592 _____ C:ProgramDatacl.1608434779.bdinstall.v2.bin
2020-12-20 03:25 – 2020-12-20 03:25 – 000114756 _____ C:ProgramDatacl.1608434714.bdinstall.v2.bin
2020-12-20 03:25 – 2020-12-20 03:25 – 000111592 _____ C:ProgramDatacl.1608434759.bdinstall.v2.bin
2020-12-20 03:25 – 2020-12-20 03:25 – 000111592 _____ C:ProgramDatacl.1608434758.bdinstall.v2.bin
2020-12-20 03:25 – 2020-12-20 03:25 – 000111592 _____ C:ProgramDatacl.1608434756.bdinstall.v2.bin
2020-12-20 03:25 – 2020-12-20 03:25 – 000111592 _____ C:ProgramDatacl.1608434731.bdinstall.v2.bin
2020-12-20 03:24 – 2020-12-20 03:24 – 000114756 _____ C:ProgramDatacl.1608434691.bdinstall.v2.bin
2020-12-20 03:24 – 2020-12-20 03:24 – 000114756 _____ C:ProgramDatacl.1608434679.bdinstall.v2.bin
2020-12-20 03:19 – 2020-12-20 03:19 – 000114716 _____ C:ProgramDatacl.1608 434145.bdinstall.v2.bin
2020-12-20 03:18 – 2020-12-20 03:18 – 000197052 _____ C:ProgramDatavpn.1608434286.bdinstall.v2.bin
2020-12-20 03:18 – 2020-12-20 03:18 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBitdefender VPN
2020-12-20 03:18 – 2020-12-20 03:18 – 000000000 ____D C:ProgramDataBitdefender VPN
2020-12-20 03:18 – 2020-12-20 03:18 – 000000000 ____D C:ProgramDataAnchorFree_Inc
2020-12-20 03:18 – 2020-02-20 13:02 – 000047920 _____ (The OpenVPN Project) C:WINDOWSsystem32Driverstap0901.sys
2020-12-20 03:17 – 2020-12-20 03:17 – 000111592 _____ C:ProgramDatacl.1608434260.bdinstall.v2.bin
2020-12-20 03:11 – 2020-12-20 03:11 – 000000000 ____D C:ProgramDatadbg
2020-12-20 03:06 – 2020-12-20 03:06 – 000768816 _____ C:ProgramDatacl.1608433401.bdinstall.v2.bin
2020-12-20 03:06 – 2020-12-20 03:06 – 000102216 _____ C:ProgramDatacl.kit.1608433397.bdinstall.v2.bin
2020-12-20 03:06 – 2020-12-20 03:06 – 000003420 _____ C:WINDOWSsystem32TasksBitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2020-12-20 03:06 – 2020-12-20 03:06 – 000000000 ____D C:ProgramDataGemma
2020-12-20 03:06 – 2020-12-20 03:06 – 000000000 ____D C:ProgramDataAtc
2020-12-20 03:06 – 2020-12-20 03:06 – 000000000 ____D C:ProgramData48C4687D-9760-4F5B-BAB3-60351B0841E4
2020-12-20 03:04 – 2020-12-20 03:39 – 000000000 ____D C:ProgramDataBitdefender
2020-12-20 03:04 – 2020-12-20 03:18 – 000002206 _____ C:UsersPublicDesktopBitdefender VPN.lnk
2020-12-20 03:04 – 2020-12-20 03:18 – 000002206 _____ C:ProgramDataDesktopBitdefender VPN.lnk
2020-12-20 03:04 – 2020-12-20 03:18 – 000000000 ____D C:Program FilesBitdefender
2020-12-20 03:04 – 2020-12-20 03:04 – 000002353 _____ C:UsersPublicDesktopBitdefender.lnk
2020-12-20 03:04 – 2020-12-20 03:04 – 000002353 _____ C:ProgramDataDesktop Bitdefender.lnk
2020-12-20 03:04 – 2020-12-20 03:04 – 000000000 ____D C:WINDOWSsystem32elambkup
2020-12-20 03:04 – 2020-12-20 03:04 – 000000000 ____D C:UserswanglAppDataRoamingBitdefender
2020-12-20 03:04 – 2020-12-20 03:04 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBitdefender Security
2020-12-20 03:04 – 2020-12-20 03:04 – 000000000 ____D C:ProgramDataBDLogging
2020-12-20 03:04 – 2020-10-07 10:30 – 000185312 _____ (Bitdefender) C:WINDOWSsystem32Driversignis.sys
2020-12-20 03:04 – 2020-09-16 12:26 – 002151624 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:WINDOWSsystem32Driversatc.sys
2020-12-20 03:04 – 2020-09-14 13:26 – 000473608 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:WINDOWSsystem32Driversgemma.sys
2020-12-20 03:04 – 2020-09-03 04:20 – 000195232 _____ (BitDefender LLC) C:WINDOWSsystem32Driversgzflt.sys
2020-12-20 03:04 – 2020-06-09 16:13 – 000640760 _____ (Bitdefender) C:WINDOWSsystem32Driverstrufos.sys
2020-12-20 03:04 – 2020-05-26 12:23 – 000796200 _____ (Bitdefender) C:WINDOWSsystem32Driversbddci.sys
2020-12-20 03:04 – 2020-01-17 02:03 – 000046056 _____ (© Bitdefender SRL) C:WINDOWSsystem32Driversbdprivmon.sys
2020-12-20 03:04 – 2019-03-21 00:12 – 000022960 _____ (Bitdefender) C:WINDOWSsystem32Driversbdelam.sys
2020-12-20 03:03 – 2020-12-20 03:04 – 000000000 ____D C:Program FilesCommon FilesBitdefender
2020-12-20 02:58 – 2020-12-20 02:58 – 000003802 _____ C:WINDOWSsystem32TasksBitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-12-20 02:56 – 2020-12-21 16:06 – 000000000 ____D C:Program FilesBitdefender Agent
2020-12-20 02:56 – 2020-12-20 02:56 – 000116280 _____ C:ProgramDataagent.1608432992.bdinstall.v2.bin
2020-12-20 02:56 – 2020-12-20 02:56 – 000000000 ____D C:ProgramDataBitdefender Agent
2020-12-20 02:55 – 2020-12-20 02:56 – 013543464 _____ C:UserswanglDownloadsbitdefender_tsecurity.exe
2020-12-20 02:51 – 2020-12-20 02:51 – 000000000 ____D C:UserswanglAppDataLocalmbam
2020-12-20 02:50 – 2020-12-20 02:50 – 000000000 ____D C:ProgramDataMalwarebytes
2020-12-20 02:48 – 2020-12-20 02:48 – 002086424 _____ (Malwarebytes) C:UserswanglDownloadsMBSetup.exe
2020-12-20 01:06 – 2020-12-20 01:06 – 000000074 ___RH C:UserswanglDesktopGetSusp.opt
2020-12-20 00:43 – 2020-12-20 00:43 – 002201672 _____ (LogMeIn, Inc.) C:UserswanglDownloadsSupport-LogMeInRescue.exe[19659007]2020-12-18 16:56 – 2020-12-18 16:56 – 001212846 _____ C:UserswanglDownloadsYour renewal.pdf
2020-12-17 21:50 – 2020-12-17 21:50 – 000594955 _____ C:UserswanglDownloadsFW UK Employee Handbook.pdf
2020-12-17 21:50 – 2020-12-17 21:50 – 000295032 _____ C:UserswanglDownloadsFishawack UK Contract 2020 – Linda Wang.pdf
2020-12-16 16:10 – 2020-12-16 16:10 – 000905646 _____ C:UserswanglDownloadsGTR1912PTT03WEB.pdf
2020-12-15 17:06 – 2020-12-15 17:06 – 000124051 _____ C:UserswanglDownloadswang2019.pdf
2020-12-15 16:59 – 2020-12-15 16:59 – 001692622 _____ C:UserswanglDownloadscoates2010.pdf
2020-12-09 19:04 – 2020-12-09 19:50 – 4294700893 _____ C:UserswanglDownloads20201208_183705.mp4
2020-12-09 17:59 – 2020-12-09 17:59 – 000127692 _____ C:UserswanglDownloadsLinda Wang – ZD6126 ppt.pdf
2020-12-09 17:51 – 2020-12-09 17:51 – 000347833 _____ C:UserswanglDownloadsLinda Wang – ZD6126 slide.pdf
2020-12-09 17:50 – 2020-12-09 17:50 – 000545013 _____ C:UserswanglDownloadsLinda Wang – ZD6162 slide.pptx
2020-12-09 16:42 – 2020-12-09 16:42 – 026274304 _____ (Microsoft Corporation) C:WINDOWSsystem32edgehtml.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 024265216 _____ (Microsoft Corporation) C:WINDOWSsystem32Hydrogen.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 023452160 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 019870720 _____ (Microsoft Corporation) C:WINDOWSSysWOW64edgehtml.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 018767360 _____ (Microsoft Corporation) C:WINDOWSsystem32HologramWorld.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 018083840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 014758400 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Xaml.dll
2020-12-09 16:42 – 2020 -12-09 16:42 – 010841928 _____ (Microsoft Corporation) C:WINDOWSsystem32ntoskrnl.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 010338488 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Protection.PlayReady.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 008890544 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Protection.PlayReady.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 007783936 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakra.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 007639040 _____ (Microsoft Corporation) C:WINDOWSsystem32shell32.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 007625728 _____ (Microsoft Corporation) C:WINDOWSsystem32ieframe.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 007545048 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 006425088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ieframe.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 006368912 _____ (Microsoft Corporation) C:WINDOWSSysWOW64windows.storage.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 006002752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64shell32.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 005833216 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakra.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 005346808 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 004794248 _____ (Microsoft Corporation) C:WINDOWSsystem32mfcore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 004629320 _____ (Microsoft Corporation) C:WINDOWSsystem32sppsvc.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 004363856 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Mirage.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 004307456 _____ (Microsoft Corporation) C:WINDOWSsystem32MFMediaEngine.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 004282368 _____ (Microsoft Corporation) C:WINDOWSsystem32DHolographicDisplay.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 004125256 _____ (Microsoft Corporation) C:WINDOWSSysWOW64explorer.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 003898368 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentServer.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 003815936 _____ (Microsoft Corporation) C:WINDOWSsystem32diagtrack.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 003658752 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MFMediaEngine.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 003586048 _____ (Microsoft Corporation) C:WINDOWSsystem32dwmcore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 003556064 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfcore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 003508056 _____ (Microsoft Corporation) C:WINDOWSsystem32combase.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 003376848 __ ___ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002990408 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverstcpip.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 002922392 _____ (Microsoft Corporation) C:WINDOWSsystem32KernelBase.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002850632 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversntfs.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 002844160 _____ (Microsoft Corporation) C:WINDOWSsystem32xpsservices.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb
2020-12-09 16:42 – 2020-12-09 16:42 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb
2020-12-09 16:42 – 2020-12-09 16:42 – 002749952 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32kfull.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 002634120 _____ (Microsoft Corpora tion) C:WINDOWSSysWOW64combase.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002542080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64UIAutomationCore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002523616 _____ (Microsoft Corporation) C:WINDOWSsystem32WMVDECOD.DLL
2020-12-09 16:42 – 2020-12-09 16:42 – 002520056 _____ (Microsoft Corporation) C:WINDOWSsystem32msmpeg2vdec.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002454016 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.onecore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002453368 _____ (Microsoft Corporation) C:WINDOWSsystem32WMVCORE.DLL
2020-12-09 16:42 – 2020-12-09 16:42 – 002433024 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MapRouter.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002339248 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msmpeg2vdec.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002254560 _____ (Microsoft Corporatio n) C:WINDOWSSysWOW64WMVDECOD.DLL
2020-12-09 16:42 – 2020-12-09 16:42 – 002181672 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KernelBase.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 002136736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WMVCORE.DLL
2020-12-09 16:42 – 2020-12-09 16:42 – 002025272 _____ (Microsoft Corporation) C:WINDOWSsystem32ntdll.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001984368 _____ (Microsoft Corporation) C:WINDOWSsystem32dcomp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001982280 _____ (Microsoft Corporation) C:WINDOWSsystem32wsp_fs.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001969664 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceFlows.DataModel.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001956032 _____ (Microsoft Corporation) C:WINDOWSsystem32mfasfsrcsnk.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001892440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AudioEng .dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001875400 _____ (Microsoft Corporation) C:WINDOWSsystem32d3d9.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001831424 _____ (Microsoft Corporation) C:WINDOWSSysWOW64xpsservices.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001822272 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi
