Премини към съдържанието

Aneliya Beaton

Потребител
  • Публикации

    66
  • Регистрация

  • Последно онлайн

Харесвания

10 Добра репутация

Всичко за Aneliya Beaton

  • Титла
    Редовен потребител

Последни посетители

804 прегледа на профила
  1. Аха!! - сега ще го пробвам.... Значи те са хардуерни профилите... аз го разбрах че изключваш различните програми да не стартират за да запазиш ресурси за програми, които изискват повече, но не ми стана ясно че и устройства можеш да изключиш. А между другото къде и как да намеря тези драйвери - в device manager ра не ми излизат като устройства, - някакъв таблет има инсталиран преди две години и предполагам това е wacom-ма но новите таблети не се появяват като устройства. Как да махна драйверите ми е въпроса.като не се появяват като устройства.
  2. DarkEdge, това е страшно полезна програма и ще си я сваля, проблемът обаче който искам да реша е различен. Тази програма контролира кои програми да се заредят стартирайки един или друг профил, а аз търся програма, която да ми позволява да държа на един компютър едновременно драйвери, които са в конфликт, избирайки кой от тях да работи в момента и кой не. Това че една или друга програма не зарежда, като стартирам компютъра не променя факта, че драйверите на инсталираните устройства се зареждат всичките. Мога ли да инсталирам едно устройство под един профил и друго под друг.... Той windows-са не ги ли пъха в един и същи общ кюп? Как да разделя този кюп Но благодаря за линка - определено ще ми свърши работа
  3. Здравейте, имам следния проблем. По принцип работя предимно с таблет (Wacom) вместо мишка. На напоследък си купих скрин таблет на XP Pen и го инсталирах както си му е реда. Между временно инсталирах и още един обикновен таблет на XP Pen, който настоя да премахна предишните драйвери за да си качи своите.... всъщност направо ме предупреди че той ще ги премахне - и ги премахна. Скрин таблета, който е 21 инча не мога да нося на горе и на долу, и ще ми трябва пен-таблет инсталиран за да работя на фотошоп и др. Очевидно всеки един настоява да е единствения, а аз имам нужда и от двете устройства (не едновременно), че и от повече.... (ако добавя и Wacom таблета). Звучи, като невъзможен любовен триъгълник, но не трябва да е така - никой от тях не може да ми каже - ще ти служа само ако се откажеш от останалите... Та се чудех дали има софтуер, който да активира и де активира драйвери, когато са/не са нужни, така че да не се бият с останалите? Работя на windows 10, Благодаря много.
  4. ADWCLEANER намери нещо....... # ------------------------------- # Malwarebytes AdwCleaner 7.1.1.0 # ------------------------------- # Build: 04-24-2018 # Database: # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 07-23-2019 # Duration: 00:00:18 # OS: Windows 10 Home # Scanned: 31372 # Detected: 8 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.AmazonAssistant C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] ***** [ Files ] ***** Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer PUP.Optional.Legacy C:\Users\Public\Desktop\eBay.lnk ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6} PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** PUP.Optional.Assistant Amazon Assistant for Firefox ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## и го почисти________________ # ------------------------------- # Malwarebytes AdwCleaner 7.1.1.0 # ------------------------------- # Build: 04-24-2018 # Database: # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 07-23-2019 # Duration: 00:00:11 # OS: Windows 10 Home # Cleaned: 8 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] ***** [ Files ] ***** Deleted C:\Windows\System32\Tasks_Migrated\App Explorer Deleted C:\Users\Public\Desktop\eBay.lnk ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6} Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** Deleted Amazon Assistant for Firefox ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## за кави дневници става дума - това последното дневник ли е или рапорт????
  5. Без съмнение системата е много по-пъргава и не се задъхва въобще. Имаше ли много за чистене? Каво и беше? Въпросния софтуер за който говорех първоначално го инсталирах на 15 и после на 16 и после го махнах но на същите дати уиндоуса се упдейтна и като гледах файловете имаше доста файлове променени на тези дати.... те ли се оказаха проблем или по пронцип си се е прецакала системата? Сега работя по последните задачи които м поставихте... първия рапорт след прикл'чване на сканирането на malwarebytes Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 23/07/2019 Scan Time: 21:48 Log File: 40f5b8d8-ad8b-11e9-9d0c-30e37ae1387b.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.613 Update Package Version: 1.0.11690 Licence: Trial -System Information- OS: Windows 10 (Build 17134.885) CPU: x64 File System: NTFS User: ASTRAMUR\astra -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 284179 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 11 min, 2 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) никакъв прозорец който ме подканва да рестартирам не се появи.... да рестарирам ли? и тогава пак да изкопирам репорта?
