Премини към съдържанието

v3cko

Потребител
  • Публикации

    49
  • Регистрация

  • Последно онлайн

Харесвания

4 Неутрална репутация

Всичко за v3cko

  • Титла
    Потребител
  • Рожден ден 14.07.1977

Информация

  • Пол
    Мъж
  • Град
    Троян

Последни посетители

858 прегледа на профила
  1. Благодаря за отделеното време , приятна вечр и на вас
  2. # Run at 4.8.2019 'г.' 20:29:45 # KpRm (Kernel-panik) version 1.7.3 # Website https://kernel-panik.me/tool/kprm/ # Run by Beco from C:\Users\Beco\Downloads # Computer Name: BECO-PC # OS: Windows 10 X86 (18362) - Create Registry Backup - [OK] Registry Backup: C:\KPRM\backup\2019-08-04-20-29 - Search Tools - ## AdwCleaner [OK] C:\Users\Beco\Downloads\adwcleaner_7.1.1.exe deleted (1) [OK] C:\AdwCleaner deleted (1) ## ESET Online Scanner [OK] HKLM\SOFTWARE\ESET\ESET Online Scanner deleted (1) ## FRST [OK] C:\Users\Beco\Downloads\Addition.txt deleted (1) [OK] C:\Users\Beco\Downloads\Addition_04-08-2019 17.09.48.txt deleted (1) [OK] C:\Users\Beco\Downloads\Fixlog.txt deleted (1) [OK] C:\Users\Beco\Downloads\FRST.exe deleted (1) [OK] C:\Users\Beco\Downloads\FRST.txt deleted (1) [OK] C:\FRST deleted (1) ## SecurityCheck [OK] C:\Users\Beco\Downloads\SecurityCheck.exe deleted (1) - Restore Default System Settings - [OK] Flush DNS [OK] Reset WinSock [OK] Hide Hidden file. [OK] Show Extensions for known file types [OK] Hide protected operating system files - Restore UAC Default Value - [OK] Set ConsentPromptBehaviorAdmin with default (5) value [OK] Set ConsentPromptBehaviorUser with default (3) value [OK] Set EnableInstallerDetection with default (0) value [OK] Set EnableLUA with default (1) value [OK] Set EnableSecureUIAPaths with default (1) value [OK] Set EnableUIADesktopToggle with default (0) value [OK] Set EnableVirtualization with default (1) value [OK] Set FilterAdministratorToken with default (0) value [OK] Set PromptOnSecureDesktop with default (1) value [OK] Set ValidateAdminCodeSignatures with default (0) value - Clear All System Restore Points - ~ [OK] RP named Windows Update created at 08/01/2019 10:54:17 deleted ~ [OK] RP named Driver Booster : Microsoft ACPI-Compliant Control Method Battery created at 08/03/2019 15:20:34 deleted [OK] All system restore points have been successfully deleted - Create New System Restore Point - [OK] Enable System Restore [OK] System Restore Point created - Display All System Restore Point - ~ RP named KpRm created at 08/04/2019 17:31:23 found
  3. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-08-2019 Ran by Beco (administrator) on BECO-PC (Hewlett-Packard HP EliteBook 6930p) (04-08-2019 19:42:13) Running from C:\Users\Beco\Downloads Loaded Profiles: Beco (Available Profiles: Beco) Platform: Microsoft Windows 10 Pro Version 1903 18362.267 (X86) Language: Английски (Съединени щати) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPMSGSVC.exe (Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPWMISVC.exe (HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [349240 2010-01-11] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [HPMessageService] => C:\Program Files\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (Hewlett-Packard Company -> HP Inc.) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\76.0.3809.87\Installer\chrmstp.exe [2019-08-01] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {007EB50E-306C-4243-A051-E9CD96BD6478} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {02368336-6FC1-4641-AC1C-AF3E2FBAFA41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [243576 2019-07-23] (HP Inc. -> HP Inc.) Task: {09CD826E-432A-424E-9075-D474750087E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.) Task: {0AC7D9DD-906E-4B7B-847E-273A28E54C7F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0CD5E731-3C97-48A0-89D3-4BE6DE9D3197} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.) Task: {10F238F1-61B3-4FF4-B5F0-8DDC8322392A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.) Task: {1B3EB7B5-BC28-4B91-AE3A-F9EED593562F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [137592 2019-06-12] (HP Inc. -> HP Inc.) Task: {1ECBFDA8-5C75-484C-9609-D69F88A27FC2} - System32\Tasks\{C5F4DFD8-894D-40BF-9817-EDD70197CF73} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\LeagueOfAngels3-gtarcade-5c84c94d5b7d1.exe -d C:\Users\Beco\Downloads Task: {2237D89C-8BA2-4D66-8621-5F8040BA7EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.) Task: {23C30DE0-3363-4410-9EB8-2B31B3D0ECEE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {25AB2260-9353-403C-90EC-CC7BD098D295} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {2BDBC731-7714-481B-B2BC-27EC77EACFFB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {36942695-8A2A-42ED-A030-4B8E54984C38} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe) Task: {36FF84BD-F80B-4AC0-A3CD-CEA552F511CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3B8B0FF6-5976-4CD4-868A-6EFD55AC20EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3CC255DE-9A77-4339-B257-97BEED1F30CB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3D8A7ED4-7E07-4834-9592-460518EE157F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {43CBF981-9207-415B-A43F-EA808D674483} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5286E90C-81E4-4622-9F35-2E63C86A789E} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files\PrivaZer\PrivaZer.exe [17307864 2019-07-31] (Goversoft LLC -> Goversoft LLC) Task: {5CCA8EB2-1044-43C2-83EF-14AFD88A23FB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {6247CC29-3BAC-4EB6-AD0A-8D6CF73982B7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6927372A-A3E3-4697-84F8-4492DE198CAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {70D1EB0E-4134-4D8A-B28B-71D12D891637} - System32\Tasks\{55AAC5B5-BEF5-4E5F-BF9A-95DAFA22D058} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\SharewareOnSale_Giveaway_IObit_Uninstaller_8_PRO_hub.exe -d C:\Users\Beco\Downloads Task: {70D4EC4B-4DC4-4743-8A18-19650406D2DF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {76A1CED5-E44E-41BC-88E4-53FFAC64AC3F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7DF081FE-AF3E-4B1F-A713-015169C165F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.) Task: {7E391591-2447-4B71-8C46-9F851D3C62B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8573BFA5-38FD-40AC-9800-8EC04403FFEC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {863D0715-8EC5-4308-B25B-A1A49453A5E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe) Task: {9E9DB093-650D-4AC1-AE74-EFF09DAA28AF} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {A00C8D46-8534-4496-96EE-C950CC0D41C6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {A37D69BB-3628-4340-9743-AC2FA5585724} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {B265CC37-CE62-4823-8496-5957A29C4EED} - System32\Tasks\HPCeeScheduleForBeco => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2019-05-17] (HP Inc. -> HP Inc.) Task: {B9FB55F4-5977-4236-9F75-7569B987B420} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BB75632B-EC31-4185-A0E7-CE9618974674} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BC00F4DF-2168-4200-B664-82D78875D451} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {BE834CB4-A940-4395-A30D-42B461E75614} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C118C4DD-2CC4-42CB-BA9E-FA5E7EE07C24} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C8C95506-2926-45B9-B2BC-6D645180D789} - System32\Tasks\{B4FF3079-1C8A-4E12-8782-220F860F7F4E} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\EraOfCelestials-gtarcade-5c839784bff81.exe -d C:\Users\Beco\Downloads Task: {CB047417-746E-40BA-902A-815AC8FA6C7D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {D3D93664-7AD4-4496-BF89-348597AE5BC6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {D83BAE58-18BB-4010-9F0E-054149DAE465} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.) Task: {D988B398-1B45-483C-AA40-86B6646D65A8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe) Task: {DB531726-7852-4C5C-8C8E-7E643191E42A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {E0E8C45C-FE64-4087-8E0C-2193CDC81717} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {E7356B7D-5DD6-4890-B4AF-6B1E94A3EF8F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Beco\Downloads\esetonlinescanner_enu.exe [7969304 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.) Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {EC15E52E-DA43-4DCC-A275-1158D0C511BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F153981F-F55F-4D98-B828-A6E1A197FAF3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FF8FD040-EFED-4F3F-B025-E7200A94FA01} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{338C8A04-E5A4-41C0-A592-06F731151E59}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{50FBF5F3-CB8C-4AC9-A764-9C2251E7FE43}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{c92b2e9a-dca7-4503-a7ab-bc7c831445cd}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{f048b2a6-1866-46e6-b7f4-e6a65c07e85b}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-2920239448-2505446405-2311763162-1001 -> hxxp://google.bg/ FireFox: ======== FF DefaultProfile: oytl87x0.default FF ProfilePath: C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default [2019-07-16] FF user.js: detected! => C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06] FF Homepage: K-Meleon\oytl87x0.default -> google.bg FF Extension: (NewsFox) - C:\Program Files\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-03-12] [Legacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> ) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://google.bg/ CHR StartupUrls: Default -> "hxxps://www.google.bg/" CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default [2019-08-04] CHR Extension: (Презентации) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24] CHR Extension: (Документи) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24] CHR Extension: (Google Диск) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-05] CHR Extension: (YouTube) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-05] CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-02] CHR Extension: (Таблици) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24] CHR Extension: (Google Документи офлайн) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-24] CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-07-29] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-24] CHR Extension: (Gmail) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29] CHR Extension: (Chrome Media Router) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-01] CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-04] CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-04] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AEADIFilters; C:\WINDOWS\system32\AEADISRV.EXE [90112 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation -> LSI Corporation) S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.) R2 HPWMISVC; C:\Program Files\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3735832 2019-08-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [304680 2018-05-22] (Synaptics Incorporated -> Synaptics Incorporated) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [1879960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [82984 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [37696 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company) R3 ADIHdAudAddService; C:\WINDOWS\system32\drivers\ADIHdAud.sys [381440 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) R3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [1163328 2010-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation) S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [199608 2019-02-20] (BayHub Technology Inc. -> BayHubTech/O2Micro ) R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [47504 2019-08-03] (IVT CORPORATION -> IVT Corporation.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-05-31] (Malwarebytes Corporation -> Malwarebytes) R3 HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [15544 2010-02-25] (Hewlett-Packard Company -> Hewlett-Packard Company) R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [27968 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company) R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [15872 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2019-01-06] (Martin Malik - REALiX -> REALiX(tm)) S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [106144 2019-01-11] (Malwarebytes Corporation -> Malwarebytes) S3 MBAMProtection; C:\WINDOWS\System32\DRIVERS\mbam.sys [63760 2019-01-11] (Malwarebytes Corporation -> Malwarebytes) S3 MBAMWebProtection; C:\WINDOWS\System32\DRIVERS\mwac.sys [83648 2019-01-12] (Malwarebytes Corporation -> Malwarebytes) R1 MEmuDrv; C:\WINDOWS\System32\DRIVERS\MEmuDrv.sys [257512 2019-03-14] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [18448 2019-08-03] (Microsoft Windows Hardware Compatibility Publisher -> NEC Personal Computers, Ltd.) S3 NETw5s32; C:\WINDOWS\System32\DRIVERS\NETw5s32.sys [6755840 2010-01-13] (Intel Corporation) [File not signed] R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7530736 2019-01-06] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmptsk.sys [48128 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC) R3 rismc32; C:\WINDOWS\system32\DRIVERS\rismc32.sys [49152 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> RICOH Company, Ltd.) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2019-08-04] (Adlice -> ) S3 vjoy; C:\WINDOWS\System32\DRIVERS\vjoy.sys [50224 2016-02-03] (Shaul Eizikovich -> Shaul Eizikovich) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38280 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [269024 2019-07-26] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39136 2019-07-26] (Microsoft Windows -> Microsoft Corporation) S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X] U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-08-04 19:18 - 2019-08-04 19:19 - 000000000 ____D C:\AdwCleaner 2019-08-04 19:18 - 2019-08-04 19:18 - 007277776 _____ (Malwarebytes) C:\Users\Beco\Downloads\adwcleaner_7.1.1.exe 2019-08-04 18:54 - 2019-08-04 18:54 - 000000000 ____D C:\SecurityCheck 2019-08-04 18:53 - 2019-08-04 18:53 - 000528638 _____ (glax24 (safezone.cc)) C:\Users\Beco\Downloads\SecurityCheck.exe 2019-08-04 18:21 - 2019-08-04 18:21 - 000000008 __RSH C:\ProgramData\ntuser.pol 2019-08-04 18:16 - 2019-08-04 18:19 - 000007694 _____ C:\Users\Beco\Downloads\Fixlog.txt 2019-08-04 17:49 - 2019-08-04 17:49 - 000029543 _____ C:\Users\Beco\Downloads\Addition_04-08-2019 17.09.48.txt 2019-08-04 17:07 - 2019-08-04 18:34 - 000025876 _____ C:\Users\Beco\Downloads\Addition.txt 2019-08-04 17:04 - 2019-08-04 19:43 - 000023644 _____ C:\Users\Beco\Downloads\FRST.txt 2019-08-04 17:02 - 2019-08-04 19:42 - 000000000 ____D C:\FRST 2019-08-04 17:01 - 2019-08-04 17:01 - 001447936 _____ (Farbar) C:\Users\Beco\Downloads\FRST.exe 2019-08-04 16:54 - 2019-08-04 16:54 - 000000299 _____ C:\Users\Beco\Documents\zemana.txt 2019-08-04 16:51 - 2019-08-04 18:11 - 001496275 _____ C:\WINDOWS\ZAM.krnl.trace 2019-08-04 16:51 - 2019-08-04 16:51 - 000000000 ____D C:\Users\Beco\AppData\Local\Zemana 2019-08-04 16:50 - 2019-08-04 18:11 - 000000000 ____D C:\Users\Beco\AppData\Local\AMSDK 2019-08-04 16:50 - 2019-08-04 16:50 - 012664512 _____ (Zemana Ltd. ) C:\Users\Beco\Downloads\AntiMalware_Setup.exe 2019-08-04 16:45 - 2019-08-04 16:45 - 000000078 _____ C:\Users\Beco\Downloads\137bdc50b1.json 2019-08-04 15:45 - 2019-08-04 15:45 - 000008066 _____ C:\Users\Beco\Documents\Rogue killer.txt 2019-08-04 15:19 - 2019-08-04 15:19 - 000024688 _____ C:\WINDOWS\system32\Drivers\truesight.sys 2019-08-04 15:17 - 2019-08-04 15:17 - 030667800 _____ (Adlice Software ) C:\Users\Beco\Downloads\RogueKiller_setup.exe 2019-08-04 15:09 - 2019-08-04 15:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2019-08-04 13:11 - 2019-08-04 13:12 - 000001894 _____ C:\Users\Beco\Desktop\Rkill.txt 2019-08-04 13:10 - 2019-08-04 13:10 - 001780224 _____ (Bleeping Computer, LLC) C:\Users\Beco\Downloads\rkill-unsigned.exe 2019-08-04 12:29 - 2019-08-04 14:00 - 000000681 _____ C:\Users\Beco\Desktop\ESET Online Scanner.lnk 2019-08-04 12:29 - 2019-08-04 12:29 - 000000780 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2019-08-04 12:29 - 2019-08-04 12:29 - 000000000 ____D C:\Users\Beco\AppData\Local\ESET 2019-08-04 12:28 - 2019-08-04 12:29 - 007969304 _____ (ESET spol. s r.o.) C:\Users\Beco\Downloads\esetonlinescanner_enu.exe 2019-08-04 11:17 - 2019-08-04 15:19 - 001146190 _____ C:\WINDOWS\ntbtlog.txt 2019-08-04 09:57 - 2019-08-04 09:57 - 000002856 _____ C:\Users\Beco\Unigine_Heaven_Benchmark_4.0_20190804_0957.html 2019-08-04 09:49 - 2019-08-04 09:59 - 000000000 ____D C:\Users\Beco\Heaven 2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ C:\Users\Beco\AppData\Local\file__0.localstorage 2019-08-04 09:25 - 2019-08-04 10:14 - 000002217 _____ C:\Users\Beco\Desktop\Plarium Play.lnk 2019-08-04 09:13 - 2019-08-04 09:13 - 001159992 _____ (Plarium) C:\Users\Beco\Downloads\PlariumPlaySetup (1).exe 2019-08-03 18:21 - 2019-08-03 18:21 - 000047504 _____ (IVT Corporation.) C:\WINDOWS\system32\Drivers\btcusb.sys 2019-08-03 18:21 - 2019-08-03 18:21 - 000018448 _____ (NEC Personal Computers, Ltd.) C:\WINDOWS\system32\Drivers\necbatt.sys 2019-08-01 13:55 - 2019-05-31 06:13 - 000835688 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe 2019-08-01 13:55 - 2019-05-31 06:13 - 000179816 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2019-08-01 09:04 - 2019-08-01 09:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2019-08-01 08:59 - 2019-08-01 08:59 - 000000020 ___SH C:\Users\Beco\ntuser.ini 2019-08-01 08:57 - 2019-08-04 19:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagerr.xml 2019-08-01 08:53 - 2019-08-04 19:27 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-08-01 08:40 - 2019-08-01 08:40 - 000000000 ____D C:\ProgramData\USOShared 2019-08-01 08:36 - 2019-08-04 14:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-08-01 08:36 - 2019-08-01 09:37 - 000264440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-08-01 08:03 - 2019-08-01 19:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2019-08-01 08:03 - 2019-08-01 08:03 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines 2019-08-01 08:02 - 2019-08-04 11:32 - 000000000 ____D C:\Users\Beco 2019-08-01 08:02 - 2019-03-19 05:41 - 000001105 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-08-01 08:01 - 2019-08-01 08:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2019-08-01 07:50 - 2019-08-01 07:50 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001652536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001106288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2019-08-01 07:50 - 2019-08-01 07:50 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2019-08-01 07:50 - 2019-08-01 07:50 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2019-08-01 07:50 - 2019-08-01 07:50 - 000650552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2019-08-01 07:50 - 2019-08-01 07:50 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000075480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-08-01 07:50 - 2019-08-01 07:50 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 006515592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 005753728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 002863104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2019-08-01 07:49 - 2019-08-01 07:49 - 002398720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 002040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001505080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001297720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001251640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001219072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001102648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000995800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000916280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000826680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000733136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000625464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000566072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000522552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000478520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000446224 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000363832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000319376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000279864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000258056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000213776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2019-08-01 07:49 - 2019-08-01 07:49 - 000183096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000152888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000118584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000111416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000091960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000086528 _____ C:\WINDOWS\system32\ResBParser.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000058825 _____ C:\WINDOWS\system32\srms.dat 2019-08-01 07:49 - 2019-08-01 07:49 - 000054792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000051512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 007067448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002991104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002777600 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002712072 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 002586608 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002245432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 002204472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 002074224 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001611416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001468728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001429096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001392968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-08-01 07:48 - 2019-08-01 07:48 - 001283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001111992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-08-01 07:48 - 2019-08-01 07:48 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000980792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000811160 _____ C:\WINDOWS\system32\locale.nls 2019-08-01 07:48 - 2019-08-01 07:48 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000700912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000699304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000636696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000602640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000588088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000554720 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000553144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000540680 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000500992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000478800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000440256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000398648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000385808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000374800 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000331064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2019-08-01 07:48 - 2019-08-01 07:48 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000309048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000301880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000277520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000265744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000206136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000161592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000142856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000136504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000108048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000104976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000061448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000039224 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000033592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnlsres.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL 2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKOR.DLL 2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 006070920 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 004679168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 003042816 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001893888 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001537624 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001101312 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000773680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2019-08-01 07:47 - 2019-08-01 07:47 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2019-08-01 07:47 - 2019-08-01 07:47 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2019-08-01 07:47 - 2019-08-01 07:47 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000283472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000091664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000090128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000028672 _____ C:\WINDOWS\system32\usocoreps.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 014814208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 005087744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 004867400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 004572016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 003915536 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 003735264 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 002763576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 002600960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 002373120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 002200576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 002066944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001912576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001881400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001531992 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001452032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001432064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001331976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001154960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001097528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001086464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000889888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000695808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000690488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000564240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000550200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000506232 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000425488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2019-08-01 07:46 - 2019-08-01 07:46 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2019-08-01 07:46 - 2019-08-01 07:46 - 000414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000400232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000375512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000321848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000284176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000245544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000235536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000191288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000166712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000159544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000156472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000140304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000134424 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000103224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000096208 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000095184 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2019-08-01 07:46 - 2019-08-01 07:46 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000047928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000045384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS 2019-08-01 07:46 - 2019-08-01 07:46 - 000023736 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll 2019-08-01 07:45 - 2019-08-01 07:45 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000244712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys 2019-08-01 07:29 - 2019-08-01 07:29 - 000000000 ____D C:\WINDOWS\system32\bg 2019-08-01 07:23 - 2019-08-01 07:23 - 004164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll 2019-08-01 07:23 - 2019-08-01 07:23 - 001875968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll 2019-08-01 07:23 - 2019-08-01 07:23 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll 2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\msmq 2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\BestPractices 2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\inetpub 2019-08-01 07:22 - 2019-08-01 07:22 