2020-12-09 16:42 – 2020-12-09 16:42 – 001792800 _____ (Microsoft Corporation) C:WINDOWSsystem32winmde.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001765888 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentExtensions.desktop.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001751952 _____ (Microsoft Corporation) C:WINDOWSsystem32sppobjs.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001720648 _____ (Microsoft Corporation) C:WINDOWSsystem32wsp_health.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001711104 _____ (Microsoft Corporation) C:WINDOWSsystem32GdiPlus.dll
2020-1 2-09 16:42 – 2020-12-09 16:42 – 001696760 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ntdll.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001663648 _____ (Microsoft Corporation) C:WINDOWSSysWOW64user32.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001660928 _____ (Microsoft Corporation) C:WINDOWSsystem32XpsPrint.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001653760 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DeviceFlows.DataModel.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001623312 _____ (Microsoft Corporation) C:WINDOWSSysWOW64d3d9.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001611776 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpcorets.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001591112 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpserverbase.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001570632 _____ (Microsoft Corporation) C:WINDOWSsystem32hvix64.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 001555152 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 001494016 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dbghelp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001454960 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dcomp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001449984 _____ (Microsoft Corporation) C:WINDOWSSysWOW64GdiPlus.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001436032 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msvbvm60.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001400224 _____ (Microsoft Corporation) C:WINDOWSsystem32WinTypes.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001393496 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi
2020-12-09 16:42 – 2020-12-09 16:42 – 001373184 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Wpc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001352760 _____ (Microsoft Corporation) C:WINDOWS system32mfmpeg2srcsnk.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001350144 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Audio.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001334784 _____ (Microsoft Corporation) C:WINDOWSsystem32rpcss.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001333248 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001328456 _____ (Microsoft Corporation) C:WINDOWSsystem32drvstore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001315144 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsp_health.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001301600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfasfsrcsnk.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001287680 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpcore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001276928 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpsharercom.dll[19659007]2020-12-09 16:42 – 2020-12-09 16:42 – 001272320 _____ (Microsoft Corporation) C:WINDOWSsystem32sdclt.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 001268048 _____ (Microsoft Corporation) C:WINDOWSsystem32hvax64.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 001265000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AudioSes.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001250304 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Audio.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001250304 _____ (Microsoft Corporation) C:WINDOWSsystem32HologramCompositor.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001240576 _____ (Microsoft Corporation) C:WINDOWSsystem32sdengin2.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001240064 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_IME.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001233920 _____ (Microsoft Corporation) C:WINDOWSsystem32webplatstorageserver.dll[19659007]2020-12-09 16:42 – 2020-12-09 16:42 – 001223080 _____ (Microsoft Corporation) C:WINDOWSsystem32rpcrt4.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001212712 _____ (Microsoft Corporation) C:WINDOWSsystem32Taskmgr.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 001210136 _____ (Microsoft Corporation) C:WINDOWSsystem32ApplyTrustOffline.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 001198296 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 001145344 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Media.Streaming.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001130104 _____ (Microsoft Corporation) C:WINDOWSsystem32msctf.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001128960 _____ (Microsoft Corporation) C:WINDOWSsystem32termsrv.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001127144 _____ (Microsoft Corporation) C:WINDOWSsystem32DolbyDecMFT.dll
2020-12-09 16: 42 – 2020-12-09 16:42 – 001125888 _____ (Microsoft Corporation) C:WINDOWSsystem32tdh.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001115136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aadtb.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001075712 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rdpcore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001068648 _____ (Microsoft Corporation) C:WINDOWSsystem32gdi32full.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001055696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dsreg.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001039176 _____ (Microsoft Corporation) C:WINDOWSSysWOW64drvstore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001029632 _____ (Microsoft Corporation) C:WINDOWSSysWOW64XpsPrint.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001015808 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Internal.Management.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 00101488 8 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfmpeg2srcsnk.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001011200 _____ (Microsoft Corporation) C:WINDOWSsystem32uDWM.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001006592 _____ (Microsoft Corporation) C:WINDOWSsystem32sysmain.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 001005056 _____ (Microsoft Corporation) C:WINDOWSsystem32imapi2fs.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000994816 _____ (Microsoft Corporation) C:WINDOWSsystem32FrameServer.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000988064 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthService.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000985088 _____ (Microsoft Corporation) C:WINDOWSsystem32autochk.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000978944 _____ (Microsoft Corporation) C:WINDOWSsystem32fveapi.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000967384 _____ (Microsoft Corporat ion) C:WINDOWSSysWOW64InputHost.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000964792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Taskmgr.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000957440 _____ (Microsoft Corporation) C:WINDOWSsystem32autoconv.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000951368 _____ (Microsoft Corporation) C:WINDOWSSysWOW64DolbyDecMFT.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000942592 _____ (Microsoft Corporation) C:WINDOWSsystem32EdgeManager.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000931328 _____ (Microsoft Corporation) C:WINDOWSsystem32autofmt.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000920904 _____ (Microsoft Corporation) C:WINDOWSsystem32securekernel.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000914288 _____ (Microsoft Corporation) C:WINDOWSsystem32ci.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000907776 _____ (Microsoft Corporation) C:WINDOWSsystem32winlogon.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000907456 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WinTypes.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000898176 _____ (Microsoft Corporation) C:WINDOWSsystem32wer.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000887856 _____ (Microsoft Corporation) C:WINDOWSSysWOW64gdi32full.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000884736 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tdh.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000878080 _____ (Microsoft Corporation) C:WINDOWSsystem32LogonController.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000875520 _____ (Microsoft Corporation) C:WINDOWSsystem32Spectrum.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000875008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64autochk.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000866304 _____ (Microsoft Corporation) C:WINDOWSsystem32samsrv.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000864768 _____ (Microsoft Corporation) C:WINDOWSsystem32jscript.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000864256 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Media.Streaming.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000863744 _____ (Microsoft Corporation) C:WINDOWSsystem32schedsvc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000863232 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Mirage.Internal.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000861488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msctf.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000859136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64imapi2fs.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000858624 _____ (Microsoft Corporation) C:WINDOWSsystem32comdlg32.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000851968 _____ (Microsoft Corporation) C:WINDOWSSysWOW64autoconv.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000843384 _ ____ (Microsoft Corporation) C:WINDOWSsystem32fontdrvhost.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000843264 _____ (Microsoft Corporation) C:WINDOWSsystem32conhost.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000837120 _____ (Microsoft Corporation) C:WINDOWSSysWOW64webplatstorageserver.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000831488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64autofmt.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000805176 _____ (Microsoft Corporation) C:WINDOWSsystem32tcblaunch.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000804352 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EdgeManager.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000786600 _____ (Microsoft Corporation) C:WINDOWSSysWOW64rpcrt4.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000785408 _____ (Microsoft Corporation) C:WINDOWSsystem32nshwfp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000782848 _____ (Microsoft Corporation ) C:WINDOWSsystem32Driverssrv2.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000763856 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppXDeploymentClient.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000758224 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TextInputFramework.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000756656 _____ (Microsoft Corporation) C:WINDOWSsystem32taskschd.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000751616 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fveapi.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000733984 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverscng.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000721920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wuapi.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000713832 _____ (Microsoft Corporation) C:WINDOWSsystem32services.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000712192 _____ (Microsoft Corporation) C:WINDOWSSys WOW64Windows.Internal.Management.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000710688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wer.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000704000 _____ (Microsoft Corporation) C:WINDOWSsystem32wsecedit.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000702464 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.UI.Core.TextInput.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000689152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64comdlg32.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000688968 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontdrvhost.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000686592 _____ (Microsoft Corporation) C:WINDOWSSysWOW64jscript.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000685896 _____ (Microsoft Corporation) C:WINDOWSsystem32MFCaptureEngine.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000681472 _____ (Microsoft Corporation) C:WINDOWSsys tem32AppReadiness.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000678216 _____ (Microsoft Corporation) C:WINDOWSsystem32computecore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000671744 _____ (Microsoft Corporation) C:WINDOWSsystem32dmenrollengine.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000648704 _____ (Microsoft Corporation) C:WINDOWSsystem32policymanager.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000647680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64agentactivationruntimewindows.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000644608 _____ (Microsoft Corporation) C:WINDOWSsystem32wpdshext.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000635392 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.ApplicationModel.ConversationalAgent.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000632552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kernel32.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000628736 _____ (Mi crosoft Corporation) C:WINDOWSSysWOW64agentactivationruntime.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000628112 _____ (Microsoft Corporation) C:WINDOWSsystem32sechost.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000622592 _____ (Microsoft Corporation) C:WINDOWSsystem32vbscript.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000611840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64nshwfp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000608768 _____ (Microsoft Corporation) C:WINDOWSsystem32sppcext.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000607864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MFCaptureEngine.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000603464 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversnetio.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000579072 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Mirage.Internal.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000574296 _____ (Micro soft Corporation) C:WINDOWSsystem32DMRServer.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000572928 _____ (Microsoft Corporation) C:WINDOWSsystem32SppExtComObj.Exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000569856 _____ (Microsoft Corporation) C:WINDOWSsystem32netshell.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000556544 _____ (Microsoft Corporation) C:WINDOWSsystem32defragsvc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000555008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wpdshext.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000550088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SHCore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000548352 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dmenrollengine.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000547840 _____ (Microsoft Corporation) C:WINDOWSSysWOW64vbscript.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000543328 _____ (Microsoft Corporation) C:WINDOWSS ysWOW64taskschd.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000540672 _____ (Microsoft Corporation) C:WINDOWSsystem32IESettingSync.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000539136 _____ (Microsoft Corporation) C:WINDOWSsystem32InputSwitch.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000534552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64policymanager.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000534016 _____ (Microsoft Corporation) C:WINDOWSsystem32nltest.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000530456 _____ (Microsoft Corporation) C:WINDOWSsystem32mf.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000526848 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wsecedit.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000523200 _____ (Microsoft Corporation) C:WINDOWSsystem32bcryptprimitives.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000520704 _____ (Microsoft Corporation) C:WINDOWSsystem32CPFilters.dll[19659007]2020-12-09 16:42 – 2020-12-09 16:42 – 000518656 _____ (Microsoft Corporation) C:WINDOWSSysWOW64untfs.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000509440 _____ (Microsoft Corporation) C:WINDOWSSysWOW64daxexec.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000507904 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ngccredprov.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000502600 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversFWPKCLNT.SYS
2020-12-09 16:42 – 2020-12-09 16:42 – 000501760 _____ (Microsoft Corporation) C:WINDOWSsystem32DDDS.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000491520 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverscldflt.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000489472 _____ (Microsoft Corporation) C:WINDOWSsystem32HolographicRuntimes.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000488776 _____ (Microsoft Corporation) C:WINDOWSsystem32microsoft-windows-system-events.dll[19659007]2020-12-09 16:42 – 2020-12-09 16:42 – 000487936 _____ (Microsoft Corporation) C:WINDOWSsystem32profsvc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000486400 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Devices.Picker.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000477784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64sechost.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000470016 _____ (Microsoft Corporation) C:WINDOWSsystem32taskcomp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000468480 _____ (Microsoft Corporation) C:WINDOWSsystem32dsregcmd.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000461128 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdbss.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000459776 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceEnroller.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000450888 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthAgent.dll[19659007]2020-12-09 16:42 – 2020-12-09 16:42 – 000436736 _____ (Microsoft Corporation) C:WINDOWSsystem32wincorlib.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000435712 _____ (Microsoft Corporation) C:WINDOWSsystem32fveapibase.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000430592 _____ (Microsoft Corporation) C:WINDOWSsystem32SDDS.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000430080 _____ (Microsoft Corporation) C:WINDOWSSysWOW64InputSwitch.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000423240 _____ (Microsoft Corporation) C:WINDOWSsystem32MSAudDecMFT.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000422400 _____ (Microsoft Corporation) C:WINDOWSsystem32FrameServerClient.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000419432 _____ (Microsoft Corporation) C:WINDOWSsystem32wininit.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000417376 _____ (Microsoft Corporation) C:WINDOWSsystem32SgrmEnclave.dll
2020-12-09 16:42 – 2020 -12-09 16:42 – 000415744 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AcLayers.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000414208 _____ (Microsoft Corporation) C:WINDOWSsystem32mfsensorgroup.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000413248 _____ (Microsoft Corporation) C:WINDOWSsystem32SgrmEnclave_secure.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000408576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CPFilters.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000400896 _____ (Microsoft Corporation) C:WINDOWSSysWOW64taskcomp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000400384 _____ (Microsoft Corporation) C:WINDOWSSysWOW64netshell.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000397312 _____ (Microsoft Corporation) C:WINDOWSsystem32BingASDS.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000385360 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AUDIOKSE.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000380744 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversmsrpc.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000380232 _____ (Microsoft Corporation) C:WINDOWSsystem32AppxAllUserStore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000375000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64bcryptprimitives.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000363008 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fveapibase.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000352800 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000350720 _____ (Microsoft Corporation) C:WINDOWSsystem32ncryptprov.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000349184 _____ (Microsoft Corporation) C:WINDOWSsystem32drvinst.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000345088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.Devices.Picker.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000341504 ____ _ (Microsoft Corporation) C:WINDOWSsystem32dlnashext.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000339456 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AarSvc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000337408 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cryptngc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000334848 _____ (Microsoft Corporation) C:WINDOWSSysWOW64aadauthhelper.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000329728 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32k.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000329728 _____ (Microsoft Corporation) C:WINDOWSsystem32dmenterprisediagnostics.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000326144 _____ (Microsoft Corporation) C:WINDOWSsystem32AcLayers.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000325120 _____ (Microsoft Corporation) C:WINDOWSsystem32newdev.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000316928 _____ (Microsoft Corporation) C:WINDOWSsystem32sppnp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000309248 _____ (Microsoft Corporation) C:WINDOWSsystem32RASMM.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000303304 _____ (Microsoft Corporation) C:WINDOWSsystem32skci.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000297984 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wincorlib.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000293704 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AppxAllUserStore.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000289792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64BioCredProv.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000288680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wintrust.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000275456 _____ (Microsoft Corporation) C:WINDOWSsystem32schtasks.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000274432 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ncryptprov.dll[19659007]2020-12-09 16:42 – 2020-12-09 16:42 – 000269824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mdmregistration.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000267776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dlnashext.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000266992 _____ (Microsoft Corporation) C:WINDOWSsystem32mfps.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000266240 _____ C:WINDOWSSysWOW64Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000265728 _____ (Microsoft Corporation) C:WINDOWSSysWOW64UserDeviceRegistration.Ngc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000260936 _____ (Microsoft Corporation) C:WINDOWSsystem32offlinesam.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000257024 _____ (Microsoft Corporation) C:WINDOWSsystem32ngctasks.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000253040 _____ (Microsoft Corporation) C:WINDOWSsystem32weretw.dll