  6. Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01 Ran by astra (23-07-2019 20:10:43) Run:1 Running from C:\Users\astra\Desktop Loaded Profiles: astra (Available Profiles: astra) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: EmptyTemp: CloseProcesses: HKLM\...\Run: [CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662 (the data entry has 44 more characters). HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [AdobeBridge] => [X] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-08-12] ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File AlternateDataStreams: C:\Users\astra\AppData\Local:fgLWSWvcNK90pVbNiuttcfY [2158] AlternateDataStreams: C:\Users\astra\AppData\Local\6Xrb7BuFYhaI:6cAhTWwnId6ZmRcDBKN9ftXRfR [1988] AlternateDataStreams: C:\Users\astra\AppData\Local\Temp:SRXsx872vxEMxDomUb [2152] FirewallRules: [{9F7B2182-4AD3-4CEF-87C9-9BA0940FD01E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File FirewallRules: [{204B5F4D-1EF6-4678-A02B-5FCBE25E2DDD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File FirewallRules: [{14B95CFD-0740-469F-9B61-52C1A692DF74}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File Reboot: ***************** Restore point was successfully created. Processes closed successfully. "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F" => removed successfully "HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => moved successfully "ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found C:\Users\astra\AppData\Local => ":fgLWSWvcNK90pVbNiuttcfY" ADS removed successfully C:\Users\astra\AppData\Local\6Xrb7BuFYhaI => ":6cAhTWwnId6ZmRcDBKN9ftXRfR" ADS removed successfully C:\Users\astra\AppData\Local\Temp => ":SRXsx872vxEMxDomUb" ADS removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F7B2182-4AD3-4CEF-87C9-9BA0940FD01E}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{204B5F4D-1EF6-4678-A02B-5FCBE25E2DDD}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14B95CFD-0740-469F-9B61-52C1A692DF74}" => removed successfully =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38875579 B Java, Flash, Steam htmlcache => 1135 B Windows/system/drivers => 275542 B Edge => 14203202 B Chrome => 114659827 B Firefox => 22387690 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 6656 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 17354 B LocalService => 0 B NetworkService => 8140 B NetworkService => 0 B astra => 389034 B RecycleBin => 42947 B EmptyTemp: => 189.5 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:13:00 ====
  7. Този път изглежда различно... Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01 Ran by astra (administrator) on ASTRAMUR (Acer Aspire ES1-572) (23-07-2019 19:33:06) Running from C:\Users\astra\Desktop Loaded Profiles: astra (Available Profiles: astra) Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: English (United Kingdom) Default browser: Edge Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Acer Incorporated -> ) C:\OEM\Preload\FubTool\FubTool.exe (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Amundsen\2.1.16258\awc.exe (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporated -> Acer Incorporated) C:\ProgramData\OEM\UpgradeTool\Acer Collection\UpgradeTool.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\77.4.131\QtWebEngineProcess.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\77.4.131\QtWebEngineProcess.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Guangzhou Ugee Computers Technology Co.,Ltd -> UGEE) C:\Program Files\Pentablet\PentabletService.exe (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxext.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHeciSvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\astra\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe (Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe Failed to access process -> awc.exe Failed to access process -> chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2247272 2018-08-29] (Guangzhou Ugee Computers Technology Co.,Ltd -> UGEE) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM\...\Run: [CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662 (the data entry has 44 more characters). HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.) HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [GoogleChromeAutoLaunch_FE4A4543431CDBB1D3752425BDF66A5F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-07-13] (Google LLC -> Google LLC) HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [AdobeBridge] => [X] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-08-12] ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04B91F18-5149-4C16-B37F-AB0B2B61BDF7} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-24] (Acer Incorporated -> ) Task: {0AB39C25-0879-435E-9F0F-5D56E3A138C4} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {0BD26A45-9552-4CC9-B6F7-DBFB1D6F6ABA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) Task: {1B6C24D2-3D71-4206-8C47-3926823CA88A} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {1B7FAFCC-7B6C-4338-8C9A-36FBEFB2E11B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> ) Task: {21EFCF0F-D7E5-415F-9D4C-47811C875F5A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {27B37B28-F56A-4EC4-8297-EC519F12A84C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {2AAC5FDF-0122-469F-B5CF-02097774795A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {33C5F447-1E0B-48CC-88EA-1F13A16474A0} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {34910470-5ED1-48D2-A019-697167083F92} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [422704 2016-09-13] (Acer Incorporated -> Acer Incorporated) Task: {3F3B38E4-F290-45BE-A984-8A7A27EEC9D0} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {48835C3F-DCD3-49EA-BF10-F84338580BF6} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated) Task: {4BC6FF17-0170-4310-B3AF-37D5718078CE} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> ) Task: {4C850587-5334-4490-9BF5-5917C734163C} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {71BC7D34-AB7B-4A79-890D-F579C988584B} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {8312D9D7-3701-433B-A083-10A6A2B7E5A9} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767152 2016-09-13] (Acer Incorporated -> Acer Incorporated) Task: {88737B2D-E0DB-4ED7-BED9-00F6AF0B0BBF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {903FA2A0-D83F-43EE-8D86-B52A8EDF1AE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {A51114AA-9E48-4A0C-9D7F-956D10D153D5} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> ) Task: {A84FECC7-DBF5-4F97-B26B-10048D49DBE1} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {B2FD0A1B-C8D5-4EEC-9842-89EF760AAD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {C6D8FF7B-4BB1-48D2-935C-29B1348A05D5} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated) Task: {D0A73DEB-437E-4129-A07C-0FA3925E82C9} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {D5092C74-28AB-425D-826B-9BC89BEEECF1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-12] (Acer Incorporated -> TODO: <Company name>) Task: {D5F1D5F9-4EE8-4236-8816-BF4694DBBCC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {D6CAC0E2-774D-4065-A6A1-E2FEAD14E3C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {E5BD174C-13E0-4098-AB2D-264116D13CCF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504384 