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2019-08-01 07:22 - 2019-08-01 07:22 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2019-08-01 07:22 - 2019-08-01 07:22 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\Reference Assemblies 2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\MSBuild 2019-08-01 07:20 - 2019-08-01 07:20 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll 2019-08-01 07:20 - 2019-08-01 07:20 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll 2019-08-01 07:20 - 2019-08-01 07:20 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2019-08-01 07:15 - 2019-08-01 07:15 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER 2019-08-01 07:08 - 2019-08-01 07:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2019-08-01 04:44 - 2019-08-01 08:59 - 000000000 ___DC C:\WINDOWS\Panther 2019-07-31 19:53 - 2019-07-31 19:53 - 025776848 _____ (Goversoft LLC) C:\Users\Beco\Downloads\PrivaZer_free (2).exe 2019-07-31 15:21 - 2019-07-31 15:23 - 000000000 ____D C:\Users\Beco\Documents\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c 2019-07-31 10:46 - 2019-07-31 10:46 - 000000000 ____D C:\ProgramData\Thunder Network 2019-07-31 10:45 - 2019-08-01 10:06 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi 2019-07-31 10:45 - 2019-07-31 10:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Xiaomi 2019-07-31 10:42 - 2019-08-04 11:02 - 000000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job 2019-07-31 10:18 - 2019-07-31 10:34 - 1390856692 _____ C:\Users\Beco\Downloads\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c.tgz 2019-07-29 11:31 - 2019-07-29 11:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2019-07-28 09:45 - 2019-07-28 09:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\AndroidTbox 2019-07-28 09:36 - 2019-07-28 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software 2019-07-28 09:35 - 2019-07-28 09:35 - 000000000 ____D C:\Temp 2019-07-21 16:47 - 2019-07-21 16:47 - 004196408 _____ C:\Users\Beco\Downloads\2019-07-10_16-29-20.861.bmp 2019-07-18 17:34 - 2019-07-31 19:53 - 000000000 ____D C:\Program Files\PrivaZer 2019-07-11 13:08 - 2019-07-11 13:22 - 000000775 _____ C:\Users\Beco\Documents\new tournament.txt 2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.QtWebEngineProcess 2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.LINE 2019-07-07 11:09 - 2019-07-07 11:09 - 000000000 ____D C:\Users\Beco\AppData\Local\HP_Inc 2019-07-07 11:05 - 2019-08-01 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2019-07-07 11:05 - 2019-07-07 11:05 - 000002262 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk 2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Hewlett-Packard 2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Local\Hewlett-Packard 2019-07-07 10:44 - 2019-07-07 10:45 - 039926088 _____ (Hewlett Packard ) C:\Users\Beco\Downloads\sp54177.exe 2019-07-07 10:37 - 2019-07-07 11:04 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2019-07-07 10:37 - 2019-07-07 10:37 - 000000000 ____D C:\Users\Beco\AppData\Local\HP 2019-07-07 10:36 - 2019-07-07 10:36 - 003510048 _____ (Oleg N. Scherbakov) C:\Users\Beco\Downloads\HPSupportSolutionsFramework-12.11.24.11.exe ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-08-04 19:36 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-08-04 19:27 - 2019-03-19 05:44 - 000000000 ____D C:\WINDOWS\INF 2019-08-04 19:20 - 2019-03-19 05:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-08-04 19:19 - 2019-01-06 19:32 - 000000000 ____D C:\Program Files\Common Files\IObit 2019-08-04 19:19 - 2019-01-06 07:53 - 000000000 ____D C:\Users\Beco\AppData\LocalLow\IObit 2019-08-04 19:19 - 2019-01-06 07:53 - 000000000 ____D C:\Program Files\IObit 2019-08-04 19:19 - 2019-01-06 07:52 - 000000000 ____D C:\Users\Beco\AppData\Roaming\IObit 2019-08-04 19:19 - 2019-01-06 07:52 - 000000000 ____D C:\ProgramData\IObit 2019-08-04 19:17 - 2019-04-13 13:26 - 000000000 ____D C:\Users\Beco\AppData\Local\Unity 2019-08-04 19:17 - 2019-01-06 10:16 - 000000000 ____D C:\Users\Beco\AppData\LocalLow\Unity 2019-08-04 18:26 - 2019-01-06 07:56 - 000000000 ____D C:\ProgramData\ProductData 2019-08-04 18:17 - 2009-07-14 05:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2019-08-04 18:14 - 2019-01-06 00:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-08-04 16:43 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\System 2019-08-04 16:43 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-08-04 10:14 - 2019-04-13 12:35 - 000002131 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Plarium Play.lnk 2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Plarium 2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Package Cache 2019-08-04 07:29 - 2019-03-19 05:46 - 000000000 ___HD C:\Program Files\WindowsApps 2019-08-03 23:50 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-08-02 04:34 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\appcompat 2019-08-01 19:35 - 2019-06-19 04:27 - 000000000 ____D C:\Program Files\UNP 2019-08-01 19:35 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer 2019-08-01 19:35 - 2019-04-03 05:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX H.264 decoder 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\spool 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\IME 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ServiceState 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\schemas 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\Registration 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2019-08-01 19:35 - 2019-03-19 05:43 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-08-01 19:35 - 2019-02-24 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-08-01 19:35 - 2019-01-06 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8K Player 2019-08-01 19:35 - 2019-01-06 07:51 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed 2019-08-01 19:35 - 2019-01-05 21:52 - 000000000 ____D C:\Program Files\Intel 2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2019-08-01 15:17 - 2019-04-19 19:53 - 000000000 ____D C:\Users\Beco\AppData\Local\Packages 2019-08-01 10:28 - 2019-02-24 13:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-08-01 10:28 - 2019-02-24 13:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-08-01 09:18 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\PrintDialog 2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 ___RD C:\Users\Beco\3D Objects 2019-08-01 08:59 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\USOPrivate 2019-08-01 08:58 - 2019-03-19 05:35 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2019-08-01 08:57 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Windows Defender 2019-08-01 08:40 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugins 2019-08-01 08:40 - 2019-01-05 22:05 - 000000000 ____D C:\Program Files\LSI SoftModem 2019-08-01 08:39 - 2019-01-05 22:00 - 000000000 ____D C:\WINDOWS\QLB 2019-08-01 08:32 - 2019-03-19 05:49 - 000000000 ____D C:\WINDOWS\Setup 2019-08-01 08:16 - 2019-03-19 05:46 - 000000000 __RHD C:\Users\Public\Libraries 2019-08-01 08:03 - 2019-04-13 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2019-08-01 08:03 - 2019-01-12 14:52 - 000000000 ____D C:\Program Files\Synaptics 2019-08-01 08:03 - 2019-01-06 07:59 - 000000000 ____D C:\Program Files\AuthenTec 2019-08-01 08:03 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Microsoft Games 2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ___SD C:\WINDOWS\system32\AppV 2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\TextInput 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\SystemResources 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\migwiz 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-08-01 07:29 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2019-08-01 07:29 - 2019-03-19 06:38 - 000000000 ____D C:\WINDOWS\system32\WCN 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\IME 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\System 2019-08-01 07:29 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\servicing 2019-08-01 07:23 - 2019-03-19 06:39 - 000000000 ____D C:\WINDOWS\OCR 2019-08-01 07:23 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\et-EE 2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\es-MX 2019-08-01 04:23 - 2019-01-05 20:39 - 000000000 ____D C:\Users\Beco\AppData\Local\ElevatedDiagnostics 2019-07-31 20:16 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Local\PrivaZer 2019-07-31 20:01 - 2019-04-18 03:25 - 000000000 ____D C:\Users\Beco\AppData\Local\CrashDumps 2019-07-31 19:53 - 2019-06-02 18:07 - 000001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk 2019-07-31 19:53 - 2019-06-02 18:07 - 000001904 _____ C:\Users\Public\Desktop\PrivaZer.lnk 2019-07-26 16:30 - 2019-04-19 19:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-07-11 12:23 - 2019-01-05 19:50 - 000000000 ____D C:\Users\Beco\AppData\Local\VirtualStore 2019-07-11 12:21 - 2019-04-19 20:32 - 000000000 ____D C:\ProgramData\Packages 2019-07-11 12:21 - 2019-04-19 20:02 - 000000000 ____D C:\Users\Beco\AppData\Local\PlaceholderTileLogoFolder 2019-07-11 05:03 - 2019-04-19 21:24 - 000000000 ___RD C:\Users\Beco\OneDrive 2019-07-10 19:32 - 2019-01-05 21:56 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-07-10 19:26 - 2019-01-05 21:56 - 133475400 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-07-10 12:28 - 2019-01-05 20:17 - 000606264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-07-07 11:05 - 2019-01-05 22:00 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2019-07-07 11:04 - 2019-05-04 17:11 - 000000000 ____D C:\Program Files\HP 2019-07-07 11:04 - 2019-04-19 19:43 - 000000000 ____D C:\Users\Beco\AppData\Roaming\hpqLog 2019-07-07 11:04 - 2019-01-05 22:00 - 000000000 ____D C:\Program Files\Hewlett-Packard 2019-07-07 10:45 - 2019-05-04 17:09 - 000000000 ____D C:\SWSetup ==================== Files in the root of some directories ================ 2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ () C:\Users\Beco\AppData\Local\file__0.localstorage 2019-08-04 09:14 - 2019-08-04 10:14 - 000061590 _____ () C:\Users\Beco\AppData\Local\PlariumPlay.log 2019-01-05 22:44 - 2019-01-05 22:44 - 000000000 _____ () C:\Users\Beco\AppData\Local\QSwitch.txt 2019-01-26 19:23 - 2019-01-26 19:23 - 000007605 _____ () C:\Users\Beco\AppData\Local\Resmon.ResmonCfg ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-08-2019 Ran by Beco (04-08-2019 19:44:51) Running from C:\Users\Beco\Downloads Microsoft Windows 10 Pro Version 1903 18362.267 (X86) (2019-08-01 05:59:11) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2920239448-2505446405-2311763162-500 - Administrator - Disabled) Beco (S-1-5-21-2920239448-2505446405-2311763162-1001 - Administrator - Enabled) => C:\Users\Beco DefaultAccount (S-1-5-21-2920239448-2505446405-2311763162-503 - Limited - Disabled) Guest (S-1-5-21-2920239448-2505446405-2311763162-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2920239448-2505446405-2311763162-1002 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-2920239448-2505446405-2311763162-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 8K Player version 4.4.0 (HKLM\...\842F0D80-2EC4-4903-9798-714D9927DCA1_is1) (Version: 4.4.0 - DimoSoft, Inc.) Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe) Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe) DivX H.264 decoder 8.2.0.26 (HKLM\...\divxh264_is1) (Version: 8.2.0.26 - ) Google Chrome (HKLM\...\Google Chrome) (Version: 76.0.3809.87 - Google LLC) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM\...\{A2926515-9BCE-4785-AFAD-98233D52C3AE}) (Version: 12.11.27.1 - HP Inc.) HP System Event Utility (HKLM\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.13 - HP Inc.) K-Meleon 75.0 (x86 en-US) (HKLM\...\K-Meleon 75.0 (x86 en-US)) (Version: 75.0 - kmeleonbrowser.org) LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation) Microsoft OneDrive (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Plarium Play (HKLM\...\{12D4088C-8ED7-4218-B9FF-10E8FA3D7B57}) (Version: 3.1.0.0 - Plarium) Hidden Plarium Play (HKLM\...\{FBD9CDDD-13B0-406B-BDFA-79703D34C153}) (Version: 3.1.0 - Plarium) Hidden Plarium Play (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\{b06aff34-801f-46e9-9690-9d16b8f33092}) (Version: 3.1.0 - Plarium) PrivaZer (HKLM\...\PrivaZer) (Version: 3.0.75.0 - Goversoft LLC) QLBCASL (HKLM\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden Skype, версия 8.45 (HKLM\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated) WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Packages: ========= LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.2.0_x86__8ptj331gd3tyt [2019-07-31] (LINE Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-19] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x86__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad] Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x86__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad] Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x86__8wekyb3d8bbwe [2019-04-20] (Microsoft Corporation) Поща и календар -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x86__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad] ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\Деинсталирай Privazer.lnk -> C:\Program Files\PrivaZer\privazer_remover.exe (Goversoft LLC) <==== Cyrillic Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============== ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:04 - 2009-06-11 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKCU\Environment\\Path -> ;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\Control Panel\Desktop\\Wallpaper -> c:\users\beco\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\diy.jpg DNS Servers: 192.168.0.1 HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\Services: SafeDNS Agent => 2 HKLM\...