2 020-12-09 16:42 – 2020-12-09 16:42 – 000247296 _____ (Microsoft Corporation) C:WINDOWSSysWOW64newdev.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000245248 _____ (Microsoft Corporation) C:WINDOWSsystem32JpnServiceDS.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000240640 _____ C:WINDOWSSysWOW64CoreMas.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000235520 _____ (Microsoft Corporation) C:WINDOWSsystem32TabSvc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000233800 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverswof.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000230904 _____ (Microsoft Corporation) C:WINDOWSsystem32sspicli.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000228688 _____ (Microsoft Corporation) C:WINDOWSsystem32wermgr.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000225096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64offlinesam.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000218960 _____ (Microsoft Corporation) C:WINDOWSsystem32tcbloader.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000217088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64schtasks.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000214528 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_AnalogShell.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000213504 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversNetAdapterCx.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000210432 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXApplicabilityBlob.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000205312 _____ (Microsoft Corporation) C:WINDOWSsystem32wecsvc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000203512 _____ (Microsoft Corporation) C:WINDOWSsystem32dmcmnutils.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000201552 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wermgr.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000200704 _____ (Micro soft Corporation) C:WINDOWSsystem32rdsdwmdr.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000200192 _____ (Microsoft Corporation) C:WINDOWSsystem32PerceptionDevice.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000196608 _____ (Microsoft Corporation) C:WINDOWSsystem32twext.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000195152 _____ (Microsoft Corporation) C:WINDOWSSysWOW64weretw.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000193640 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Windows.System.Profile.HardwareId.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000192000 _____ (Microsoft Corporation) C:WINDOWSSysWOW64container.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000189256 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ifsutil.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000185856 _____ (Microsoft Corporation) C:WINDOWSsystem32drvsetup.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000176128 _____ (Microsoft Corpora tion) C:WINDOWSsystem32WPTaskScheduler.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000174080 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdpdr.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000173016 _____ (Microsoft Corporation) C:WINDOWSsystem32wldp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000171576 _____ (Microsoft Corporation) C:WINDOWSsystem32vertdll.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000169984 _____ (Microsoft Corporation) C:WINDOWSsystem32FilterDS.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000162816 _____ (Microsoft Corporation) C:WINDOWSSysWOW64UserDeviceRegistration.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000158208 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakradiag.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000157696 _____ (Microsoft Corporation) C:WINDOWSSysWOW64twext.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000155648 _____ (Microsoft Corporation) C:WINDOWSsys tem32profsvcext.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000153600 _____ (Microsoft Corporation) C:WINDOWSsystem32sdrsvc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000153384 _____ (Microsoft Corporation) C:WINDOWSsystem32ncrypt.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000153088 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PerceptionDevice.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000152064 _____ (Microsoft Corporation) C:WINDOWSsystem32mdmmigrator.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000149832 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ulib.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000149248 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.System.Profile.HardwareId.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000148992 _____ (Microsoft Corporation) C:WINDOWSsystem32DeviceMetadataRetrievalClient.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000148808 _____ (Microsoft Corporation) C: WINDOWSsystem32Drivershvsocket.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000147272 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversksecdd.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000147200 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dmcmnutils.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000146240 _____ (Microsoft Corporation) C:WINDOWSsystem32bcrypt.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000143872 _____ (Microsoft Corporation) C:WINDOWSSysWOW64drvsetup.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000140288 _____ (Microsoft Corporation) C:WINDOWSsystem32Chakrathunk.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000139960 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wldp.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000138752 _____ (Microsoft Corporation) C:WINDOWSsystem32CustomInstallExec.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000136352 _____ (Microsoft Corporation) C:WINDOWSSysWOW64g di32.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000134656 _____ (Microsoft Corporation) C:WINDOWSsystem32cryptuiwizard.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000133120 _____ (Microsoft Corporation) C:WINDOWSsystem32umpnpmgr.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000132608 _____ (Microsoft Corporation) C:WINDOWSsystem32samlib.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000131584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64SpatialAudioLicenseSrv.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000129536 _____ (Microsoft Corporation) C:WINDOWSsystem32WinHvEmulation.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000129104 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mfps.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000128512 _____ (Microsoft Corporation) C:WINDOWSsystem32sdshext.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000126976 _____ (Microsoft Corporation) C:WINDOWSsystem32fontsub.dll
2020- 12-09 16:42 – 2020-12-09 16:42 – 000125440 _____ (Microsoft Corporation) C:WINDOWSsystem32btpanui.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000124968 _____ (Microsoft Corporation) C:WINDOWSSysWOW64D3DSCache.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000121344 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakradiag.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000120320 _____ (Microsoft Corporation) C:WINDOWSsystem32MuiUnattend.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000118600 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthProxyStub.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000118088 _____ (Microsoft Corporation) C:WINDOWSsystem32hvloader.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000114176 _____ (Microsoft Corporation) C:WINDOWSSysWOW64btpanui.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000107008 _____ (Microsoft Corporation) C:WINDOWSsystem32wecutil.exe
2020-12-09 16:42 – 2020-12- 09 16:42 – 000105984 _____ (Microsoft Corporation) C:WINDOWSsystem32utcutil.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000105472 _____ (Microsoft Corporation) C:WINDOWSSysWOW64Chakrathunk.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000104784 _____ (Microsoft Corporation) C:WINDOWSsystem32netcfgx.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000104448 _____ (Microsoft Corporation) C:WINDOWSSysWOW64cryptuiwizard.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000102912 _____ (Microsoft Corporation) C:WINDOWSsystem32ncpa.cpl
2020-12-09 16:42 – 2020-12-09 16:42 – 000101296 _____ (Microsoft Corporation) C:WINDOWSsystem32FsIso.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000100864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ncpa.cpl
2020-12-09 16:42 – 2020-12-09 16:42 – 000099328 _____ (Microsoft Corporation) C:WINDOWSSysWOW64fontsub.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000099328 _____ (Microsoft Corporat ion) C:WINDOWSsystem32BingFilterDS.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000098120 _____ (Microsoft Corporation) C:WINDOWSsystem32SecurityHealthHost.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000097104 _____ (Microsoft Corporation) C:WINDOWSsystem32taskhostw.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000097096 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpudd.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000095048 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvservice.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000094720 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MuiUnattend.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000092960 _____ (Microsoft Corporation) C:WINDOWSSysWOW64win32u.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000091648 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dtdump.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000090112 _____ (Microsoft Corporation) C:WINDOWSSys WOW64samlib.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000086528 _____ (Microsoft Corporation) C:WINDOWSSysWOW64AcXtrnal.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000086528 _____ (Microsoft Corporation) C:WINDOWSsystem32MitigationConfiguration.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000084480 _____ (Microsoft Corporation) C:WINDOWSsystem32RpcEpMap.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000081408 _____ (Microsoft Corporation) C:WINDOWSsystem32wecapi.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000077136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64netcfgx.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000076800 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wecutil.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000072824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64remoteaudioendpoint.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000072192 _____ (Microsoft Corporation) C:WINDOWSSysWOW64MitigationConf iguration.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000067072 _____ (Microsoft Corporation) C:WINDOWSSysWOW64EditBufferTestHook.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000065536 _____ (Microsoft Corporation) C:WINDOWSsystem32iemigplugin.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000063488 _____ (Microsoft Corporation) C:WINDOWSsystem32enrollmentapi.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000062976 _____ (Microsoft Corporation) C:WINDOWSSysWOW64iemigplugin.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000061776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64GameInput.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000060928 _____ C:WINDOWSsystem32runexehelper.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000059464 _____ (Microsoft Corporation) C:WINDOWSsystem32lsass.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000059392 _____ (Microsoft Corporation) C:WINDOWSsystem32TaskSchdPS.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000057344 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wecapi.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000055296 _____ (Microsoft Corporation) C:WINDOWSSysWOW64CertPKICmdlet.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000055296 _____ (Microsoft Corporation) C:WINDOWSsystem32diagnosticdataquery.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000048640 _____ (Adobe Systems) C:WINDOWSsystem32atmlib.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000047104 _____ (Microsoft Corporation) C:WINDOWSsystem32werdiagcontroller.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000046592 _____ (Microsoft Corporation) C:WINDOWSSysWOW64enrollmentapi.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000039936 _____ (Adobe Systems) C:WINDOWSSysWOW64atmlib.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000038912 _____ (Microsoft Corporation) C:WINDOWSSysWOW64werdiagcontroller.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 0 00036864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wups.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000036864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64TaskSchdPS.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000033792 _____ (Microsoft Corporation) C:WINDOWSSysWOW64WordBreakers.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000031560 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversrdpvideominiport.sys