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {E743DBFC-E3E8-419E-ADF6-ADC2E84D97B3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {F5EB49F8-E72F-4AD4-B3F0-DE08F1B75DDA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{80bff6ca-ac63-49b4-b1c6-ad2f0eef04e7}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== Edge Extension: (Norton Password Manager) -> EdgeExtension_SymantecCorporation5478111E43ACF_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13] Edge Extension: (Norton Safe Web) -> EdgeExtension_SymantecCorporationNortonSafeWeb_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26] FireFox: ======== FF DefaultProfile: lrtt3h84.default FF ProfilePath: C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default [2019-03-02] FF Extension: (Amazon Assistant for Firefox) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\[email protected] [2017-08-12] [Legacy] FF Extension: (English (US) Language Pack) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\[email protected] [2017-08-12] [Legacy] FF Extension: (Mozilla Partner Defaults) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\[email protected] [2017-08-12] [Legacy] FF Extension: (Youtube Unblocker Remediation) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\features\{1bc4a344-5d8d-4fd1-97c6-f8c6065e34ec}\[email protected] [2017-08-12] [Legacy] FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2017-01-06] [Legacy] FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2017-01-06] [Legacy] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2017-01-06] [Legacy] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.co.uk/","hxxp://google.com/" CHR NewTab: Default -> Not-active:"chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html" CHR Profile: C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default [2019-07-23] CHR Extension: (Norton Password Manager) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2019-07-13] CHR Extension: (Flash Video Downloader) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-06-03] CHR Extension: (Docs) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-29] CHR Extension: (Google Drive) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-12] CHR Extension: (YouTube) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-12] CHR Extension: (Norton Safe Search) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2019-04-27] CHR Extension: (Norton Safe Web) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2019-07-13] CHR Extension: (Google Docs Offline) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-18] CHR Extension: (Grammarly for Chrome) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-07-23] CHR Extension: (Norton Home Page) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2019-04-27] CHR Extension: (Chrome Web Store Payments) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-21] CHR Extension: (Gmail) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-26] CHR Extension: (Chrome Media Router) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-13] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-25] (Microsoft Corporation -> Microsoft Corporation) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [181512 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [799928 2018-10-18] (ICEpower a/s -> ICEpower) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> ) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608 2019-06-20] (Symantec Corporation -> Symantec Corporation) R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe [933200 2019-06-20] (Symantec Corporation -> Symantec Corporation) R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated -> Acer Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11969880 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-09] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-09] (Microsoft Corporation -> Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3755176 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\BASHDefs\20190716.001\BHDrvx64.sys [1935880 2019-06-14] (Symantec Corporation -> Symantec Corporation) R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\ccSetx64.sys [192704 2019-06-20] (Symantec Corporation -> Symantec Corporation) R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2019-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-07-12] (Symantec Corporation -> Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-07-13] (Symantec Corporation -> Symantec Corporation) R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [172304 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\IPSDefs\20190722.061\IDSvia64.sys [1441800 2019-07-12] (Symantec Corporation -> Symantec Corporation) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7643648 2017-07-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-19] (Realtek Semiconductor Corp. -> Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSP64.SYS [864776 2019-06-20] (Symantec Corporation -> Symantec Corporation) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSPX64.SYS [49672 2019-06-20] (Symantec Corporation -> Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SYMEFASI64.SYS [1998552 2019-06-20] (Symantec Corporation -> Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SymELAM.sys [25744 2019-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-27] (Symantec Corporation -> Symantec Corporation) R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.0.183\SymPlatform\SymEvnt.sys [717832 2019-07-16] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\Ironx64.SYS [315912 2019-06-20] (Symantec Corporation -> Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\symnets.sys [573448 2019-06-20] (Symantec Corporation -> Symantec Corporation) R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-09] (Microsoft Windows -> Microsoft Corporation) S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\wpCtrlDrv.sys [1012120 2019-06-20] (Symantec Corporation -> Symantec Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-23 19:33 - 2019-07-23 19:35 - 000032449 _____ C:\Users\astra\Desktop\FRST.txt 2019-07-23 19:32 - 2019-07-23 19:33 - 000000000 ____D C:\FRST 2019-07-23 19:31 - 2019-07-23 19:31 - 002095104 _____ (Farbar) C:\Users\astra\Downloads\FRST64.exe 2019-07-23 19:31 - 2019-07-23 19:31 - 002095104 _____ (Farbar) C:\Users\astra\Desktop\FRST64.exe 2019-07-22 19:14 - 2019-07-22 19:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2019-07-22 18:47 - 2019-07-22 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-07-16 22:25 - 2019-07-16 22:25 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys 2019-07-15 15:41 - 2019-07-15 15:41 - 000000000 ____D C:\WINDOWS\system32\DAX3 2019-07-15 12:51 - 2019-07-15 12:43 - 027886358 _____ C:\Users\astra\Desktop\Evidence_2.avi 2019-07-15 12:51 - 2019-07-15 11:42 - 010416140 _____ C:\Users\astra\Desktop\Evidence_1.avi 2019-07-15 11:54 - 2019-07-15 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu 2019-07-15 11:52 - 2019-07-15 11:53 - 000001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk 2019-07-15 11:52 - 2019-07-15 11:53 - 000001271 _____ C:\Users\Public\Desktop\Express Burn Disc Burning Software.lnk 2019-07-15 11:52 - 2019-07-15 11:52 - 000002381 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2019-07-15 11:52 - 2019-07-15 11:52 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2019-07-15 11:47 - 2019-07-15 11:47 - 