\StartupApproved\Run: => "QlbCtrl.exe" HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk" HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "SafeDNS Agent" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{155B760F-5E54-482B-8365-6665EC03CC2C}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [TCP Query User{44B11955-F926-4A9B-AA9D-6B5A18DAAF61}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [{90A20652-3E5F-405C-B8E5-AF6D9A4EC0E7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{612CBEB6-20A2-448D-99E9-FCB1F2B34F23}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AF4C1CD7-FED9-470D-B329-7F50331D7D0B}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{77363016-8846-4DB7-AD51-2B727580DA68}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed] FirewallRules: [TCP Query User{45A74C76-06A8-4563-9550-548C167DE0D2}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed] FirewallRules: [UDP Query User{340FE0D8-F433-4684-8EEE-555FA3D5CC3D}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File FirewallRules: [TCP Query User{353B7826-2A8F-493D-A1F1-2AC837AF0B3C}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File FirewallRules: [UDP Query User{24C96F24-BD78-4B3B-8CC8-CCD439113A9E}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{F80ACAFA-F1DD-447C-8EF2-F8CFE0A3F99F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{06598060-8173-4526-85B1-326A8EADE9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 01-08-2019 13:54:17 Windows Update 03-08-2019 18:20:34 Driver Booster : Microsoft ACPI-Compliant Control Method Battery ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/04/2019 07:41:57 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7388,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (08/04/2019 07:26:56 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3124,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (08/04/2019 07:19:50 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (08/04/2019 07:00:18 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (8184,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (08/04/2019 06:53:27 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7556,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга SynTPEnh Caller Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга Andrea ADI Filters Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга Message Queuing беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 120000 милисекунди ще бъде предприето следното коригиращо действие: Restart the service. Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга HP Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга HPWMISVC беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Error: (08/04/2019 07:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга Agere Modem Call Progress Audio беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Windows Defender: =================================== Date: 2019-08-04 16:39:23.995 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0 Name: Trojan:Win32/Wacatac.B!ml ID: 2147735505 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/18e663c4b0|pid:4648,ProcessStart:132093995403375033 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 16:35:34.363 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0 Name: Trojan:Win32/Conteban.B!ml ID: 2147735507 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/78834792cf|pid:2452,ProcessStart:132093992524073237 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 16:35:16.939 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0 Name: Trojan:Win32/Conteban.B!ml ID: 2147735507 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/459d5f08a7|pid:2452,ProcessStart:132093992524073237 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 16:34:50.615 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0 Name: Trojan:Win32/Conteban.B!ml ID: 2147735507 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/3e4192f681|pid:2452,ProcessStart:132093992524073237 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 16:31:18.836 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0 Name: Trojan:Win32/Conteban.B!ml ID: 2147735507 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/d814e79dee|pid:7088,ProcessStart:132093990433000700 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 15:19:12.432 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.299.1222.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16200.1 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2019-08-04 15:09:07.516 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2019-08-04 12:37:18.611 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.299.1222.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16200.1 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2019-08-04 12:27:12.471 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2019-08-04 11:52:30.958 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. ==================== Memory info =========================== BIOS: Hewlett-Packard 68PCU Ver. F.20 12/08/2011 Motherboard: Hewlett-Packard 30DB Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz Percentage of memory in use: 62% Total physical RAM: 3000.26 MB Available physical RAM: 1115.69 MB Total Virtual: 5542.26 MB Available Virtual: 3518.26 MB ==================== Drives ================================ Drive 😄 () (Fixed) (Total:365.12 GB) (Free:312.39 GB) NTFS Drive d: () (Fixed) (Total:100.1 GB) (Free:85.36 GB) NTFS \\?\Volume{35691345-1108-11e9-812b-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{35691348-1108-11e9-812b-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0FD73A73) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=365.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=450 MB) - (Type=27) ==================== End of Addition.txt ============================ Определено всичко вече е наред и Chrome зарежда по-бързо
  4. Аз не съм казал нищо по различно освен че съм ви потърсил за помощ за изтеглянето на инструмента тъй като имах затруднения . Сканиранията сам съм правил без ваши препоръки
  5. # Malwarebytes AdwCleaner 7.1.1.0 # ------------------------------- # Build: 04-24-2018 # Database: # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 08-04-2019 # Duration: 00:00:04 # OS: Windows 10 Pro # Cleaned: 18 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files\Common Files\IObit\Advanced SystemCare Deleted C:\Users\Beco\AppData\LocalLow\IObit\Advanced SystemCare Deleted C:\Users\Beco\AppData\Roaming\IObit\Advanced SystemCare Deleted C:\ProgramData\IOBIT\Driver Booster Deleted C:\Program Files\IOBIT\Driver Booster Deleted C:\Users\Beco\AppData\Roaming\IOBIT\Driver Booster Deleted C:\Users\Beco\AppData\Roaming\DRPSu Deleted C:\ProgramData\Tencent Deleted C:\Users\Beco\AppData\Local\Tencent Deleted C:\Users\Beco\AppData\Roaming\Tencent ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\IObit\RealTimeProtector Deleted HKLM\Software\IObit\Advanced SystemCare Deleted HKLM\Software\IOBIT\ASC Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Deleted HKLM\Software\IObit\Driver Booster Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B0A739B5-4232-4958-9C1D-486DC1047518} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{08CAA098-8E08-4DD6-AB80-2885F8050FD9} Deleted HKLM\Software\Classes\METNSD ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
  6. Системата се държи по добре , ето и резултата от сканирането: SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17] WebSite: www.safezone.cc DateLog: 04.08.2019 18:54:10 Path starting: C:\Users\Beco\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Beco VersionXML: 6.67is-31.07.2019 ___________________________________________________________________________ Windows 10(6.3.18362) (x86) Professional Release: 1903 Lang: English(0409) Installation date OS: 01.08.2019 05:59:11 LicenseStatus: Windows(R), Professional edition The machine is permanently activated. Boot Mode: Normal Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe SystemDrive: 😄 FS: [NTFS] Capacity: [365.1 Gb] Used: [52.6 Gb] Free: [312.5 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.239.18362.0 User Account Control enabled (Level 3) Never check for updates Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ---------------------------- [ Antivirus_WMI ] ---------------------------- Windows Defender (enabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Защитна стена на Windows Defender (mpssvc) - The service is running --------------------------- [ AntiSpyware_WMI ] --------------------------- Windows Defender (enabled and up to date) --------------------------- [ OtherUtilities ] ---------------------------- Microsoft .NET Framework 4.7.2 v.4.7.03062 -------------------------------- [ Arch ] --------------------------------- WinRAR 5.70 (32-bit) v.5.70.0 Warning! Download Update --------------------------------- [ IM ] ---------------------------------- Skype, версия 8.45 v.8.45 Warning! Download Update --------------------------- [ AdobeProduction ] --------------------------- Adobe Flash Player 32 NPAPI v.32.0.0.223 Adobe Flash Player 32 PPAPI v.32.0.0.223 ------------------------------- [ Browser ] ------------------------------- Google Chrome v.76.0.3809.87 K-Meleon 75.0 (x86 en-US) v.75.0 ------------------ [ AntivirusFirewallProcessServices ] ------------------- Malwarebytes Service (MBAMService) - The service has stopped C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe v.4.18.1907.4 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe v.4.18.1907.4 Услуга Windows Defender Antivirus (WinDefend) - The service is running Услуга за мрежова проверка на Windows Defender Antivirus (WdNisSvc) - The service is running Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - The service has stopped ---------------------------- [ UnwantedApps ] ----------------------------- IObit Uninstaller 8 v.8.4.0.11 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. Unity Web Player v.5.3.8f2 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. IObit Uninstaller Service (IObitUnSvr) - The service has stopped ----------------------------- [ End of Log ] ------------------------------
  7. Днес писах с колегата ви B-boy/StyLe/ защото не можех да изтегля Farbar , браузърите го блокираха като вирус и накрая реших да правя опити сам за което знам че не е редно Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-08-2019 Ran by Beco (administrator) on BECO-PC (Hewlett-Packard HP EliteBook 6930p) (04-08-2019 18:28:47) Running from C:\Users\Beco\Downloads Loaded Profiles: Beco (Available Profiles: Beco) Platform: Microsoft Windows 10 Pro Version 1903 18362.267 (X86) Language: Английски (Съединени щати) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPMSGSVC.exe (Hewlett-Packard Company -> HP Inc.) C:\Program Files\HP\HP System Event\HPWMISVC.exe (HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (IObit Information Technology -> IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe (LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [349240 2010-01-11] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [HPMessageService] => C:\Program Files\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (Hewlett-Packard Company -> HP Inc.) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\76.0.3809.87\Installer\chrmstp.exe [2019-08-01] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {007EB50E-306C-4243-A051-E9CD96BD6478} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {02368336-6FC1-4641-AC1C-AF3E2FBAFA41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [243576 2019-07-23] (HP Inc. -> HP Inc.) Task: {09CD826E-432A-424E-9075-D474750087E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.) Task: {0AC7D9DD-906E-4B7B-847E-273A28E54C7F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0CD5E731-3C97-48A0-89D3-4BE6DE9D3197} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-12] (HP Inc. -> HP Inc.) Task: {10F238F1-61B3-4FF4-B5F0-8DDC8322392A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.) Task: {1B3EB7B5-BC28-4B91-AE3A-F9EED593562F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [137592 2019-06-12] (HP Inc. -> HP Inc.) Task: {1ECBFDA8-5C75-484C-9609-D69F88A27FC2} - System32\Tasks\{C5F4DFD8-894D-40BF-9817-EDD70197CF73} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\LeagueOfAngels3-gtarcade-5c84c94d5b7d1.exe -d C:\Users\Beco\Downloads Task: {2237D89C-8BA2-4D66-8621-5F8040BA7EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.) Task: {23C30DE0-3363-4410-9EB8-2B31B3D0ECEE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {25AB2260-9353-403C-90EC-CC7BD098D295} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {2671536C-6AFE-4BA9-B77B-1D42B06C7FB1} - System32\Tasks\Uninstaller_SkipUac_Beco => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [5293328 2019-03-19] (IObit Information Technology -> IObit) Task: {2BDBC731-7714-481B-B2BC-27EC77EACFFB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {36942695-8A2A-42ED-A030-4B8E54984C38} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe) Task: {36FF84BD-F80B-4AC0-A3CD-CEA552F511CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3B8B0FF6-5976-4CD4-868A-6EFD55AC20EE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3CC255DE-9A77-4339-B257-97BEED1F30CB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3D8A7ED4-7E07-4834-9592-460518EE157F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {43CBF981-9207-415B-A43F-EA808D674483} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5286E90C-81E4-4622-9F35-2E63C86A789E} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files\PrivaZer\PrivaZer.exe [17307864 2019-07-31] (Goversoft LLC -> Goversoft LLC) Task: {5CCA8EB2-1044-43C2-83EF-14AFD88A23FB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {6247CC29-3BAC-4EB6-AD0A-8D6CF73982B7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6927372A-A3E3-4697-84F8-4492DE198CAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {70D1EB0E-4134-4D8A-B28B-71D12D891637} - System32\Tasks\{55AAC5B5-BEF5-4E5F-BF9A-95DAFA22D058} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\SharewareOnSale_Giveaway_IObit_Uninstaller_8_PRO_hub.exe -d C:\Users\Beco\Downloads Task: {70D4EC4B-4DC4-4743-8A18-19650406D2DF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {76A1CED5-E44E-41BC-88E4-53FFAC64AC3F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7DF081FE-AF3E-4B1F-A713-015169C165F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.) Task: {7E391591-2447-4B71-8C46-9F851D3C62B9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8573BFA5-38FD-40AC-9800-8EC04403FFEC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {863D0715-8EC5-4308-B25B-A1A49453A5E4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe) Task: {9E9DB093-650D-4AC1-AE74-EFF09DAA28AF} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {A00C8D46-8534-4496-96EE-C950CC0D41C6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {A37D69BB-3628-4340-9743-AC2FA5585724} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {B265CC37-CE62-4823-8496-5957A29C4EED} - System32\Tasks\HPCeeScheduleForBeco => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2019-05-17] (HP Inc. -> HP Inc.) Task: {B9FB55F4-5977-4236-9F75-7569B987B420} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BB75632B-EC31-4185-A0E7-CE9618974674} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BC00F4DF-2168-4200-B664-82D78875D451} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {BE834CB4-A940-4395-A30D-42B461E75614} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C118C4DD-2CC4-42CB-BA9E-FA5E7EE07C24} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C8C95506-2926-45B9-B2BC-6D645180D789} - System32\Tasks\{B4FF3079-1C8A-4E12-8782-220F860F7F4E} => C:\Windows\system32\pcalua.exe -a C:\Users\Beco\Downloads\EraOfCelestials-gtarcade-5c839784bff81.exe -d C:\Users\Beco\Downloads Task: {CB047417-746E-40BA-902A-815AC8FA6C7D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {D3D93664-7AD4-4496-BF89-348597AE5BC6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {D83BAE58-18BB-4010-9F0E-054149DAE465} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-02-24] (Google Inc -> Google Inc.) Task: {D988B398-1B45-483C-AA40-86B6646D65A8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe) Task: {DB531726-7852-4C5C-8C8E-7E643191E42A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {E0E8C45C-FE64-4087-8E0C-2193CDC81717} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {E7356B7D-5DD6-4890-B4AF-6B1E94A3EF8F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Beco\Downloads\esetonlinescanner_enu.exe [7969304 2019-08-04] (ESET, spol. s r.o. -> ESET spol. s r.o.) Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {EC15E52E-DA43-4DCC-A275-1158D0C511BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [396608 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F153981F-F55F-4D98-B828-A6E1A197FAF3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FF8FD040-EFED-4F3F-B025-E7200A94FA01} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{338C8A04-E5A4-41C0-A592-06F731151E59}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{50FBF5F3-CB8C-4AC9-A764-9C2251E7FE43}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{c92b2e9a-dca7-4503-a7ab-bc7c831445cd}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{f048b2a6-1866-46e6-b7f4-e6a65c07e85b}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit Information Technology -> IObit) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-2920239448-2505446405-2311763162-1001 -> hxxp://google.bg/ FireFox: ======== FF DefaultProfile: oytl87x0.default FF ProfilePath: C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default [2019-07-16] FF user.js: detected! => C:\Users\Beco\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06] FF Homepage: K-Meleon\oytl87x0.default -> google.bg FF Extension: (NewsFox) - C:\Program Files\K-Meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2015-03-12] [Legacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> ) FF Plugin HKU\S-1-5-21-2920239448-2505446405-2311763162-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Beco\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF -> Unity Technologies ApS) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://google.bg/ CHR StartupUrls: Default -> "hxxps://www.google.bg/" CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default [2019-08-04] CHR Extension: (Презентации) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24] CHR Extension: (Документи) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24] CHR Extension: (Google Диск) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-05] CHR Extension: (YouTube) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-05] CHR Extension: (Adblock Plus — безплатен блокер на реклами) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-02] CHR Extension: (Таблици) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24] CHR Extension: (Google Документи офлайн) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-24] CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-07-29] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-24] CHR Extension: (Gmail) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29] CHR Extension: (Chrome Media Router) - C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-01] CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-04] CHR Profile: C:\Users\Beco\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-04] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AEADIFilters; C:\WINDOWS\system32\AEADISRV.EXE [90112 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation -> LSI Corporation) S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.) R2 HPWMISVC; C:\Program Files\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.) S2 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit Information Technology -> IObit) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3735832 2019-08-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [304680 2018-05-22] (Synaptics Incorporated -> Synaptics Incorporated) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [1879960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [82984 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [37696 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company) R3 ADIHdAudAddService; C:\WINDOWS\system32\drivers\ADIHdAud.sys [381440 2009-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Analog Devices, Inc.) R3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [1163328 2010-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation) S3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [199608 2019-02-20] (BayHub Technology Inc. -> BayHubTech/O2Micro ) R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [47504 2019-08-03] (IVT CORPORATION -> IVT Corporation.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-05-31] (Malwarebytes Corporation -> Malwarebytes) R3 HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [15544 2010-02-25] (Hewlett-Packard Company -> Hewlett-Packard Company) R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [27968 2019-01-06] (Hewlett-Packard Company -> Hewlett-Packard Company) R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [15872 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Development Company, L.P.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2019-01-06] (Martin Malik - REALiX -> REALiX(tm)) R3 IUProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win10_x86\IUProcessFilter.sys [35136 2018-10-16] (IObit Information Technology -> IObit) R3 IURegistryFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win10_x86\IURegistryFilter.sys [41336 2018-10-16] (IObit Information Technology -> IObit) S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [106144 2019-01-11] (Malwarebytes Corporation -> Malwarebytes) S3 MBAMProtection; C:\WINDOWS\System32\DRIVERS\mbam.sys [63760 2019-01-11] (Malwarebytes Corporation -> Malwarebytes) S3 MBAMWebProtection; C:\WINDOWS\System32\DRIVERS\mwac.sys [83648 2019-01-12] (Malwarebytes Corporation -> Malwarebytes) R1 MEmuDrv; C:\WINDOWS\System32\DRIVERS\MEmuDrv.sys [257512 2019-03-14] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [18448 2019-08-03] (Microsoft Windows Hardware Compatibility Publisher -> NEC Personal Computers, Ltd.) S3 NETw5s32; C:\WINDOWS\System32\DRIVERS\NETw5s32.sys [6755840 2010-01-13] (Intel Corporation) [File not signed] R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7530736 2019-01-06] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmptsk.sys [48128 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC) R3 rismc32; C:\WINDOWS\system32\DRIVERS\rismc32.sys [49152 2019-01-06] (Microsoft Windows Hardware Compatibility Publisher -> RICOH Company, Ltd.) U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [24688 2019-08-04] (Adlice -> ) S3 vjoy; C:\WINDOWS\System32\DRIVERS\vjoy.sys [50224 2016-02-03] (Shaul Eizikovich -> Shaul Eizikovich) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38280 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [269024 2019-07-26] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39136 2019-07-26] (Microsoft Windows -> Microsoft Corporation) S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X] U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-08-04 18:21 - 2019-08-04 18:21 - 000000008 __RSH C:\ProgramData\ntuser.pol 2019-08-04 18:16 - 2019-08-04 18:19 - 000007694 _____ C:\Users\Beco\Downloads\Fixlog.txt 2019-08-04 17:49 - 2019-08-04 17:49 - 000029543 _____ C:\Users\Beco\Downloads\Addition_04-08-2019 17.09.48.txt 2019-08-04 17:07 - 2019-08-04 17:09 - 000029543 _____ C:\Users\Beco\Downloads\Addition.txt 2019-08-04 17:04 - 2019-08-04 18:30 - 000024833 _____ C:\Users\Beco\Downloads\FRST.txt 2019-08-04 17:02 - 2019-08-04 18:28 - 000000000 ____D C:\FRST 2019-08-04 17:01 - 2019-08-04 17:01 - 001447936 _____ (Farbar) C:\Users\Beco\Downloads\FRST.exe 2019-08-04 16:54 - 2019-08-04 16:54 - 000000299 _____ C:\Users\Beco\Documents\zemana.txt 2019-08-04 16:51 - 2019-08-04 18:11 - 001496275 _____ C:\WINDOWS\ZAM.krnl.trace 2019-08-04 16:51 - 2019-08-04 16:51 - 000000000 ____D C:\Users\Beco\AppData\Local\Zemana 2019-08-04 16:50 - 2019-08-04 18:11 - 000000000 ____D C:\Users\Beco\AppData\Local\AMSDK 2019-08-04 16:50 - 2019-08-04 16:50 - 012664512 _____ (Zemana Ltd. ) C:\Users\Beco\Downloads\AntiMalware_Setup.exe 2019-08-04 16:45 - 2019-08-04 16:45 - 000000078 _____ C:\Users\Beco\Downloads\137bdc50b1.json 2019-08-04 15:45 - 2019-08-04 15:45 - 000008066 _____ C:\Users\Beco\Documents\Rogue killer.txt 2019-08-04 15:19 - 2019-08-04 15:19 - 000024688 _____ C:\WINDOWS\system32\Drivers\truesight.sys 2019-08-04 15:17 - 2019-08-04 15:17 - 030667800 _____ (Adlice Software ) C:\Users\Beco\Downloads\RogueKiller_setup.exe 2019-08-04 15:09 - 2019-08-04 15:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2019-08-04 13:11 - 2019-08-04 13:12 - 000001894 _____ C:\Users\Beco\Desktop\Rkill.txt 2019-08-04 13:10 - 2019-08-04 13:10 - 001780224 _____ (Bleeping Computer, LLC) C:\Users\Beco\Downloads\rkill-unsigned.exe 2019-08-04 12:29 - 2019-08-04 14:00 - 000000681 _____ C:\Users\Beco\Desktop\ESET Online Scanner.lnk 2019-08-04 12:29 - 2019-08-04 12:29 - 000000780 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2019-08-04 12:29 - 2019-08-04 12:29 - 000000000 ____D C:\Users\Beco\AppData\Local\ESET 2019-08-04 12:28 - 2019-08-04 12:29 - 007969304 _____ (ESET spol. s r.o.) C:\Users\Beco\Downloads\esetonlinescanner_enu.exe 2019-08-04 11:17 - 2019-08-04 15:19 - 001146190 _____ C:\WINDOWS\ntbtlog.txt 2019-08-04 09:57 - 2019-08-04 09:57 - 000002856 _____ C:\Users\Beco\Unigine_Heaven_Benchmark_4.0_20190804_0957.html 2019-08-04 09:49 - 2019-08-04 09:59 - 000000000 ____D C:\Users\Beco\Heaven 2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ C:\Users\Beco\AppData\Local\file__0.localstorage 2019-08-04 09:25 - 2019-08-04 10:14 - 000002217 _____ C:\Users\Beco\Desktop\Plarium Play.lnk 2019-08-04 09:13 - 2019-08-04 09:13 - 001159992 _____ (Plarium) C:\Users\Beco\Downloads\PlariumPlaySetup (1).exe 2019-08-03 18:21 - 2019-08-03 18:21 - 000047504 _____ (IVT Corporation.) C:\WINDOWS\system32\Drivers\btcusb.sys 2019-08-03 18:21 - 2019-08-03 18:21 - 000018448 _____ (NEC Personal Computers, Ltd.) C:\WINDOWS\system32\Drivers\necbatt.sys 2019-08-01 13:55 - 2019-05-31 06:13 - 000835688 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe 2019-08-01 13:55 - 2019-05-31 06:13 - 000179816 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2019-08-01 09:04 - 2019-08-01 09:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2019-08-01 08:59 - 2019-08-01 08:59 - 000000020 ___SH C:\Users\Beco\ntuser.ini 2019-08-01 08:57 - 2019-08-04 18:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2019-08-01 08:57 - 2019-08-01 08:57 - 000007623 _____ C:\WINDOWS\diagerr.xml 2019-08-01 08:53 - 2019-08-04 18:27 - 000912284 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-08-01 08:40 - 2019-08-01 08:40 - 000000000 ____D C:\ProgramData\USOShared 2019-08-01 08:36 - 2019-08-04 14:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-08-01 08:36 - 2019-08-01 09:37 - 000264440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-08-01 08:03 - 2019-08-01 19:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2019-08-01 08:03 - 2019-08-01 08:03 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines 2019-08-01 08:02 - 2019-08-04 11:32 - 000000000 ____D C:\Users\Beco 2019-08-01 08:02 - 2019-03-19 05:41 - 000001105 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-08-01 08:01 - 2019-08-01 08:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2019-08-01 07:50 - 2019-08-01 07:50 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001652536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001106288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2019-08-01 07:50 - 2019-08-01 07:50 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2019-08-01 07:50 - 2019-08-01 07:50 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2019-08-01 07:50 - 2019-08-01 07:50 - 000650552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2019-08-01 07:50 - 2019-08-01 07:50 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000075480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-08-01 07:50 - 2019-08-01 07:50 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe 2019-08-01 07:50 - 2019-08-01 07:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll 2019-08-01 07:50 - 2019-08-01 07:50 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 006515592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 005753728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 002863104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2019-08-01 07:49 - 2019-08-01 07:49 - 002398720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 002040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001505080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001297720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001251640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001219072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001102648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000995800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000916280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000826680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000733136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000625464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000566072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000522552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000478520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000446224 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000363832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000319376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000279864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000258056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msltus40.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000213776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2019-08-01 07:49 - 2019-08-01 07:49 - 000183096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000152888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000118584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000111416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000091960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000086528 _____ C:\WINDOWS\system32\ResBParser.