2020-12-09 16:42 – 2020-12-09 16:42 – 000029184 _____ (Microsoft Corporation) C:WINDOWSsystem32sspisrv.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000021320 _____ (Microsoft Corporation) C:WINDOWSsystem32kdhvcom.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000021288 _____ (Microsoft Corporation) C:WINDOWSsystem32wow64cpu.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000020480 _____ (Microsoft Corporation) C:WINDOWSsystem32wmsgapi.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000020480 _____ (Microsoft Corporation) C:WINDOWSsystem32defragproxy.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000018944 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dsregtask.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000016384 _____ (Microsoft Corporation) C:WINDOWSsystem32KBDJPN.DLL
2020-12-09 16:42 – 2020-12-09 16:42 – 000015872 _____ (Microsoft Corporation) C:WINDOWSsystem32AcXtrnal.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000015360 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winshfhc.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000014848 _____ (Microsoft Corporation) C:WINDOWSsystem32dciman32.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000014336 _____ (Microsoft Corporation) C:WINDOWSsystem32d3d8thk.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000013824 _____ (Microsoft Corporation) C:WINDOWSSysWOW64KBDJPN.DLL
2020-12-09 16:42 – 2020-12-09 16:42 – 000012800 _____ (Microsoft Corporation) C:WINDOWSSysWOW64d3d8thk .dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000011776 _____ (Microsoft Corporation) C:WINDOWSSysWOW64dciman32.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000011776 _____ (Microsoft Corporation) C:WINDOWSsystem32LaunchTM.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000010912 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2020-12-09 16:42 – 2020-12-09 16:42 – 000010752 _____ C:WINDOWSSysWOW64agentactivationruntimestarter.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000010240 _____ (Microsoft Corporation) C:WINDOWSSysWOW64LaunchTM.exe
2020-12-09 16:42 – 2020-12-09 16:42 – 000008704 _____ (Microsoft Corporation) C:WINDOWSsystem32kbd106n.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000008704 _____ (Microsoft Corporation) C:WINDOWSsystem32kbd106.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000008704 _____ (Microsoft Corporation) C:WINDOWSsystem32kbd101.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000007680 _____ ( Microsoft Corporation) C:WINDOWSSysWOW64kbd106n.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000007680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kbd106.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000007680 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kbd101.DLL
2020-12-09 16:42 – 2020-12-09 16:42 – 000004096 _____ (Microsoft Corporation) C:WINDOWSsystem32defragres.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000003072 _____ (Microsoft Corporation) C:WINDOWSsystem32lpk.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000002560 _____ (Microsoft Corporation) C:WINDOWSSysWOW64lpk.dll
2020-12-09 16:42 – 2020-12-09 16:42 – 000001370 _____ C:WINDOWSsystem32ThirdPartyNoticesBySHS.txt
2020-12-09 16:41 – 2020-12-09 16:41 – 017543168 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 009035264 _____ (Microsoft Corporation) C:WINDOWSsystem32BingMaps.dll[1 9659007]2020-12-09 16:41 – 2020-12-09 16:41 – 007990760 _____ (Microsoft Corporation) C:WINDOWSsystem32windows.storage.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 006245888 _____ (Microsoft Corporation) C:WINDOWSsystem32twinui.pcshell.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 005785368 _____ (Microsoft Corporation) C:WINDOWSsystem32StartTileData.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 004733952 _____ (Microsoft Corporation) C:WINDOWSsystem32InputService.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 004710976 _____ (Microsoft Corporation) C:WINDOWSexplorer.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 003815936 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kfull.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 003778888 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgkrnl.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 003750400 _____ (Microsoft Corporation) C:WINDOWSsystem32EdgeContent.dll
2020-12 -09 16:41 – 2020-12-09 16:41 – 003181568 _____ (Microsoft Corporation) C:WINDOWSsystem32MapRouter.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 003068416 _____ (Microsoft Corporation) C:WINDOWSsystem32UIAutomationCore.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 002939392 _____ (Microsoft Corporation) C:WINDOWSsystem32win32kbase.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 002631168 _____ (Microsoft Corporation) C:WINDOWSsystem32MapGeocoder.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 002592584 _____ (Microsoft Corporation) C:WINDOWSsystem32UpdateAgent.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 002260480 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 002250752 _____ (Microsoft Corporation) C:WINDOWSsystem32ISM.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 002119736 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEng.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 00190 9248 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcDesktopMonSvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001877504 _____ (Microsoft Corporation) C:WINDOWSsystem32wevtsvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001837568 _____ (Microsoft Corporation) C:WINDOWSsystem32audiosrv.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001828168 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpserverbase.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001702416 _____ (Microsoft Corporation) C:WINDOWSsystem32user32.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001648128 _____ (Microsoft Corporation) C:WINDOWSsystem32Wpc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001575408 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioSes.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001554944 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversbthport.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 001523712 _____ (Microsoft Corpor ation) C:WINDOWSsystem32MoUsoCoreWorker.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 001522176 _____ (Microsoft Corporation) C:WINDOWSsystem32rdpsharercom.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001516544 _____ (Microsoft Corporation) C:WINDOWSsystem32wwansvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001494528 _____ (Microsoft Corporation) C:WINDOWSsystem32dosvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001415680 _____ (Microsoft Corporation) C:WINDOWSsystem32aadtb.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001414656 _____ (Microsoft Corporation) C:WINDOWSsystem32usocoreworker.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 001380112 _____ (Microsoft Corporation) C:WINDOWSsystem32InputHost.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001368576 _____ (Microsoft Corporation) C:WINDOWSsystem32tsf3gip.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001289168 _____ (Microsoft Corporation) C:WINDOWSsystem32dsre g.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001278976 _____ (Microsoft Corporation) C:WINDOWSsystem32localspl.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001189528 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcMon.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 001182536 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Services.TargetedContent.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001132544 _____ (Microsoft Corporation) C:WINDOWSsystem32MapsStore.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001089864 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversClipSp.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 001058304 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Core.TextInput.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001036800 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcRefreshTask.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001027864 _____ (Microsoft Corporation) C:WINDOWSsyst em32TextInputFramework.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 001026256 _____ (Microsoft Corporation) C:WINDOWSsystem32AppXDeploymentClient.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000993280 _____ (Microsoft Corporation) C:WINDOWSsystem32aadcloudap.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000951808 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversWdiWiFi.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000941568 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.Service.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000924672 _____ (Microsoft Corporation) C:WINDOWSsystem32ngcsvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000909312 _____ (Microsoft Corporation) C:WINDOWSsystem32wuapi.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000906576 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms2.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000884736 _____ (Microsoft Corporation) C:W INDOWSsystem32agentactivationruntimewindows.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000883200 _____ (Microsoft Corporation) C:WINDOWSsystem32wbiosrvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000849920 _____ (Microsoft Corporation) C:WINDOWSsystem32agentactivationruntime.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000845000 _____ (Microsoft Corporation) C:WINDOWSsystem32pkeyhelper.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000842752 _____ (Microsoft Corporation) C:WINDOWSsystem32lsm.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000809472 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.ApplicationModel.ConversationalAgent.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000799232 _____ (Microsoft Corporation) C:WINDOWSsystem32spoolsv.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 000798536 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_StorageSense.dll