000001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk 2019-07-15 11:47 - 2019-07-15 11:47 - 000001215 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk 2019-07-15 11:42 - 2019-07-15 11:50 - 402587648 _____ C:\Users\astra\Downloads\Adobe-Master-Collection-CS6-Windows.iso 2019-07-15 11:38 - 2019-07-15 11:38 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1 (1).exe 2019-07-15 11:38 - 2019-07-15 11:38 - 000000000 ____D C:\Program Files (x86)\WinCDEmu 2019-07-15 11:37 - 2019-07-15 11:37 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1.exe 2019-07-15 11:34 - 2019-07-15 11:34 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2019-07-15 11:33 - 2019-07-15 11:33 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2019-07-15 11:26 - 2019-07-15 11:26 - 000791712 _____ (Disc Soft Ltd.) C:\Users\astra\Downloads\DTLiteInstaller.exe 2019-07-14 17:02 - 2019-07-04 10:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-07-14 17:02 - 2019-07-04 05:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-07-14 17:02 - 2019-07-04 05:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-07-14 17:02 - 2019-07-04 05:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-07-14 17:02 - 2019-07-04 05:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-07-14 17:02 - 2019-07-04 05:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-07-14 17:02 - 2019-05-17 07:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-07-14 17:02 - 2019-05-17 06:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-07-14 17:01 - 2019-07-04 10:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-07-14 17:01 - 2019-07-04 10:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-07-14 17:01 - 2019-07-04 10:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-07-14 17:01 - 2019-07-04 10:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-07-14 17:01 - 2019-07-04 10:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-07-14 17:01 - 2019-07-04 09:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-07-14 17:01 - 2019-07-04 09:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-07-14 17:01 - 2019-07-04 09:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-07-14 17:01 - 2019-07-04 09:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-07-14 17:01 - 2019-07-04 09:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-07-14 17:01 - 2019-07-04 06:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-07-14 17:01 - 2019-07-04 05:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-07-14 17:01 - 2019-07-04 05:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-07-14 17:01 - 2019-07-04 05:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-07-14 17:01 - 2019-07-04 05:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-07-14 17:01 - 2019-07-04 05:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2019-07-14 17:01 - 2019-07-04 05:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-07-14 17:01 - 2019-07-04 05:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-07-14 17:01 - 2019-07-04 05:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-07-14 17:01 - 2019-07-04 05:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-07-14 17:01 - 2019-07-04 05:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-07-14 17:01 - 2019-07-04 05:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-07-14 17:01 - 2019-07-04 05:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-07-14 17:01 - 2019-07-04 05:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-07-14 17:01 - 2019-07-04 05:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-07-14 17:01 - 2019-07-04 05:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-07-14 17:01 - 2019-07-04 05:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2019-07-14 17:01 - 2019-07-04 05:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2019-07-14 17:01 - 2019-07-04 05:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-07-14 17:01 - 2019-07-04 05:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-07-14 17:01 - 2019-07-04 05:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-07-14 17:01 - 2019-07-04 05:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-07-14 17:01 - 2019-07-04 05:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-07-14 17:01 - 2019-07-04 05:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-07-14 17:01 - 2019-07-04 05:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-07-14 17:01 - 2019-07-04 05:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-07-14 17:01 - 2019-07-04 05:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2019-07-14 17:01 - 2019-07-04 05:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-07-14 17:01 - 2019-06-13 13:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-07-14 17:01 - 2019-06-13 13:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-07-14 17:01 - 2019-06-13 13:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-07-14 17:01 - 2019-06-13 13:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-07-14 17:01 - 2019-06-13 13:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-07-14 17:01 - 2019-06-13 12:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-07-14 17:01 - 2019-06-13 12:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-07-14 17:01 - 2019-06-13 12:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-07-14 17:01 - 2019-06-13 12:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-07-14 17:01 - 2019-06-13 12:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2019-07-14 17:01 - 2019-06-13 12:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-07-14 17:01 - 2019-06-13 12:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe 2019-07-14 17:01 - 2019-06-13 12:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2019-07-14 17:01 - 2019-06-13 12:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2019-07-14 17:01 - 2019-06-13 12:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-07-14 17:01 - 2019-06-13 12:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-07-14 17:01 - 2019-06-13 12:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-07-14 17:01 - 2019-06-13 12:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll 2019-07-14 17:01 - 2019-06-13 12:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-07-14 17:01 - 2019-06-13 12:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2019-07-14 17:01 - 2019-06-13 12:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe 2019-07-14 17:01 - 2019-06-13 12:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-07-14 17:01 - 2019-06-13 12:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2019-07-14 17:01 - 2019-06-13 12:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll 2019-07-14 17:01 - 2019-06-13 12:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2019-07-14 17:01 - 2019-06-13 11:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2019-07-14 17:01 - 2019-06-13 11:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-07-14 17:01 - 2019-06-13 10:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2019-07-14 17:01 - 2019-06-13 10:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-07-14 17:01 - 2019-06-13 10:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2019-07-14 17:01 - 2019-06-13 08:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2019-07-14 17:01 - 2019-06-13 08:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-07-14 17:01 - 2019-06-13 08:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-07-14 17:01 - 