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000058825 _____ C:\WINDOWS\system32\srms.dat 2019-08-01 07:49 - 2019-08-01 07:49 - 000054792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000051512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys 2019-08-01 07:49 - 2019-08-01 07:49 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll 2019-08-01 07:49 - 2019-08-01 07:49 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2019-08-01 07:49 - 2019-08-01 07:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 007067448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002991104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002777600 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002712072 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 002586608 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 002245432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 002204472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 002074224 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001611416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001468728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001429096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001392968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-08-01 07:48 - 2019-08-01 07:48 - 001283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001111992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-08-01 07:48 - 2019-08-01 07:48 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000980792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000811160 _____ C:\WINDOWS\system32\locale.nls 2019-08-01 07:48 - 2019-08-01 07:48 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000700912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000699304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000636696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000602640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000588088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000554720 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000553144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000540680 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000500992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000478800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000440256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000398648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000389432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000385808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000374800 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000361784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000331064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2019-08-01 07:48 - 2019-08-01 07:48 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000309048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000301880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000277520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000265744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000206136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000161592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000142856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000138552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000136504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000108048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000104976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000061448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000039224 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000033592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000031032 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnlsres.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL 2019-08-01 07:48 - 2019-08-01 07:48 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys 2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKOR.DLL 2019-08-01 07:48 - 2019-08-01 07:48 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe 2019-08-01 07:48 - 2019-08-01 07:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll 2019-08-01 07:48 - 2019-08-01 07:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 006070920 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 004679168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 003042816 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001893888 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001537624 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001101312 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000773680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2019-08-01 07:47 - 2019-08-01 07:47 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2019-08-01 07:47 - 2019-08-01 07:47 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2019-08-01 07:47 - 2019-08-01 07:47 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000283472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000091664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000090128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2019-08-01 07:47 - 2019-08-01 07:47 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2019-08-01 07:47 - 2019-08-01 07:47 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000028672 _____ C:\WINDOWS\system32\usocoreps.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll 2019-08-01 07:47 - 2019-08-01 07:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 014814208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 005087744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 004867400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 004572016 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 003915536 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 003735264 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 002763576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 002600960 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 002373120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 002200576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 002066944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001912576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001881400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001531992 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001452032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001432064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001331976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001154960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001097528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001086464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000889888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000695808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000690488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000564240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000550200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000506232 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000425488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2019-08-01 07:46 - 2019-08-01 07:46 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2019-08-01 07:46 - 2019-08-01 07:46 - 000414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000400232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000375512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000321848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000284176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000245544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000235536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000222008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000191288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000166712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000159544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000158736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000156472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000140304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000134424 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000103224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000096208 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000095184 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2019-08-01 07:46 - 2019-08-01 07:46 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000047928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000045384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000042792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS 2019-08-01 07:46 - 2019-08-01 07:46 - 000023736 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys 2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2019-08-01 07:46 - 2019-08-01 07:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe 2019-08-01 07:46 - 2019-08-01 07:46 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll 2019-08-01 07:45 - 2019-08-01 07:45 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000244712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys 2019-08-01 07:45 - 2019-08-01 07:45 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys 2019-08-01 07:29 - 2019-08-01 07:29 - 000000000 ____D C:\WINDOWS\system32\bg 2019-08-01 07:23 - 2019-08-01 07:23 - 004164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll 2019-08-01 07:23 - 2019-08-01 07:23 - 001875968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll 2019-08-01 07:23 - 2019-08-01 07:23 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll 2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\msmq 2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\WINDOWS\system32\BestPractices 2019-08-01 07:23 - 2019-08-01 07:23 - 000000000 ____D C:\inetpub 2019-08-01 07:22 - 2019-08-01 07:22 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2019-08-01 07:22 - 2019-08-01 07:22 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2019-08-01 07:22 - 2019-08-01 07:22 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\Reference Assemblies 2019-08-01 07:22 - 2019-08-01 07:22 - 000000000 ____D C:\Program Files\MSBuild 2019-08-01 07:20 - 2019-08-01 07:20 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll 2019-08-01 07:20 - 2019-08-01 07:20 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll 2019-08-01 07:20 - 2019-08-01 07:20 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2019-08-01 07:15 - 2019-08-01 07:15 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER 2019-08-01 07:08 - 2019-08-01 07:08 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2019-08-01 04:44 - 2019-08-01 08:59 - 000000000 ___DC C:\WINDOWS\Panther 2019-07-31 19:53 - 2019-07-31 19:53 - 025776848 _____ (Goversoft LLC) C:\Users\Beco\Downloads\PrivaZer_free (2).exe 2019-07-31 15:21 - 2019-07-31 15:23 - 000000000 ____D C:\Users\Beco\Documents\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c 2019-07-31 10:46 - 2019-07-31 10:46 - 000000000 ____D C:\ProgramData\Thunder Network 2019-07-31 10:45 - 2019-08-01 10:06 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xiaomi 2019-07-31 10:45 - 2019-07-31 10:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Xiaomi 2019-07-31 10:42 - 2019-08-04 11:02 - 000000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForBeco.job 2019-07-31 10:18 - 2019-07-31 10:34 - 1390856692 _____ C:\Users\Beco\Downloads\hermes_global_images_V9.6.3.0.LHMMIFD_20180801.0000.00_5.0_global_0dc0ffff2c.tgz 2019-07-29 11:31 - 2019-07-29 11:31 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2019-07-28 09:45 - 2019-07-28 09:45 - 000000000 ____D C:\Users\Beco\AppData\Roaming\AndroidTbox 2019-07-28 09:36 - 2019-07-28 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software 2019-07-28 09:36 - 2019-07-28 09:43 - 000000000 ____D C:\ProgramData\Tencent 2019-07-28 09:36 - 2019-07-28 09:36 - 000000000 ____D C:\Users\Beco\AppData\Local\Tencent 2019-07-28 09:35 - 2019-07-28 10:25 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Tencent 2019-07-28 09:35 - 2019-07-28 09:35 - 000000000 ____D C:\Temp 2019-07-21 16:47 - 2019-07-21 16:47 - 004196408 _____ C:\Users\Beco\Downloads\2019-07-10_16-29-20.861.bmp 2019-07-18 17:34 - 2019-07-31 19:53 - 000000000 ____D C:\Program Files\PrivaZer 2019-07-11 13:08 - 2019-07-11 13:22 - 000000775 _____ C:\Users\Beco\Documents\new tournament.txt 2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.QtWebEngineProcess 2019-07-11 12:23 - 2019-07-11 12:23 - 000000000 ____D C:\Users\Beco\.LINE 2019-07-07 11:09 - 2019-07-07 11:09 - 000000000 ____D C:\Users\Beco\AppData\Local\HP_Inc 2019-07-07 11:05 - 2019-08-01 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support 2019-07-07 11:05 - 2019-07-07 11:05 - 000002262 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk 2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Hewlett-Packard 2019-07-07 11:05 - 2019-07-07 11:05 - 000000000 ____D C:\Users\Beco\AppData\Local\Hewlett-Packard 2019-07-07 10:44 - 2019-07-07 10:45 - 039926088 _____ (Hewlett Packard ) C:\Users\Beco\Downloads\sp54177.exe 2019-07-07 10:37 - 2019-07-07 11:04 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2019-07-07 10:37 - 2019-07-07 10:37 - 000000000 ____D C:\Users\Beco\AppData\Local\HP 2019-07-07 10:36 - 2019-07-07 10:36 - 003510048 _____ (Oleg N. Scherbakov) C:\Users\Beco\Downloads\HPSupportSolutionsFramework-12.11.24.11.exe ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-08-04 18:27 - 2019-03-19 05:44 - 000000000 ____D C:\WINDOWS\INF 2019-08-04 18:26 - 2019-01-06 07:56 - 000000000 ____D C:\ProgramData\ProductData 2019-08-04 18:21 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-08-04 18:20 - 2019-03-19 05:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-08-04 18:17 - 2009-07-14 05:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2019-08-04 18:14 - 2019-01-06 00:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-08-04 18:09 - 2019-01-06 07:52 - 000000000 ____D C:\Users\Beco\AppData\Roaming\IObit 2019-08-04 16:43 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\System 2019-08-04 16:43 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-08-04 10:14 - 2019-04-13 12:35 - 000002131 _____ C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Plarium Play.lnk 2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Plarium 2019-08-04 10:14 - 2019-01-06 00:54 - 000000000 ____D C:\Users\Beco\AppData\Local\Package Cache 2019-08-04 09:30 - 2019-01-06 10:16 - 000000000 ____D C:\Users\Beco\AppData\LocalLow\Unity 2019-08-04 07:29 - 2019-03-19 05:46 - 000000000 ___HD C:\Program Files\WindowsApps 2019-08-03 