2020-12-09 16:41 – 2020-12-09 16:4 1 – 000770048 _____ (Microsoft Corporation) C:WINDOWSsystem32NgcCtnrSvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000764976 _____ (Microsoft Corporation) C:WINDOWSsystem32kernel32.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000751616 _____ (Microsoft Corporation) C:WINDOWSsystem32AudioEndpointBuilder.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000708096 _____ (Microsoft Corporation) C:WINDOWSsystem32SHCore.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000657408 _____ (Microsoft Corporation) C:WINDOWSsystem32ngccredprov.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000602440 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversUSBXHCI.SYS
2020-12-09 16:41 – 2020-12-09 16:41 – 000600064 _____ (Microsoft Corporation) C:WINDOWSsystem32untfs.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000596992 _____ (Microsoft Corporation) C:WINDOWSsystem32win32k.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000586800 _____ (Mi crosoft Corporation) C:WINDOWSsystem32audiodg.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 000567296 _____ (Microsoft Corporation) C:WINDOWSsystem32usosvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000516608 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsEnvironment.Desktop.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000490496 _____ (Microsoft Corporation) C:WINDOWSsystem32domgmt.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000469320 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspci.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000459776 _____ (Microsoft Corporation) C:WINDOWSsystem32aadauthhelper.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000454992 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversdxgmms1.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000450560 _____ (Microsoft Corporation) C:WINDOWSsystem32cryptngc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000443904 _____ (Microsoft Cor poration) C:WINDOWSsystem32AarSvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000432928 _____ (Microsoft Corporation) C:WINDOWSsystem32AUDIOKSE.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000418800 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversintelpep.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000408392 _____ (Microsoft Corporation) C:WINDOWSsystem32wmicmiplugin.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000407552 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicSvc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000384512 _____ (Microsoft Corporation) C:WINDOWSsystem32SettingsHandlers_SpeechPrivacy.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000382728 _____ (Microsoft Corporation) C:WINDOWSsystem32wintrust.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000377856 _____ (Microsoft Corporation) C:WINDOWSsystem32CryptoWinRT.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000365056 _____ (Microsoft Corp oration) C:WINDOWSsystem32BioCredProv.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000363520 _____ C:WINDOWSsystem32Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000343040 _____ (Microsoft Corporation) C:WINDOWSsystem32UserDeviceRegistration.Ngc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000337408 _____ (Microsoft Corporation) C:WINDOWSsystem32mdmregistration.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000324608 _____ (Microsoft Corporation) C:WINDOWSsystem32UpdateDeploymentProvider.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000321024 _____ (Microsoft Corporation) C:WINDOWSsystem32vdsbas.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000292864 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicCapsule.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000291328 _____ (Microsoft Corporation) C:WINDOWSsystem32WpcTok.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 000287232 ___ __ C:WINDOWSsystem32CoreMas.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000287232 _____ (Microsoft Corporation) C:WINDOWSsystem32netman.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000269824 _____ (Microsoft Corporation) C:WINDOWSsystem32container.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000266240 _____ (Microsoft Corporation) C:WINDOWSsystem32cdd.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000253952 _____ (Microsoft Corporation) C:WINDOWSsystem32ngcpopkeysrv.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000251904 _____ (Microsoft Corporation) C:WINDOWSsystem32SystemEventsBrokerServer.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000247296 _____ (Microsoft Corporation) C:WINDOWSsystem32psmsrv.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000226632 _____ (Microsoft Corporation) C:WINDOWSsystem32ifsutil.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000220160 _____ (Microsoft Corporation) C:WINDOWSsystem32UserDev iceRegistration.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000214528 _____ (Microsoft Corporation) C:WINDOWSsystem32ManageCI.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000185672 _____ (Microsoft Corporation) C:WINDOWSsystem32ulib.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000179712 _____ (Microsoft Corporation) C:WINDOWSsystem32TimeBrokerServer.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000178176 _____ (Microsoft Corporation) C:WINDOWSsystem32umpo.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000168264 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversufxsynopsys.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000165376 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 000161680 _____ (Microsoft Corporation) C:WINDOWSsystem32gdi32.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000160072 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvmbus.sys
2020-12- 09 16:41 – 2020-12-09 16:41 – 000158096 _____ (Microsoft Corporation) C:WINDOWSsystem32D3DSCache.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000155976 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversstornvme.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000151552 _____ (Microsoft Corporation) C:WINDOWSsystem32SpatialAudioLicenseSrv.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 000149320 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversbindflt.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000142336 _____ (Microsoft Corporation) C:WINDOWSsystem32InputLocaleManager.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000135168 _____ (Microsoft Corporation) C:WINDOWSsplwow64.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 000132744 _____ (Microsoft Corporation) C:WINDOWSsystem32win32u.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000132096 _____ (Microsoft Corporation) C:WINDOWSsystem32UtcDecoderHost.exe
2020-12-09 16 :41 – 2020-12-09 16:41 – 000113664 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversbthenum.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000112128 _____ (Microsoft Corporation) C:WINDOWSsystem32wwanprotdim.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000110592 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversBTHUSB.SYS
2020-12-09 16:41 – 2020-12-09 16:41 – 000103936 _____ (Microsoft Corporation) C:WINDOWSsystem32bindfltapi.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000093184 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicAgent.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 000090408 _____ (Microsoft Corporation) C:WINDOWSsystem32remoteaudioendpoint.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000089600 _____ (Microsoft Corporation) C:WINDOWSsystem32UsoClient.exe
2020-12-09 16:41 – 2020-12-09 16:41 – 000089088 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.proxystub.dll[19659007]2020-12-09 16:41 – 2020-12-09 16:41 – 000088576 _____ (Microsoft Corporation) C:WINDOWSsystem32EditBufferTestHook.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000088064 _____ (Microsoft Corporation) C:WINDOWSsystem32autopilot.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000083968 _____ (Microsoft Corporation) C:WINDOWSsystem32wups.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000073216 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000071168 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000070984 _____ (Microsoft Corporation) C:WINDOWSsystem32GameInput.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000066560 _____ (Microsoft Corporation) C:WINDOWSsystem32mskeyprotect.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000056320 _____ (Microso ft Corporation) C:WINDOWSsystem32audioresourceregistrar.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000045568 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversBthMini.SYS
2020-12-09 16:41 – 2020-12-09 16:41 – 000044032 _____ (Microsoft Corporation) C:WINDOWSsystem32WordBreakers.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000044032 _____ (Microsoft Corporation) C:WINDOWSsystem32Windows.UI.Xaml.Resources.Common.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000035328 _____ (Microsoft Corporation) C:WINDOWSsystem32TimeBrokerClient.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000032256 _____ (Microsoft Corporation) C:WINDOWSsystem32DriversKNetPwrDepBroker.sys
2020-12-09 16:41 – 2020-12-09 16:41 – 000031744 _____ (Microsoft Corporation) C:WINDOWSsystem32FaxPrinterInstaller.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000029456 _____ (Microsoft Corporation) C:WINDOWSsystem32vmbuspipe.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000029184 _____ (Microsoft Corporation) C:WINDOWSsystem32WaaSMedicPS.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000023552 _____ (Microsoft Corporation) C:WINDOWSsystem32dsregtask.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000023040 _____ (Microsoft Corporation) C:WINDOWSsystem32CSystemEventsBrokerClient.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000019968 _____ (Microsoft Corporation) C:WINDOWSsystem32winshfhc.dll
2020-12-09 16:41 – 2020-12-09 16:41 – 000013312 _____ C:WINDOWSsystem32agentactivationruntimestarter.exe
2020-12-09 16:13 – 2020-11-10 08:48 – 000495616 _____ (Microsoft Corporation) C:WINDOWSsystem32poqexec.exe
2020-12-09 16:13 – 2020-11-10 03:51 – 000391168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64poqexec.exe
2020-12-09 00:25 – 2020-12-09 00:25 – 001495146 _____ C:UserswanglDownloadsmew-252-llewellyn-and-moon (7).pdf
2020-12-05 16:39 – 2020-12-05 16:39 – 000601714 _____ C:UserswanglDownloadsSample article from Diabetes World.pdf
2020-12-05 16:39 – 2020-12-05 16:39 – 000485093 _____ C:UserswanglDownloadsCF recent advances.pdf
2020-12-05 13:34 – 2020-12-05 13:34 – 000090183 _____ C:UserswanglDownloadsLinda Wang – Slides 2nd draft (2).pptx
2020-12-05 13:29 – 2020-12-05 13:29 – 000935766 _____ C:UserswanglDownloadsLinda Wang – Slides 2nd draft (1).pdf
2020-12-05 13:25 – 2020-12-05 13:25 – 000090183 _____ C:UserswanglDownloadsLinda Wang – Slides 2nd draft (1).pptx
2020-12-05 12:50 – 2020-12-05 12:50 – 000089617 _____ C:UserswanglDownloadsLinda Wang – Slides 2nd draft.pptx
2020-12-05 00:45 – 2020-12-05 00:45 – 000085867 _____ C:WINDOWSdxdiag.txt
2020-12-05 00:45 – 2020-12-05 00:45 – 000000000 ____D C:UsersDefaultAppDataLocalD3DSCache
2020-12-05 00:45 – 2020-12-05 00:45 – 000000000 ____D C:UsersDefault UserAppDataLocalD3DSCache[19659007]2020-12-04 10:27 – 2020-12-04 10:27 – 000329728 _____ C:UserswanglDownloadsEARLY ACS dosing.03.12.10ppt.ppt
2020-12-04 10:25 – 2020-12-04 10:25 – 000071460 _____ C:UserswanglDownloadsCompany_10359_company_10359linda_wang___drug_a_slides_reviewer_comments.pptx
2020-12-03 10:27 – 2020-12-03 10:27 – 000117177 _____ C:UserswanglDownloadsquote (3).pdf
2020-12-03 10:20 – 2020-12-03 10:20 – 000070177 _____ C:UserswanglDownloadslottiehanney.pdf
2020-12-03 10:16 – 2020-12-03 10:16 – 000117177 _____ C:UserswanglDownloadsquote (2).pdf
2020-12-02 22:22 – 2020-12-02 22:22 – 001495146 _____ C:UserswanglDownloadsmew-252-llewellyn-and-moon (6).pdf
2020-12-02 12:15 – 2020-12-02 12:15 – 000117177 _____ C:UserswanglDownloadsquote (1).pdf
2020-12-02 11:42 – 2020-12-02 11:42 – 000117177 _____ C:UserswanglDownloadsquote.pdf
2020-12-02 11:23 – 2020-12-02 11:23 – 001495146 _____ C:UserswanglDownloadsme w-252-llewellyn-and-moon (5).pdf
2020-12-02 11:08 – 2020-12-02 11:08 – 000069865 _____ C:UserswanglDownloadsLinda Wang – Drug A slides.pptx
2020-12-02 10:08 – 2020-12-02 10:08 – 000445136 _____ C:UserswanglDownloadsklareskog2009.pdf
2020-12-02 09:48 – 2020-12-02 09:48 – 001495146 _____ C:UserswanglDownloadsmew-252-llewellyn-and-moon (4).pdf
2020-12-02 00:22 – 2020-12-02 00:22 – 001495146 _____ C:UserswanglDownloadsmew-252-llewellyn-and-moon (3).pdf