2019-06-13 07:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll 2019-07-14 17:01 - 2019-06-13 07:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-07-14 17:01 - 2019-06-13 07:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2019-07-14 17:01 - 2019-06-13 07:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-07-14 17:01 - 2019-06-13 07:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-07-14 17:01 - 2019-06-13 07:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-07-14 17:01 - 2019-06-13 07:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2019-07-14 17:01 - 2019-06-13 07:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-07-14 17:01 - 2019-06-13 07:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-07-14 17:01 - 2019-06-13 07:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2019-07-14 17:01 - 2019-06-13 07:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll 2019-07-14 17:01 - 2019-06-13 07:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-07-14 17:01 - 2019-06-13 07:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2019-07-14 17:01 - 2019-06-13 07:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-07-14 17:01 - 2019-06-13 07:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-07-14 17:01 - 2019-06-13 07:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2019-07-14 17:01 - 2019-06-13 07:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-07-14 17:01 - 2019-06-13 06:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2019-07-14 17:01 - 2019-06-13 06:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2019-07-14 17:01 - 2019-06-13 06:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-07-14 17:01 - 2019-06-13 05:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2019-07-14 17:01 - 2019-06-13 05:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2019-07-14 17:01 - 2019-06-13 05:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-07-14 17:01 - 2019-06-13 05:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2019-07-14 17:01 - 2019-06-07 11:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-07-14 17:01 - 2019-06-07 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-07-14 17:01 - 2019-06-07 11:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-07-14 17:01 - 2019-06-07 06:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-07-14 17:01 - 2019-06-07 06:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-07-14 17:01 - 2019-06-07 06:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-07-14 17:01 - 2019-06-07 06:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-07-14 17:01 - 2019-06-07 06:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-07-14 17:01 - 2019-06-07 06:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-07-14 17:01 - 2019-06-07 06:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-07-14 17:01 - 2019-06-07 06:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-07-14 17:01 - 2019-06-07 06:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-07-14 17:01 - 2019-06-07 06:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2019-07-14 17:01 - 2019-06-07 06:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-07-14 17:01 - 2019-05-18 23:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-07-14 17:01 - 2019-05-17 13:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2019-07-14 17:01 - 2019-05-17 13:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-07-14 17:01 - 2019-05-17 13:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2019-07-14 17:01 - 2019-05-17 13:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-07-14 17:01 - 2019-05-17 12:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2019-07-14 17:01 - 2019-05-17 07:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2019-07-14 17:01 - 2019-05-17 07:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-07-14 17:01 - 2019-05-17 07:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-07-14 17:01 - 2019-05-17 07:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-07-14 17:01 - 2019-05-17 07:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2019-07-14 17:01 - 2019-05-17 07:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2019-07-14 17:01 - 2019-05-17 07:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2019-07-14 17:01 - 2019-05-17 07:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2019-07-14 17:01 - 2019-05-17 07:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2019-07-14 17:01 - 2019-05-17 07:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-07-14 17:01 - 2019-05-17 07:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-07-14 17:01 - 2019-05-17 07:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-07-14 17:01 - 2019-05-17 06:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-07-14 17:01 - 2019-05-17 06:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-07-14 17:01 - 2019-05-17 06:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-07-14 17:01 - 2019-05-17 06:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2019-07-14 17:01 - 2019-05-17 06:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-07-14 17:01 - 2019-05-17 06:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2019-07-14 17:01 - 2019-05-17 06:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-07-14 17:01 - 2019-05-17 06:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2019-07-14 17:00 - 2019-07-04 10:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-07-14 17:00 - 2019-07-04 10:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-07-14 17:00 - 2019-07-04 10:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-07-14 17:00 - 2019-07-04 10:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-07-14 17:00 - 2019-07-04 10:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-07-14 17:00 - 2019-07-04 10:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2019-07-14 17:00 - 2019-07-04 09:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-07-14 17:00 - 2019-07-04 05:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2019-07-14 17:00 - 2019-07-04 05:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-07-14 17:00 - 2019-07-04 05:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-07-14 17:00 - 2019-07-04 05:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-07-14 17:00 - 2019-07-04 05:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-07-14 17:00 - 2019-07-04 05:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-07-14 17:00 - 2019-07-04 05:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-07-14 17:00 - 2019-07-04 05:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-07-14 17:00 - 2019-07-04 05:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2019-07-14 17:00 - 2019-07-04 05:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2019-07-14 17:00 - 2019-07-04 05:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-07-14 17:00 - 2019-07-04 05:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-07-14 17:00 - 2019-07-04 05:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-07-14 17:00 - 2019-07-04 05:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-07-14 17:00 - 2019-07-04 05:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-07-14 17:00 - 2019-07-04 05:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-07-14 17:00 - 2019-07-04 05:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-07-14 17:00 - 2019-07-04 05:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-07-14 