23:50 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-08-02 04:34 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\appcompat 2019-08-01 19:35 - 2019-06-19 04:27 - 000000000 ____D C:\Program Files\UNP 2019-08-01 19:35 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer 2019-08-01 19:35 - 2019-04-03 05:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX H.264 decoder 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\spool 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\IME 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ServiceState 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\schemas 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\Registration 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-08-01 19:35 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2019-08-01 19:35 - 2019-03-19 05:43 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-08-01 19:35 - 2019-03-17 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-08-01 19:35 - 2019-02-24 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-08-01 19:35 - 2019-01-06 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2019-08-01 19:35 - 2019-01-06 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8K Player 2019-08-01 19:35 - 2019-01-06 07:51 - 000000000 ____D C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed 2019-08-01 19:35 - 2019-01-05 21:52 - 000000000 ____D C:\Program Files\Intel 2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2019-08-01 19:35 - 2018-09-15 08:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2019-08-01 15:17 - 2019-04-19 19:53 - 000000000 ____D C:\Users\Beco\AppData\Local\Packages 2019-08-01 10:28 - 2019-02-24 13:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-08-01 10:28 - 2019-02-24 13:31 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-08-01 09:18 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\PrintDialog 2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-08-01 09:00 - 2019-04-19 19:54 - 000000000 ___RD C:\Users\Beco\3D Objects 2019-08-01 08:59 - 2019-03-19 05:46 - 000000000 ____D C:\ProgramData\USOPrivate 2019-08-01 08:58 - 2019-03-19 05:35 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2019-08-01 08:57 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Windows Defender 2019-08-01 08:40 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugins 2019-08-01 08:40 - 2019-01-05 22:05 - 000000000 ____D C:\Program Files\LSI SoftModem 2019-08-01 08:39 - 2019-01-05 22:00 - 000000000 ____D C:\WINDOWS\QLB 2019-08-01 08:32 - 2019-03-19 05:49 - 000000000 ____D C:\WINDOWS\Setup 2019-08-01 08:16 - 2019-03-19 05:46 - 000000000 __RHD C:\Users\Public\Libraries 2019-08-01 08:03 - 2019-04-13 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2019-08-01 08:03 - 2019-01-12 14:52 - 000000000 ____D C:\Program Files\Synaptics 2019-08-01 08:03 - 2019-01-06 07:59 - 000000000 ____D C:\Program Files\AuthenTec 2019-08-01 08:03 - 2009-07-14 07:52 - 000000000 ____D C:\Program Files\Microsoft Games 2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ___SD C:\WINDOWS\system32\AppV 2019-08-01 07:57 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\TextInput 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\SystemResources 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\migwiz 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-08-01 07:57 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-08-01 07:29 - 2019-03-19 06:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2019-08-01 07:29 - 2019-03-19 06:38 - 000000000 ____D C:\WINDOWS\system32\WCN 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ___SD C:\WINDOWS\system32\F12 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\IME 2019-08-01 07:29 - 2019-03-19 05:46 - 000000000 ____D C:\Program Files\Common Files\System 2019-08-01 07:29 - 2019-03-19 05:35 - 000000000 ____D C:\WINDOWS\servicing 2019-08-01 07:23 - 2019-03-19 06:39 - 000000000 ____D C:\WINDOWS\OCR 2019-08-01 07:23 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\et-EE 2019-08-01 07:20 - 2019-03-19 05:46 - 000000000 ____D C:\WINDOWS\system32\es-MX 2019-08-01 04:23 - 2019-01-05 20:39 - 000000000 ____D C:\Users\Beco\AppData\Local\ElevatedDiagnostics 2019-07-31 20:16 - 2019-06-02 18:07 - 000000000 ____D C:\Users\Beco\AppData\Local\PrivaZer 2019-07-31 20:01 - 2019-04-18 03:25 - 000000000 ____D C:\Users\Beco\AppData\Local\CrashDumps 2019-07-31 19:53 - 2019-06-02 18:07 - 000001916 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk 2019-07-31 19:53 - 2019-06-02 18:07 - 000001904 _____ C:\Users\Public\Desktop\PrivaZer.lnk 2019-07-26 16:30 - 2019-04-19 19:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-07-11 12:23 - 2019-01-05 19:50 - 000000000 ____D C:\Users\Beco\AppData\Local\VirtualStore 2019-07-11 12:21 - 2019-04-19 20:32 - 000000000 ____D C:\ProgramData\Packages 2019-07-11 12:21 - 2019-04-19 20:02 - 000000000 ____D C:\Users\Beco\AppData\Local\PlaceholderTileLogoFolder 2019-07-11 05:03 - 2019-04-19 21:24 - 000000000 ___RD C:\Users\Beco\OneDrive 2019-07-10 19:32 - 2019-01-05 21:56 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-07-10 19:26 - 2019-01-05 21:56 - 133475400 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-07-10 12:28 - 2019-01-05 20:17 - 000606264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-07-07 11:05 - 2019-01-05 22:00 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2019-07-07 11:04 - 2019-05-04 17:11 - 000000000 ____D C:\Program Files\HP 2019-07-07 11:04 - 2019-04-19 19:43 - 000000000 ____D C:\Users\Beco\AppData\Roaming\hpqLog 2019-07-07 11:04 - 2019-01-05 22:00 - 000000000 ____D C:\Program Files\Hewlett-Packard 2019-07-07 10:45 - 2019-05-04 17:09 - 000000000 ____D C:\SWSetup ==================== Files in the root of some directories ================ 2019-08-04 09:48 - 2019-08-04 09:48 - 001065984 _____ () C:\Users\Beco\AppData\Local\file__0.localstorage 2019-08-04 09:14 - 2019-08-04 10:14 - 000061590 _____ () C:\Users\Beco\AppData\Local\PlariumPlay.log 2019-01-05 22:44 - 2019-01-05 22:44 - 000000000 _____ () C:\Users\Beco\AppData\Local\QSwitch.txt 2019-01-26 19:23 - 2019-01-26 19:23 - 000007605 _____ () C:\Users\Beco\AppData\Local\Resmon.ResmonCfg ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-08-2019 Ran by Beco (04-08-2019 18:31:23) Running from C:\Users\Beco\Downloads Microsoft Windows 10 Pro Version 1903 18362.267 (X86) (2019-08-01 05:59:11) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2920239448-2505446405-2311763162-500 - Administrator - Disabled) Beco (S-1-5-21-2920239448-2505446405-2311763162-1001 - Administrator - Enabled) => C:\Users\Beco DefaultAccount (S-1-5-21-2920239448-2505446405-2311763162-503 - Limited - Disabled) Guest (S-1-5-21-2920239448-2505446405-2311763162-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2920239448-2505446405-2311763162-1002 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-2920239448-2505446405-2311763162-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 8K Player version 4.4.0 (HKLM\...\842F0D80-2EC4-4903-9798-714D9927DCA1_is1) (Version: 4.4.0 - DimoSoft, Inc.) Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe) Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe) DivX H.264 decoder 8.2.0.26 (HKLM\...\divxh264_is1) (Version: 8.2.0.26 - ) Google Chrome (HKLM\...\Google Chrome) (Version: 76.0.3809.87 - Google LLC) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM\...\{A2926515-9BCE-4785-AFAD-98233D52C3AE}) (Version: 12.11.27.1 - HP Inc.) HP System Event Utility (HKLM\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.13 - HP Inc.) IObit Uninstaller 8 (HKLM\...\IObitUninstall) (Version: 8.4.0.11 - IObit) K-Meleon 75.0 (x86 en-US) (HKLM\...\K-Meleon 75.0 (x86 en-US)) (Version: 75.0 - kmeleonbrowser.org) LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation) Microsoft OneDrive (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Plarium Play (HKLM\...\{12D4088C-8ED7-4218-B9FF-10E8FA3D7B57}) (Version: 3.1.0.0 - Plarium) Hidden Plarium Play (HKLM\...\{FBD9CDDD-13B0-406B-BDFA-79703D34C153}) (Version: 3.1.0 - Plarium) Hidden Plarium Play (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\{b06aff34-801f-46e9-9690-9d16b8f33092}) (Version: 3.1.0 - Plarium) PrivaZer (HKLM\...\PrivaZer) (Version: 3.0.75.0 - Goversoft LLC) QLBCASL (HKLM\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden Skype, версия 8.45 (HKLM\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated) Unity Web Player (HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS) WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Packages: ========= LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.2.0_x86__8ptj331gd3tyt [2019-07-31] (LINE Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-19] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x86__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad] Torrex Lite - Torrent Downloader -> C:\Program Files\WindowsApps\BooStudioLLC.TorrexLite-TorrentDownloader_1.3.97.0_x86__b6e429xa66pga [2019-06-21] (Finebits OÜ) [MS Ad] Добавка за „Снимки“ -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x86__8wekyb3d8bbwe [2019-04-20] (Microsoft Corporation) Поща и календар -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x86__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad] ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2920239448-2505446405-2311763162-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Beco\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies SF -> Unity Technologies ApS) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\Деинсталирай Privazer.lnk -> C:\Program Files\PrivaZer\privazer_remover.exe (Goversoft LLC) <==== Cyrillic Shortcut: C:\Users\Beco\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============== ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:04 - 2009-06-11 00:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKCU\Environment\\Path -> ;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\Control Panel\Desktop\\Wallpaper -> c:\users\beco\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\diy.jpg DNS Servers: 192.168.0.1 HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\Services: SafeDNS Agent => 2 HKLM\...\StartupApproved\Run: => "QlbCtrl.exe" HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk" HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2920239448-2505446405-2311763162-1001\...\StartupApproved\Run: => "SafeDNS Agent" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{155B760F-5E54-482B-8365-6665EC03CC2C}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [TCP Query User{44B11955-F926-4A9B-AA9D-6B5A18DAAF61}C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\beco\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [{08CAA098-8E08-4DD6-AB80-2885F8050FD9}] => (Allow) C:\Users\Beco\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{B0A739B5-4232-4958-9C1D-486DC1047518}] => (Allow) C:\Users\Beco\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{90A20652-3E5F-405C-B8E5-AF6D9A4EC0E7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{612CBEB6-20A2-448D-99E9-FCB1F2B34F23}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AF4C1CD7-FED9-470D-B329-7F50331D7D0B}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{77363016-8846-4DB7-AD51-2B727580DA68}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed] FirewallRules: [TCP Query User{45A74C76-06A8-4563-9550-548C167DE0D2}D:\lfs\lfs.exe] => (Allow) D:\lfs\lfs.exe () [File not signed] FirewallRules: [UDP Query User{340FE0D8-F433-4684-8EEE-555FA3D5CC3D}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File FirewallRules: [TCP Query User{353B7826-2A8F-493D-A1F1-2AC837AF0B3C}C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe] => (Allow) C:\users\beco\appdata\local\temp\rar$exa5360.11617\sdi_r1904.exe No File FirewallRules: [UDP Query User{24C96F24-BD78-4B3B-8CC8-CCD439113A9E}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{F80ACAFA-F1DD-447C-8EF2-F8CFE0A3F99F}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{06598060-8173-4526-85B1-326A8EADE9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 01-08-2019 13:54:17 Windows Update 03-08-2019 18:20:34 Driver Booster : Microsoft ACPI-Compliant Control Method Battery ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/04/2019 06:26:50 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2400,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (08/04/2019 06:20:06 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (08/04/2019 06:17:33 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (08/04/2019 06:16:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Грешка в услугата "Криптографски услуги" при обработка на обръщение на OnIdentity() към обекта System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (08/04/2019 06:16:49 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {73ac7222-9583-4e9c-aeca-ddf782586332} System errors: ============= Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (08/04/2019 06:20:01 PM) (Source: DCOM) (EventID: 10010) (User: BECO-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (08/04/2019 06:17:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга Windows Search беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 30000 милисекунди ще бъде предприето следното коригиращо действие: Restart the service. Error: (08/04/2019 06:17:23 PM) (Source: WAS) (EventID: 5175) (User: ) Description: The listener adapter serving the 'net.msmq' protocol disconnected unexpectedly. Error: (08/04/2019 06:17:23 PM) (Source: WAS) (EventID: 5175) (User: ) Description: The listener adapter serving the 'net.pipe' protocol disconnected unexpectedly. Windows Defender: =================================== Date: 2019-08-04 16:39:23.995 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0 Name: Trojan:Win32/Wacatac.B!ml ID: 2147735505 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/18e663c4b0|pid:4648,ProcessStart:132093995403375033 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 16:35:34.363 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0 Name: Trojan:Win32/Conteban.B!ml ID: 2147735507 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/78834792cf|pid:2452,ProcessStart:132093992524073237 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 16:35:16.939 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0 Name: Trojan:Win32/Conteban.B!ml ID: 2147735507 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/459d5f08a7|pid:2452,ProcessStart:132093992524073237 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 16:34:50.615 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0 Name: Trojan:Win32/Conteban.B!ml ID: 2147735507 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/3e4192f681|pid:2452,ProcessStart:132093992524073237 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 16:31:18.836 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Conteban.B!ml&threatid=2147735507&enterprise=0 Name: Trojan:Win32/Conteban.B!ml ID: 2147735507 Severity: Severe Category: Trojan Path: file:_C:\Users\Beco\Downloads\ALABALA.exe; webfile:_C:\Users\Beco\Downloads\ALABALA.exe|https://dox.abv.bg/api/guest/download/d814e79dee|pid:7088,ProcessStart:132093990433000700 Detection Origin: Internet Detection Type: FastPath Detection Source: Downloads and attachments Process Name: Unknown Security intelligence Version: AV: 1.299.1235.0, AS: 1.299.1235.0, NIS: 1.299.1235.