2020-12-02 00:03 – 2020-12-02 00:03 – 001495146 _____ C:UserswanglDownloadsmew-252-llewellyn-and-moon (2).pdf
2020-11-29 23:18 – 2020-11-29 23:18 – 003648619 _____ C:UserswanglDownloadscareers_guide.pdf
2020-11-29 14:22 – 2020-11-29 14:22 – 000180938 _____ C:UserswanglDownloadsALANA_Good-For-You.pdf
2020-11-29 11:13 – 2020-11-29 11:13 – 000464355 _____ C:UserswanglDownloadsburmester2017.pdf
2020-11-29 09:57 – 2020-11-29 09:57 – 00 2476544 _____ C:UserswanglDownloads177-Careers-Pharmacy.ppt
2020-11-29 09:55 – 2020-11-29 09:55 – 009932135 _____ C:UserswanglDownloadsPharma-101-Presentation_6.19.18.pptx
2020-11-29 09:55 – 2020-11-29 09:55 – 002201600 _____ C:UserswanglDownloadsPILLS_Evaluation_Workshop (1).ppt
2020-11-29 09:54 – 2020-11-29 09:54 – 002201600 _____ C:UserswanglDownloadsPILLS_Evaluation_Workshop.ppt
2020-11-29 09:54 – 2020-11-29 09:54 – 001495146 _____ C:UserswanglDownloadsmew-252-llewellyn-and-moon (1).pdf
2020-11-28 23:06 – 2020-11-28 23:06 – 000867840 _____ C:UserswanglDownloadsbee414aa548f8ad5 (1).ppt
2020-11-28 18:05 – 2020-11-28 18:05 – 001495146 _____ C:UserswanglDownloadsmew-252-llewellyn-and-moon.pdf
2020-11-28 16:18 – 2020-11-28 16:18 – 000177220 _____ C:UserswanglDownloads3c-Faculty-Disclosure-Slide-PTCOG-2019.pptx
2020-11-28 16:14 – 2020-11-28 16:14 – 000126110 _____ C:UserswanglDownlo adsSample_UK-English-EQ-5D-3L-Paper-Self-Complete-v2.1-ID-23963.pdf
2020-11-28 15:06 – 2020-11-28 15:06 – 000423099 _____ C:UserswanglDownloadsbrunt2018 (1).pdf
2020-11-28 14:56 – 2020-12-23 22:17 – 000000000 ____D C:UserswanglDocuments1. Medical Writing
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-12-28 13:09 – 2020-10-01 19:59 – 000000006 ____H C:WINDOWSTasksSA.DAT
2020-12-28 13:09 – 2020-10-01 19:54 – 000008192 ___SH C:DumpStack.log.tmp
2020-12-28 13:09 – 2020-09-28 11:39 – 000000000 ____D C:Program Files (x86)TeamViewer
2020-12-28 13:09 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSServiceState
2020-12-28 13:09 – 2019-12-07 09:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2020-12-28 13:09 – 2019-12-07 09:03 – 000524288 _____ C:WINDOWSsystem32configBBI
2020-12-28 13:09 – 2019-10-22 10:17 – 000000000 __SHD C:UserswanglIntelGraphicsProfiles
2020-12-28 13:09 – 2019-10-21 19:17 – 000000000 ___RD C:UserswanglOneDrive
2020-12-28 13:09 – 2019-09-22 15:56 – 000000134 _____ C:WINDOWSsystem32regtest.txt
2020-12-28 12:39 – 2019-12-07 09:14 – 000000000 ___HD C:WINDOWSELAMBKUP
2020-12-28 12:39 – 2019-12-07 09:13 – 000000000 ____D C:WINDOWSINF
2020-12-28 12:28 – 2019-12-07 09:03 – 000032768 _____ C:WINDOWSsystem32configELAM
2020-12-28 12:19 – 2020-10-02 04:45 – 000405864 _____ C:WINDOWSsystem32prfh0804.dat
2020-12-28 12:19 – 2020-10-02 04:45 – 000125348 _____ C:WINDOWSsystem32prfc0804.dat
2020-12-28 12:19 – 2020-10-01 20:03 – 001314340 _____ C:WINDOWSsystem32PerfStringBackup.INI
2020-12-28 12:18 – 2020-11-10 15:11 – 000004168 _____ C:WINDOWSsystem32TasksUser_Feed_Synchronization-{1A951F94-D8F8-473B-B3F4-B02AC68DFCE4}
2020-12-28 12:15 – 2020-03-16 20:43 – 000000000 ____D C:ProgramDataMozilla
2020-12-28 12:14 – 2020-03-16 20:43 – 000000000 ____D C:UserswanglAppDataLocalLowMozilla
2020-12-28 00:47 – 2020-10-01 19:54 – 000000000 ____D C:W INDOWSsystem32SleepStudy
2020-12-26 19:19 – 2020-09-09 23:04 – 000032978 _____ C:UserswanglDocumentsMy Model.xlsx
2020-12-25 01:46 – 2019-12-07 09:14 – 000000000 ___HD C:Program FilesWindowsApps
2020-12-25 01:46 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSAppReadiness
2020-12-25 00:03 – 2019-12-07 09:14 – 000000000 ____D C:Program FilesWindows Defender
2020-12-25 00:03 – 2019-04-19 05:00 – 000000000 ____D C:WINDOWSsystem32Driverswd
2020-12-24 22:46 – 2020-03-16 20:43 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2020-12-24 22:10 – 2019-10-21 23:02 – 000000000 ____D C:UserswanglAppDataLocalD3DSCache
2020-12-24 21:48 – 2020-09-28 11:39 – 000000000 ____D C:UserswanglAppDataLocalTeamViewer
2020-12-24 20:15 – 2019-10-22 15:30 – 000000000 ____D C:Program Files (x86)Adobe
2020-12-24 11:00 – 2019-11-02 21:35 – 000000000 ____D C:UserswanglDocumentsMy Kindle Content
2020-12-24 10:16 – 2020-03-16 20:43 – 000001016 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2020-12-23 19:39 – 2019-09-22 15:44 – 000000000 ____D C:Program FilesMicrosoft Office
2020-12-22 00:43 – 2020-10-01 19:55 – 000000000 ____D C:Userswangl
2020-12-21 23:17 – 2020-10-25 14:47 – 000000000 ____D C:WINDOWSMinidump
2020-12-21 23:17 – 2020-01-10 21:39 – 1246811722 _____ C:WINDOWSMEMORY.DMP
2020-12-21 23:17 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSLiveKernelReports
2020-12-20 04:31 – 2019-12-07 09:03 – 000000000 ____D C:WINDOWSCbsTemp
2020-12-19 13:21 – 2020-06-15 11:48 – 000002432 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2020-12-19 13:21 – 2020-06-15 11:48 – 000002270 _____ C:UsersPublicDesktopMicrosoft Edge.lnk
2020-12-19 13:21 – 2020-06-15 11:48 – 000002270 _____ C:ProgramDataDesktopMicrosoft E dge.lnk
2020-12-18 12:52 – 2020-03-29 16:00 – 000014219 _____ C:UserswanglDocumentsNew food planner.xlsx
2020-12-16 10:33 – 2019-10-22 10:17 – 000000000 ____D C:UserswanglAppDataLocalPackages
2020-12-14 21:57 – 2020-10-01 19:59 – 000003380 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-2401386706-1030334005-2979581481-1001
2020-12-14 21:57 – 2020-10-01 19:55 – 000002378 _____ C:UserswanglAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2020-12-12 16:21 – 2019-10-22 15:30 – 000002147 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk
2020-12-10 02:27 – 2020-10-01 19:54 – 000459240 _____ C:WINDOWSsystem32FNTCACHE.DAT
2020-12-10 02:26 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSysWOW64Dism
2020-12-10 02:26 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSystemResources
2020-12-10 02:26 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32migwiz
2020-12-10 02:26 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32Dism
2020-12-10 02:26 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSbcastdvr
2020-12-10 02:26 – 2019-12-07 09:14 – 000000000 ____D C:Program Files (x86)Windows Defender
2020-12-09 23:57 – 2019-10-21 19:17 – 000000000 ____D C:UserswanglAppDataLocalPlaceholderTileLogoFolder
2020-12-09 16:10 – 2019-10-21 19:46 – 000000000 ____D C:WINDOWSsystem32MRT
2020-12-09 16:08 – 2019-10-21 19:46 – 133736600 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2020-12-07 19:38 – 2019-10-21 19:19 – 000002312 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-12-07 19:38 – 2019-10-21 19:19 – 000002271 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2020-12-07 19:38 – 2019-10-21 19:19 – 000002271 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2020-12-05 18:09 – 2 019-10-21 19:27 – 000000000 ____D C:UserswanglDocuments1 Neuro
2020-12-03 22:31 – 2020-10-01 19:59 – 000003418 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA
2020-12-03 22:31 – 2020-10-01 19:59 – 000003294 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore
2020-11-30 18:46 – 2020-10-01 19:59 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2020-11-30 18:46 – 2020-10-01 19:59 – 000003356 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
———————————————————-
Addition.txt
Additional scan re sult of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by wangl (28-12-2020 13:11:56)
Running from C:UserswanglDownloads
Windows 10 Home Version 2004 19041.685 (X64) (2020-10-01 19:59:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2401386706-1030334005-2979581481-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-2401386706-1030334005-2979581481-503 – Limited – Disabled)
Guest (S-1-5-21-2401386706-1030334005-2979581481-501 – Limited – Disabled)
wangl (S-1-5-21-2401386706-1030334005-2979581481-1001 – Administrator – Enabled) => C:Userswangl
WDAGUtilityAccount (S-1-5-21-2401386706-1030334005-2979581481-504 – Limited – Disabled)
==================== Security Center ========================
[19659007](If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled – Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Bitdefender Antivirus (Enabled – Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32…{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.013.20074 – Adobe Systems Incorporated)
Adobe Connect (HKUS-1-5-21-2401386706-1030334005-2979581481-1001…Adobe Connect App) (Version: 2019.5.1.32 – Adobe Systems Inc.)
Adobe Digital Editions 4.5 (HKLM-x32…Adobe Digital Editions 4.5) (Version: 4.5.11 – Adobe Systems Incorporated)
Amazon Kindle (HKUS-1-5-21-2401386706-1030334005-2979581481-1001…Amazon Kindle) (Version: 1.28.0.57030 – Amazon)
Bitdefender Agent (HKLM…Bitdefender Agent) (Version: 25.0.1.177 – Bitdefender)
Bitdefender Total Security (HKLM…Bitdefender) (Version: 25.0.10.52 – Bitdefender)
Bitdefender VPN (HKLM…Bitdefender VPN) (Version: 25.0.1.25 – Bitdefender)
Google Chrome (HKLM-x32…Google Chrome) (Version: 87.0.4280.88 – Google LLC)
Google Update Helper (HKLM-x32 …{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 – Google LLC) Hidden
Intel® Chipset Device Software (HKLM-x32…{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 – Intel® Corporation)
Lenovo Pen Settings Service (HKLM…ISD Tablet Driver) (Version: 7.6.1.29 – Wacom Technology Corp.)
Lenovo Vantage Service (HKLM-x32…VantageSRV_is1) (Version: 3.3.115.0 – Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 87.0.664.66 – Microsoft Corporation)
Microsoft Edge Update (HKLM-x32…Microsoft Edge Update) (Version: 1.3.139.59 – )
Microsoft Office Home and Student 2019 – en-us (HKLM…HomeStudent2019Retail – en-us) (Version: 16.0.13426.20404 – Microsoft Corporation)
Microsoft OneDrive (HKUS-1-5-21-2401386706-1030334005-2979581481-1001…OneDriveSetup.exe) (Version: 20.201.1005.0009 – Microsoft Corporation)
Microsoft Teams (HKUS-1-5-21-2401386706-1030334005 -2979581481-1001…Teams) (Version: 1.3.00.13565 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.22.27821 (HKLM-x32…{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 – Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKUS-1-5-21-2401386706-1030334005-2979581481-1001…{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.51.1 – Microsoft Corporation)
Mozilla Firefox 84.0.1 (x64 en-GB) (HKLM…Mozilla Firefox 84.0.1 (x64 en-GB)) (Version: 84.0.1 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 74.0 – Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 – Microsoft Corporation) Hidden
Offic e 16 Click-to-Run Localization Component (HKLM…{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13426.20404 – Microsoft Corporation) Hidden
OpenVPN 2.4.9-I601-Win10 (HKLM…OpenVPN) (Version: 2.4.9-I601-Win10 – OpenVPN Technologies, Inc.)
Skype for Business Basic 2016 – en-us (HKLM…SkypeforBusinessEntryRetail – en-us) (Version: 16.0.13426.20404 – Microsoft Corporation)
TAP-Windows 9.24.2 (HKLM…TAP-Windows) (Version: 9.24.2 – OpenVPN Technologies, Inc.)
TeamViewer (HKLM-x32…TeamViewer) (Version: 15.10.5 – TeamViewer)
VLC media player (HKLM…VLC media player) (Version: 3.0.10 – VideoLAN)
VLC media player (HKLM-x32…VLC media player) (Version: 3.0.8 – VideoLAN)
Zoom (HKUS-1-5-21-2401386706-1030334005-2979581481-1001…ZoomUMX) (Version: 5.2.1 (44052.0816) – Zoom Video Communications, Inc.)
Packages:
=========
Candy Crush Friends -> C:Program FilesWindows Appsking.com.CandyCrushFriends_1.49.2.0_x86__kgqvnymyfvs32 [2020-12-15] (king.com)
Dolby Atmos Speaker System -> C:Program FilesWindowsAppsDolbyLaboratories.DolbyAtmosSpeakerSystem_3.20402.409.0_x64__rz1tebttyb220 [2019-09-22] (Dolby Laboratories)
Dolby Vision -> C:Program FilesWindowsAppsDolbyLaboratories.DolbyVisionHDR_1.7.5123.0_x64__rz1tebttyb220 [2020-10-14] (Dolby Laboratories)
Farm Heroes Saga -> C:Program FilesWindowsAppsking.com.FarmHeroesSaga_5.50.7.0_x86__kgqvnymyfvs32 [2020-12-15] (king.com)
FMAPOControl -> C:Program FilesWindowsApps4505Fortemedia.FMAPOControl_1.1.17.0_x64__4pejv7q2gmsnr [2020-09-17] (Fortemedia)
Intel® Graphics Command Center -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt [2020-11-13] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:Program FilesWindowsAppsAppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-20] (INTEL CORP)[19659007]Lenovo Pen Settings -> C:Program FilesWindowsAppsWacomTechnologyCorp.157535B83C264_7.7.24.0_neutral__ss941bf8mfs8a [2020-12-04] (Wacom Technology Corp.)
Lenovo Vantage -> C:Program FilesWindowsAppsE046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-29] (LENOVO INC.)