17:00 - 2019-07-04 05:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-07-14 17:00 - 2019-07-04 05:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2019-07-14 17:00 - 2019-07-04 05:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2019-07-14 17:00 - 2019-07-04 05:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2019-07-14 17:00 - 2019-07-04 05:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-07-14 17:00 - 2019-07-04 05:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-07-14 17:00 - 2019-07-04 05:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-07-14 17:00 - 2019-07-04 05:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-07-14 17:00 - 2019-07-04 05:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-07-14 17:00 - 2019-07-04 05:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-07-14 17:00 - 2019-07-04 05:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2019-07-14 17:00 - 2019-07-04 04:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim 2019-07-14 17:00 - 2019-06-21 09:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2019-07-14 17:00 - 2019-06-13 12:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-07-14 17:00 - 2019-06-13 12:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll 2019-07-14 17:00 - 2019-06-13 12:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe 2019-07-14 17:00 - 2019-06-13 12:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2019-07-14 17:00 - 2019-06-13 12:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe 2019-07-14 17:00 - 2019-06-13 12:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll 2019-07-14 17:00 - 2019-06-13 12:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2019-07-14 17:00 - 2019-06-13 12:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2019-07-14 17:00 - 2019-06-13 12:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2019-07-14 17:00 - 2019-06-13 12:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe 2019-07-14 17:00 - 2019-06-13 12:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll 2019-07-14 17:00 - 2019-06-13 12:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2019-07-14 17:00 - 2019-06-13 12:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2019-07-14 17:00 - 2019-06-13 12:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2019-07-14 17:00 - 2019-06-13 12:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2019-07-14 17:00 - 2019-06-13 11:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll 2019-07-14 17:00 - 2019-06-13 11:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll 2019-07-14 17:00 - 2019-06-13 10:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll 2019-07-14 17:00 - 2019-06-13 10:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2019-07-14 17:00 - 2019-06-13 10:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2019-07-14 17:00 - 2019-06-13 10:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2019-07-14 17:00 - 2019-06-13 10:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll 2019-07-14 17:00 - 2019-06-13 08:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll 2019-07-14 17:00 - 2019-06-13 08:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-07-14 17:00 - 2019-06-13 07:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-07-14 17:00 - 2019-06-13 07:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2019-07-14 17:00 - 2019-06-13 07:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll 2019-07-14 17:00 - 2019-06-13 07:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2019-07-14 17:00 - 2019-06-13 07:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2019-07-14 17:00 - 2019-06-13 07:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-07-14 17:00 - 2019-06-13 07:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2019-07-14 17:00 - 2019-06-13 07:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2019-07-14 17:00 - 2019-06-13 07:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll 2019-07-14 17:00 - 2019-06-13 07:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2019-07-14 17:00 - 2019-06-13 07:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2019-07-14 17:00 - 2019-06-13 07:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll 2019-07-14 17:00 - 2019-06-13 07:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2019-07-14 17:00 - 2019-06-13 07:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-07-14 17:00 - 2019-06-13 07:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2019-07-14 17:00 - 2019-06-13 07:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2019-07-14 17:00 - 2019-06-13 07:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2019-07-14 17:00 - 2019-06-13 07:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2019-07-14 17:00 - 2019-06-13 07:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2019-07-14 17:00 - 2019-06-13 07:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2019-07-14 17:00 - 2019-06-13 06:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2019-07-14 17:00 - 2019-06-13 06:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll 2019-07-14 17:00 - 2019-06-13 06:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2019-07-14 17:00 - 2019-06-13 06:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-07-14 17:00 - 2019-06-13 05:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2019-07-14 17:00 - 2019-06-13 05:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2019-07-14 17:00 - 2019-06-13 05:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-07-14 17:00 - 2019-06-13 05:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2019-07-14 17:00 - 2019-06-13 05:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2019-07-14 17:00 - 2019-06-13 05:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-07-14 17:00 - 2019-06-13 05:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2019-07-14 17:00 - 2019-06-13 05:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 05:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2019-07-14 17:00 - 2019-06-07 11:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-07-14 17:00 - 2019-06-07 11:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-07-14 17:00 - 2019-06-07 11:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-07-14 17:00 - 2019-06-07 07:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2019-07-14 17:00 - 2019-06-07 06:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll 2019-07-14 17:00 - 2019-06-07 06:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-07-14 17:00 - 2019-06-07 06:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2019-07-14 17:00 - 2019-06-07 06:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-07-14 17:00 - 2019-06-07 06:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2019-07-14 17:00 - 2019-06-07 06:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-07-14 17:00 - 2019-06-07 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-07-14 17:00 - 2019-06-07 06:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-07-14 17:00 - 2019-06-07 06:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2019-07-14 17:00 - 2019-06-07 06:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll 2019-07-14 17:00 - 2019-06-07 06:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2019-07-14 17:00 - 2019-06-07 06:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-07-14 17:00 - 2019-06-07 06:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2019-07-14 17:00 - 2019-06-07 06:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-07-14 17:00 - 2019-06-07 06:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-07-14 17:00 - 2019-06-07 06:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll 2019-07-14 17:00 - 2019-06-07 06:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-07-14 17:00 - 2019-06-07 06:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2019-07-14 17:00 - 2019-05-18 23:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-07-14 17:00 - 2019-05-18 23:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-07-14 17:00 - 2019-05-18 23:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2019-07-14 17:00 - 2019-05-17 13:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2019-07-14 17:00 - 2019-05-17 13:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe 2019-07-14 17:00 - 2019-05-17 13:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2019-07-14 17:00 - 2019-05-17 13:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2019-07-14 17:00 - 2019-05-17 13:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2019-07-14 17:00 - 2019-05-17 13:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll 2019-07-14 17:00 - 2019-05-17 13:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2019-07-14 17:00 - 2019-05-17 13:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll 2019-07-14 17:00 - 2019-05-17 13:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2019-07-14 17:00 - 2019-05-17 13:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-07-14 17:00 - 2019-05-17 13:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2019-07-14 17:00 - 2019-05-17 13:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL 2019-07-14 17:00 - 2019-05-17 12:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2019-07-14 17:00 - 2019-05-17 12:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll 2019-07-14 17:00 - 2019-05-17 12:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-07-14 17:00 - 2019-05-17 12:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2019-07-14 17:00 - 2019-05-17 12:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2019-07-14 17:00 - 2019-05-17 12:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-07-14 17:00 - 2019-05-17 12:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2019-07-14 17:00 - 2019-05-17 10:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-07-14 17:00 - 2019-05-17 09:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-07-14 17:00 - 2019-05-17 08:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2019-07-14 17:00 - 2019-05-17 07:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2019-07-14 17:00 - 2019-05-17 07:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2019-07-14 17:00 - 2019-05-17 07:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2019-07-14 17:00 - 2019-05-17 07:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll 2019-07-14 17:00 - 2019-05-17 07:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2019-07-14 17:00 - 2019-05-17 07:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2019-07-14 17:00 - 2019-05-17 07:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-07-14 17:00 - 2019-05-17 07:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2019-07-14 17:00 - 2019-05-17 07:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2019-07-14 17:00 - 2019-05-17 07:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe 2019-07-14 17:00 - 2019-05-17 07:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2019-07-14 17:00 - 2019-05-17 07:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2019-07-14 17:00 - 2019-05-17 07:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2019-07-14 17:00 - 2019-05-17 07:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2019-07-14 17:00 - 2019-05-17 07:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2019-07-14 17:00 - 2019-05-17 07:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-07-14 17:00 - 2019-05-17 07:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll 2019-07-14 17:00 - 2019-05-17 06:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2019-07-14 17:00 - 2019-05-17 06:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-07-14 17:00 - 2019-05-17 06:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2019-07-14 17:00 - 2019-05-17 06:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-07-14 17:00 - 2019-05-17 06:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe 2019-07-14 17:00 - 2019-05-17 06:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2019-07-14 17:00 - 2019-05-17 06:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2019-07-14 17:00 - 2019-05-17 06:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2019-07-14 17:00 - 2019-05-17 06:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2019-07-14 17:00 - 2019-05-17 06:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2019-07-14 17:00 - 2019-05-17 06:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2019-07-14 17:00 - 2019-05-17 06:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2019-07-14 17:00 - 2019-05-17 06:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-07-14 17:00 - 2019-05-17 06:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2019-07-14 17:00 - 2019-05-17 06:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2019-07-14 16:49 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Evidence.avi 2019-07-14 16:17 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Itdoesnt work.avi 2019-07-14 16:15 - 2019-02-13 06:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2019-07-14 16:00 - 2019-07-14 16:00 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5 (1).exe 2019-07-14 15:58 - 2019-07-23 19:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup 2019-07-14 15:51 - 2019-07-15 12:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2019-07-14 15:51 - 2019-07-14 15:51 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2019-07-14 15:28 - 2019-07-22 18:43 - 000000000 ____D C:\Users\astra\AppData\Roaming\NCH Software 2019-07-14 15:28 - 2019-07-22 18:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\ProgramData\NCH Software 2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\Program Files (x86)\NCH Software 2019-07-14 15:28 - 2019-07-14 15:28 - 000001317 _____ C:\Users\Public\Desktop\NCH Suite.lnk 2019-07-14 15:28 - 2019-07-14 15:28 - 000001203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk 2019-07-14 15:28 - 2019-07-14 15:28 - 000001191 _____ C:\Users\Public\Desktop\Debut Video Capture Software.lnk 2019-07-14 15:27 - 2019-07-14 15:27 - 002421848 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftwareFree.exe 2019-07-14 15:26 - 2019-07-14 15:26 - 002422872 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftware.exe 2019-07-14 15:24 - 2019-07-14 15:24 - 055488424 _____ (Apowersoft LIMITED ) C:\Users\astra\Downloads\apowerrec-135.exe 2019-07-14 15:22 - 2019-07-14 15:22 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5.exe 2019-07-14 15:18 - 2019-07-14 15:19 - 069823400 _____ (obsproject.com) C:\Users\astra\Downloads\OBS-Studio-23.2.1-Full-Installer-x64.exe 2019-07-13 19:31 - 2019-07-13 19:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2019-07-13 15:41 - 2019-07-15 13:40 - 000000000 ___RD C:\Users\astra\Dropbox 2019-07-13 15:41 - 2019-07-13 15:41 - 000001307 _____ C:\Users\astra\Desktop\Dropbox.lnk 2019-07-13 15:33 - 2019-07-13 15:33 - 000000000 ____D