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 Date: 2019-08-04 15:19:12.432 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.299.1222.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16200.1 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2019-08-04 15:09:07.516 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2019-08-04 12:37:18.611 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.299.1222.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16200.1 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2019-08-04 12:27:12.471 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2019-08-04 11:52:30.958 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. ==================== Memory info =========================== BIOS: Hewlett-Packard 68PCU Ver. F.20 12/08/2011 Motherboard: Hewlett-Packard 30DB Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz Percentage of memory in use: 63% Total physical RAM: 3000.26 MB Available physical RAM: 1096.62 MB Total Virtual: 5542.26 MB Available Virtual: 3503.47 MB ==================== Drives ================================ Drive 😄 () (Fixed) (Total:365.12 GB) (Free:312.59 GB) NTFS Drive d: () (Fixed) (Total:100.1 GB) (Free:85.36 GB) NTFS \\?\Volume{35691345-1108-11e9-812b-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{35691348-1108-11e9-812b-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0FD73A73) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=365.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=450 MB) - (Type=27) ==================== End of Addition.txt ============================ Не видях че сте писали погоре - потърсих съвет от него защото не можех да изтегля Farbar и да направя сканиране и да пусна тема , а не по тази тема
  8. Напоследък Chrome зарежда бавно имам чувството че сякаш системата е тромава , днес при опитите да изтегля Farbar страницата се зареждаше около 1:30 минути докато започне самото изтегляне и то неуспешно Addition_04-08-2019 17.09.48.txt FRST_04-08-2019 17.09.48.txt
  9. # DelFix v1.013 - Logfile created 04/01/2019 at 20:29:37 # Updated 17/04/2016 by Xplode # Username : ВЕС - WIN-SKFJ6HLGST2 # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits) ~ Removing disinfection tools ... Deleted : C:\TDSSKiller.3.1.0.25_04.01.2019_19.28.10_log.txt Deleted : C:\Users\ВЕС\Downloads\tdsskiller.exe ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #3 [Windows Update | 01/03/2019 17:36:13] Deleted : RP #4 [Windows Update | 01/03/2019 17:53:03] Deleted : RP #6 [Restore Point Created by FRST | 01/04/2019 19:05:14] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  10. Системата е добре, благодаря за отделеното време и внимание
  11. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2019 Ran by ВЕС (administrator) on WIN-SKFJ6HLGST2 (04-01-2019 19:43:03) Running from C:\Users\ВЕС\Downloads Loaded Profiles: ВЕС (Available Profiles: ВЕС) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\...\Drivers32: [MSVideo8] => C:\Windows\system32\VfWWDM32.dll [56832 2010-11-20] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\Windows\System32\iedkcs32.dll [2010-11-20] (Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-03] (Google Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{840DEA2A-8553-4D25-A5FB-7DB86C5BFBE5}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{EE11610E-0BCC-42A7-A0AC-89B4A3B92BF1}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-3512987231-521144983-709920193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp FireFox: ======== FF ProfilePath: C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default [2019-01-03] FF user.js: detected! => C:\Users\ВЕС\AppData\Roaming\K-Meleon\oytl87x0.default\user.js [2006-04-06] FF Extension: (NewsFox) - C:\Users\ВЕС\Downloads\k-meleon\browser\extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2016-01-04] [Legacy] [not signed] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File] FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [No File] Chrome: ======= CHR HomePage: Default -> hxxp://google.bg/ CHR Profile: C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default [2019-01-04] CHR Extension: (Lightshot (скрииншот инструмент)) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-01-03] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-03] CHR Extension: (Chrome Media Router) - C:\Users\ВЕС\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-03] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [375776 2018-12-12] (Google Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes) S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [129248 2018-12-04] (Malwarebytes) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-01-04] (Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [106144 2019-01-04] (Malwarebytes) R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [63760 2019-01-04] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2019-01-04] (Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [83648 2019-01-04] (Malwarebytes) U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-04 19:28 - 2019-01-04 19:30 - 000186628 _____ C:\TDSSKiller.3.1.0.25_04.01.2019_19.28.10_log.txt 2019-01-04 19:27 - 2019-01-04 19:27 - 005073416 _____ (AO Kaspersky Lab) C:\Users\ВЕС\Downloads\tdsskiller.exe 2019-01-04 19:27 - 2019-01-04 19:27 - 000063760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-01-04 19:26 - 2019-01-04 19:26 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-01-04 19:26 - 2019-01-04 19:26 - 000106144 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-01-04 19:26 - 2019-01-04 19:26 - 000083648 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-01-04 18:55 - 2019-01-04 18:55 - 000463872 _____ C:\Windows\system32\LBA-0-128-k 2019-01-04 18:52 - 2019-01-04 18:52 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-01-04 18:52 - 2019-01-04 18:52 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-01-04 18:52 - 2019-01-04 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-01-04 18:52 - 2018-12-04 08:09 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2019-01-04 18:51 - 2019-01-04 18:51 - 081227760 _____ (Malwarebytes ) C:\Users\ВЕС\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211 (1).exe 2019-01-04 16:30 - 2019-01-04 16:30 - 000005319 _____ C:\Users\ВЕС\Documents\Fixlog.txt 2019-01-04 16:30 - 2019-01-04 16:30 - 000003620 _____ C:\Users\ВЕС\Documents\fixlist.txt 2019-01-04 03:15 - 2019-01-04 03:15 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2019-01-04 03:15 - 2019-01-04 03:15 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2019-01-04 03:14 - 2019-01-04 03:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2019-01-04 03:10 - 2019-01-03 18:31 - 000000000 ____D C:\Windows\Panther 2019-01-04 03:03 - 2019-01-04 03:03 - 000000000 ____D C:\Windows.old 2019-01-03 20:43 - 2019-01-04 19:43 - 000005530 _____ C:\Users\ВЕС\Downloads\FRST.txt 2019-01-03 20:43 - 2019-01-04 19:43 - 000000000 ____D C:\FRST 2019-01-03 20:43 - 2019-01-03 20:43 - 001783808 _____ (Farbar) C:\Users\ВЕС\Downloads\FRST.exe 2019-01-03 20:03 - 2019-01-03 20:03 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbam 2019-01-03 20:02 - 2019-01-04 18:52 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Users\ВЕС\AppData\Local\mbamtray 2019-01-03 20:02 - 2019-01-03 20:02 - 000000000 ____D C:\Program Files\Malwarebytes 2019-01-03 20:00 - 2019-01-03 20:01 - 081227760 _____ (Malwarebytes ) C:\Users\ВЕС\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.508-1.0.8211.exe 2019-01-03 19:40 - 2019-01-03 19:40 - 029162424 _____ (Adlice Software ) C:\Users\ВЕС\Downloads\RogueKiller_setup.exe 2019-01-03 19:34 - 2019-01-04 16:29 - 000383916 _____ C:\Windows\ntbtlog.txt 2019-01-03 19:30 - 2019-01-03 19:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ C:\Users\ВЕС\AppData\Local\dump007.dat 2019-01-03 19:09 - 2019-01-03 19:09 - 000000009 _____ C:\Users\ВЕС\rstr1.ini 2019-01-03 19:07 - 2019-01-03 19:07 - 000000258 __RSH C:\Users\ВЕС\ntuser.pol 2019-01-03 19:02 - 2019-01-03 19:02 - 000000000 ____D C:\Users\ВЕС\AppData\LocalLow\yHNPHHIzKpsCK 2019-01-03 19:01 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Michael 2019-01-03 19:01 - 2019-01-03 19:19 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ShopMore 2019-01-03 19:01 - 2019-01-03 19:07 - 000002964 __RSH C:\ProgramData\ntuser.pol 2019-01-03 19:01 - 2019-01-03 19:01 - 000493800 _____ (VideoDriver) C:\Windows\D04DE5140B2D.sys 2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ C:\Users\ВЕС\AppData\Local\installer.dat 2019-01-03 19:01 - 2019-01-03 19:01 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Python 2019-01-03 19:00 - 2019-01-03 20:05 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\ezc3lfxnx4j 2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ C:\Users\ВЕС\AppData\Local\wbem.ini 2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{AC10FE2E-1A46-0496-3E07-15883EE04CD9} 2019-01-03 19:00 - 2019-01-03 19:00 - 000000000 ____D C:\ProgramData\{59403C6F-D807-F1C6-7FC5-457D7F221C2C} 2019-01-03 18:57 - 2019-01-03 18:57 - 000008906 _____ C:\Users\NYBMYXMIG-DECRYPT.txt 2019-01-03 18:56 - 2015-08-03 08:53 - 000384000 _____ (SafeIP) C:\Windows\system32\SafeIPs.dll 2019-01-03 18:55 - 2019-01-03 20:05 - 000000000 ____D C:\Program Files\KMSPico 10.2.1 Final 2019-01-03 18:53 - 2018-12-10 23:04 - 000499424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2019-01-03 18:48 - 2019-01-03 18:48 - 001259736 _____ (Plarium) C:\Users\ВЕС\Downloads\PlariumPlaySetup (1).exe 2019-01-03 18:46 - 2019-01-03 18:46 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Package Cache 2019-01-03 18:45 - 2019-01-03 19:03 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Mozilla 2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\K-Meleon 2019-01-03 18:45 - 2019-01-03 18:45 - 000000000 ____D C:\Users\ВЕС\AppData\Local\K-Meleon 2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Plarium 2019-01-03 18:44 - 2019-01-03 18:44 - 000000000 ____D C:\Users\ВЕС\AppData\Local\CEF 2019-01-03 18:39 - 2019-01-03 18:39 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Google 2019-01-03 18:38 - 2019-01-03 19:53 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-01-03 18:38 - 2019-01-03 19:53 - 000002161 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-01-03 18:37 - 2019-01-03 19:02 - 000000000 ____D C:\Program Files\Google 2019-01-03 18:37 - 2019-01-03 19:00 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Google 2019-01-03 18:37 - 2019-01-03 18:37 - 000057560 _____ C:\Users\ВЕС\AppData\Local\GDIPFONTCACHEV1.DAT 2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Deployment 2019-01-03 18:37 - 2019-01-03 18:37 - 000000000 ____D C:\Users\ВЕС\AppData\Local\Apps\2.0 2019-01-03 18:36 - 2014-05-14 17:23 - 001973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-01-03 18:36 - 2014-05-14 17:23 - 000054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2019-01-03 18:36 - 2014-05-14 17:23 - 000045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-01-03 18:36 - 2014-05-14 17:17 - 002425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2019-01-03 18:36 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2019-01-03 18:36 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2019-01-03 18:33 - 2019-01-03 19:53 - 000001335 _____ C:\Users\ВЕС\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2019-01-03 18:33 - 2019-01-03 19:09 - 000000000 ____D C:\Users\ВЕС 2019-01-03 18:33 - 2019-01-03 18:33 - 000000020 ___SH C:\Users\ВЕС\ntuser.ini 2019-01-03 18:33 - 2019-01-03 18:33 - 000000000 ____D C:\Users\ВЕС\AppData\Local\VirtualStore 2019-01-03 18:33 - 2010-11-21 01:46 - 000000000 ____D C:\Users\ВЕС\AppData\Roaming\Media Center Programs 2019-01-03 16:27 - 2019-01-03 16:27 - 000000000 ____D C:\My Drivers 2018-12-30 08:50 - 2018-12-30 08:50 - 005183296 _____ (Marcin Szeniak ) C:\Users\ВЕС\Downloads\BCUninstaller_4.12.1_setup.exe 2018-12-29 13:35 - 2018-12-29 13:35 - 000000000 ____D C:\SWSetup ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-04 19:32 - 2010-11-20 22:01 - 000713888 _____ C:\Windows\system32\PerfStringBackup.INI 2019-01-04 19:32 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf 2019-01-04 19:26 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-01-04 19:25 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-01-04 19:25 - 2009-07-14 05:34 - 000016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-01-04 03:15 - 2009-07-14 05:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2019-01-04 03:15 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\sysprep 2019-01-04 03:12 - 2010-11-21 01:46 - 000000000 ____D C:\Windows\CSC 2019-01-04 03:10 - 2009-07-14 05:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2019-01-03 19:01 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\GroupPolicy 2019-01-03 18:57 - 2018-08-11 19:54 - 000000000 ____D C:\Intel 2019-01-03 18:57 - 2017-10-21 13:53 - 000000000 ____D C:\LFS 2019-01-03 18:57 - 2017-09-25 20:50 - 000000000 ___RD C:\BECKO-PC 2019-01-03 18:57 - 2017-04-14 15:10 - 000036892 ____H C:\iCS Source.suo.nybmyxmig 2019-01-03 18:33 - 2009-07-14 05:33 - 000266808 _____ C:\Windows\system32\FNTCACHE.DAT 2019-01-03 18:31 - 2009-07-14 03:37 - 000000000 __RHD C:\Users\Public\Libraries 2019-01-03 17:30 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache 2019-01-03 15:34 - 2018-08-11 14:17 - 000000000 ____D C:\Users\ВЕС\Downloads\k-meleon 2019-01-01 13:09 - 2018-09-02 13:32 - 000000000 ____D C:\Users\ВЕС\Documents\TalkHelper ==================== Files in the root of some directories ======= 1601-01-03 21:26 - 1601-01-03 21:26 - 000186368 ____N (Microsoft Corporation) C:\Users\ВЕС\AppData\Local\aIQEonJ.exe 2019-01-03 19:10 - 2019-01-03 19:10 - 006161408 _____ () C:\Users\ВЕС\AppData\Local\dump007.dat 2019-01-03 19:01 - 2019-01-03 19:01 - 000140800 _____ () C:\Users\ВЕС\AppData\Local\installer.dat 2019-01-03 19:00 - 2019-01-03 19:00 - 000000003 _____ () C:\Users\ВЕС\AppData\Local\wbem.ini ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-01-04 03:11 ==================== End of FRST.txt ============================ Addition.txt
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×
×
  • Добави ново...