LenovoUtility -> C:Program FilesWindowsAppsE0469640.LenovoUtility_3.1.19.0_x64__5grkq8ppsgwt4 [2020-12-16] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-22] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:Program FilesWindowsAppsMicrosoft.Whiteboard_20.11116.5504.0_x64__8wekyb3d8bbwe [2020-12-19] (Microsoft Corporation)
MPEG-2 Video Extension -> C:Program FilesWindowsAppsMicrosoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation)
PDF Reader – View, Edit, Annotate -> C:Program FilesWindowsApps5E8FC25E.XODODOCS_4.4.2.0_x64__3v3sf0k6w2rec [2020-12-09] (Xodo Technologies Inc.)
Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-24] (Microsoft Corporation)
Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.9.214.0_x64__dt26b99r8h8gj [2020-10-01] (Realtek Semiconductor Corp)
Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]
Thunderbolt Control Center -> C:Program FilesWindowsApps AppUp.ThunderboltControlCenter_1.0.25.0_x64__8j3eq9eme6ctt [2020-06-12] (INTEL CORP)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKUS-1-5-21-2401386706-1030334005-2979581481-1001_ClassesCLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}InprocServer32 -> C:UserswanglAppDataLocalMicrosoftTeamsMeetingAddin1.0.20091.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-2401386706-1030334005-2979581481-1001_ClassesCLSID{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}InprocServer32 -> C:UserswanglAppDataLocalMicrosoftTeamsMeetingAddin1.0.20091.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:UserswanglAppDataRoamingMicrosoftInternet Explo rerQuick LaunchUser PinnedImplicitAppShortcutsd249d9ddd424b688Google Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2020-05-02 18:49 – 2020-05-02 18:49 – 000000000 ____L (Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16AppVIsvSubsystems64.dll
2020-05-02 18:49 – 2020-05-02 18:49 – 000000000 ____L (Microsoft Corporation) C:Program FilesMicrosoft OfficerootOffice16c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKUS-1-5-21-2401386706-1030334005-2979581481-100 1SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKUS-1-5-21-2401386706-1030334005-2979581481-1001 -> DefaultScope {CAEAAE6C-D795-4935-945E-26299076A11A} URL =
SearchScopes: HKUS-1-5-21-2401386706-1030334005-2979581481-1001 -> {CAEAAE6C-D795-4935-945E-26299076A11A} URL =
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:Program FilesBitdefenderBitdefender Securitybdtbie.dll [2020-11-13] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:Program FilesBitdefenderBitdefender Securitypmbxie.dll [2020-11-13] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootOffice16OCHelper.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104 -2CD0E90A88FF} -> No File
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:Program FilesBitdefenderBitdefender Securityantispam32bdtbie.dll [2020-11-13] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:Program FilesBitdefenderBitdefender SecurityAntispam32pmbxie.dll [2020-11-13] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2020-09-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Toolbar: HKLM – Bitdefender Wallet – {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} – C:Program FilesBitdefenderBitdefender Securitypmbxie.dll [2020-11-13] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 – Bitdefender Wallet – {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} – C:Program FilesBitdefenderBitdefender SecurityAntispam32pmbxie.dll [2020-11-13] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 – {83C25742-A9F7-49FB-9138-434302C88D07} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-12-06] (Microsoft Corpor ation -> Microsoft Corporation)
Handler: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – {42089D2D-912D-4018-9087-2B87803E93FB} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – {5504BE45-A83B-4808-900A-3A5C36E7F77A} – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2020-12-06] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE tru sted site: HKUS-1-5-21-2401386706-1030334005-2979581481-1001…sharepoint.com -> hxxps://linnaeusgroupcouk-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 04:49 – 2020-12-28 13:09 – 000000824 _____ C:WINDOWSsystem32driversetchosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKUS-1-5-21-2401386706-1030334005-2979581481-1001Control PanelDesktop\Wallpaper -> C:UserswanglAppDataLocalMicrosoftWindowsThemesRoamedThemeFilesDesktopBackgroundsurface.jpg
DNS Servers: 192.168.0.1
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMi crosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{93E59355-AE99-4F9F-9A55-2FD373931A0E}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CF4C4D31-7FAE-4EE3-8932-1F752076D867}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3F9D897E-675E-4B9B-923E-3F801DC1EFD1}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B234DE47-C591-43A6-9E0F-460E5981BC84}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{61B2BA79-C9E0-4F9E-8042-54206E2FB727}] => (Allow) C:Program FilesMicrosof t OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C3DA2C0-1313-44CC-8F0B-7C7A07A7BF47}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C86F547D-6ECB-46FA-9987-60F8884EE636}] => (Allow) C:UserswanglAppDataRoamingZoombinairhost.exe => No File
FirewallRules: [{268FC545-EEB3-4E8C-BD68-CDC8ABF60B2A}] => (Allow) C:UserswanglAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{17CABFD8-E723-4961-AC39-811BAAF8071F}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{99C21C14-0ED9-476A-8A1E-1C1D8CCEFA78}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{16D88DC2-CAC1-491E-8A6A-532BA86CD4FC}] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A64A8449-DF6F-4192-96AD-A1603137B107}] => (Allow) C:Program FilesMic rosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DAB19F6-7053-4BF8-8721-FDA59100AFB4}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1EC03464-21DB-4B24-AE10-E50A23F3A68B}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{35781BB3-C469-466E-BF66-AA03A9F6F797}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EBC08A66-7B4C-4B27-86C8-3C78710F8C70}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4332DC96-C34C-47B1-A196-C7448FA94ACB}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{98D8425A-3E86-414C-B389-DE47A5C70B0F}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.148.6 25.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9F8E496-5F41-49B9-A2E5-5E07FECC18F5}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{99F4439C-EC9D-4327-87B5-5F55CAEBE5C8}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15509381-D00C-4076-A161-C16FC34D7024}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4DFC8A53-8CAE-40E1-B046-0E2440A55978}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2FA42998-E692-49A8-9077-6277B4646535}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{26A2ACFD-A879-446F-81F4-480FB3C1B2F8}] => (Allow) C:Pr ogram FilesWindowsAppsMicrosoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3520CB80-1B5D-4646-B270-259710090526}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
19-12-2020 15:38:59 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/27/2020 02:39:52 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (12/27/2020 02:39:52 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045bAsystemshutdownisinprogress
]
Error: (12/27/2020 02:39:52 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (12/27/2020 02:39:52 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045bAsystemshutdownisinprogress
]
Error: (12/24/2020 10:45:08 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (12/24/2020 10:45:08 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045bAsystemshutdownisinprogress
]
Error: (12/24/2020 10:41:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TeamViewer.exe, version: 15.3.2682.0, time stamp: 0x5e46ded8
Faulting module name: ntdll.dll, version: 10.0.19041.662, time stamp: 0x5f641e44
Exception code: 0xc0000005
Fault offset: 0x00062113
Faulting process id: 0x3720
Faulting application start time: 0x01d6da3e8c0a2b98
Faulting application path: C:UserswanglAppDataLocalTempTeamViewerTeamViewer.exe
Faulting module path: C:WINDOWSSYSTEM32ntdll.dll
Report Id: 1ce86e31-0e88-4c58-9e24-90a57269fc89
Faulting package full name:
Faulting package-relative application ID:
Error: (12/24/2020 01:46:30 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045bAsystemshutdownisinprogress
]
System errors:
=============
Error: (12/24/2020 08:11:12 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (12/24/2020 08:11:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (12/24/2020 08:11:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (12/24/2020 08:11:10 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (12/24/2020 08:11:09 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (12/24/2020 08:11:09 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (12/24/2020 08:11:09 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (12/24/2020 08:11:09 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Windows Defender:
===================================
Date: 2020-12-25 18:19:23.1310000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {E8B2F665-138B-46E6-8174-E0B813B8DB4B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-25 01:58:40.3070000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {6B0DA6A2-D05E-4F51-9809-A868EF3777D2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-12-25 01:46:34.3660000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {2BDF0E93-8DC5-4BCE-867E-109713A58494}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
================================== =
Date: 2020-12-28 12:39:12.9680000Z
Description:
Windows is unable to verify the image integrity of the file DeviceHarddiskVolume3Program FilesESETESET Securityecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-28 12:39:12.9590000Z
Description:
Windows is unable to verify the image integrity of the file DeviceHarddiskVolume3Program FilesESETESET Securityecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-28 12:39:12.9470000Z
Description:
Windows is unable to verify the image integrity of the file DeviceHarddiskVolume3Program FilesESETESET Securityeamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-28 12:33:17.4390000Z
Description:
Windows is unable to verify the image integrity of the file DeviceHarddiskVolume3Program FilesESETESET Securityecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-28 12:33:17.4340000Z
Description:
Windows is unable to verify the image integrity of the file DeviceHarddiskVolume3Program FilesESETESET Securityecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-28 12:33:17.4270000Z
Description:
Windows is unable to verify the image integrity of the file DeviceHarddiskVolume3Program FilesESETESET Securityeamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-28 12:33:16.7490000Z
Description:
Windows is unable to verify the image integrity of the file DeviceHarddiskVolume3Program FilesESETESET Securityecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-12-28 12:33:16.7450000Z
Description:
Windows is unable to verify the image integrity of the file DeviceHarddiskVolume3Program FilesESETESET Securityecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO AUCN54WW 01/09/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel® Core™ i7-1065G7 CPU @ 1.30GHz
Percentage of memory in use: 58%
Total physical RAM: 7934.68 MB
Available physical RAM: 3254.44 MB
Total Virtual: 15614.68 MB
Available Virtual: 11041.11 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:277.46 GB) NTFS
\?Volume{30b850f3-4f09-4677-a6b2-3c44b3e5db6e} (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.25 GB) NTFS
\?Volume{1008a31b-413b-45a8-9b64-c44984881ed5} (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
======================================================== ==
Disk: 0 (Size: 476.9 GB) (Disk ID: 99D4DFFD)
Partition: GPT.
==================== End of Addition.txt =======================
.