C:\Users\astra\AppData\Roaming\Dropbox 2019-07-13 15:32 - 2019-07-22 18:49 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-07-13 15:32 - 2019-07-13 17:06 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2019-07-13 15:32 - 2019-07-13 17:06 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2019-07-13 15:32 - 2019-07-13 15:41 - 000000000 ____D C:\Users\astra\AppData\Local\Dropbox 2019-07-13 15:32 - 2019-07-13 15:32 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller (1).exe 2019-07-13 15:32 - 2019-07-13 15:32 - 000003984 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2019-07-13 15:32 - 2019-07-13 15:32 - 000003752 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2019-07-13 15:32 - 2019-07-13 15:32 - 000000000 ____D C:\ProgramData\Dropbox 2019-07-13 15:25 - 2019-07-13 15:25 - 000000000 ____D C:\Program Files\UNP 2019-07-13 15:11 - 2019-07-13 15:11 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller.exe 2019-07-13 15:09 - 2019-07-13 15:09 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-23 19:32 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-07-23 19:30 - 2018-08-10 03:36 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-07-23 19:30 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2019-07-23 19:26 - 2018-08-10 03:44 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck 2019-07-23 19:25 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-07-23 19:25 - 2017-08-11 00:21 - 000000000 __SHD C:\Users\astra\IntelGraphicsProfiles 2019-07-23 19:24 - 2019-06-03 01:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-07-23 19:23 - 2018-08-10 03:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-07-23 19:22 - 2018-08-10 03:25 - 000000000 ____D C:\Users\astra 2019-07-23 19:22 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-07-23 16:52 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-07-23 16:33 - 2018-04-11 22:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2019-07-23 16:31 - 2018-08-10 03:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-07-23 06:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-07-22 18:45 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-07-16 22:55 - 2019-06-03 01:36 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk 2019-07-16 22:55 - 2019-06-03 01:36 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk 2019-07-16 22:49 - 2017-08-12 15:34 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-07-16 22:49 - 2017-08-12 15:34 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-07-16 22:46 - 2017-08-11 00:26 - 000000000 ____D C:\Users\astra\AppData\Local\CrashDumps 2019-07-15 15:42 - 2017-08-11 03:03 - 002033568 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\system32\DAX2 2019-07-15 13:05 - 2019-04-27 20:35 - 000000000 ____D C:\Program Files\Common Files\AV 2019-07-15 12:24 - 2019-03-02 18:53 - 000000000 ____D C:\Users\astra\AppData\Local\D3DSCache 2019-07-15 12:22 - 2018-10-17 23:39 - 000000000 ___RD C:\Users\astra\3D Objects 2019-07-15 12:22 - 2017-01-06 00:02 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-07-15 12:19 - 2018-08-10 03:19 - 005061952 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-07-15 12:18 - 2019-04-27 19:29 - 000002412 _____ C:\Users\Public\Desktop\Norton Security.lnk 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-07-15 12:12 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Provisioning 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-07-14 16:59 - 2017-08-12 12:02 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-07-14 16:33 - 2017-08-12 12:01 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-07-14 16:05 - 2018-01-26 09:32 - 000000000 ____D C:\Program Files\rempl 2019-07-14 15:52 - 2019-04-27 19:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64 2019-07-14 15:39 - 2018-10-18 01:27 - 000000000 ____D C:\ProgramData\Adobe 2019-07-14 15:15 - 2018-10-18 01:26 - 000000000 ____D C:\Users\astra\AppData\Local\Adobe 2019-07-14 15:14 - 2017-08-11 00:21 - 000000000 ____D C:\Users\astra\AppData\Roaming\Adobe 2019-07-13 17:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ELAMBKUP 2019-07-13 15:16 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-07-13 15:07 - 2017-01-06 00:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-07-13 14:44 - 2018-08-10 03:44 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1801165484-3255497710-3470013671-1002 2019-07-13 14:44 - 2018-08-10 03:25 - 000002371 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-07-13 14:44 - 2017-08-11 00:24 - 000000000 ___RD C:\Users\astra\OneDrive ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================ и Addition.... Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01 Ran by astra (23-07-2019 19:37:37) Running from C:\Users\astra\Desktop Windows 10 Home Version 1803 17134.885 (X64) (2018-08-10 02:46:21) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1801165484-3255497710-3470013671-500 - Administrator - Disabled) astra (S-1-5-21-1801165484-3255497710-3470013671-1002 - Administrator - Enabled) => C:\Users\astra DefaultAccount (S-1-5-21-1801165484-3255497710-3470013671-503 - Limited - Disabled) Guest (S-1-5-21-1801165484-3255497710-3470013671-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1801165484-3255497710-3470013671-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated) Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated) Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated) Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated) Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3008 - Acer Incorporated) Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated) Adobe Connect (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Adobe Connect App) (Version: 11.9.982.478 - Adobe Systems Inc.) AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.) Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.) Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.49 - NCH Software) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3019 - Acer Incorporated) Dropbox (HKLM-x32\...\Dropbox) (Version: 77.4.131 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden ELAN HIDI2C Filter Driver X64 13.6.7.2_WHQL (HKLM\...\Elantech) (Version: 13.6.7.2 - ELAN Microelectronic Corp.) Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 7.10 - NCH Software) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3A55D9C8-17B6-41F9-B9C2-4B1532DCD016}) (Version: 19.10.1635.0483 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{ed5cef80-a339-45bd-8c06-514eaf785ca8}) (Version: 19.71.0 - Intel Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11727.20244 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla) Norton Security (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Pentablet version 1.5.2.180829 (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 1.5.2.180829 - UGEE Technology Co.,Ltd) ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 7.22 - NCH Software) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) Packages: ========= Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-26] (Acer Incorporated) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-03] (Autodesk Inc.) Booking.com -> C:\Program Files\WindowsApps\Booking.com_1.0.1606.2210_x64__96rgg7pjt343r [2017-01-06] (CN=Acer Incorporated) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-22] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-13] (king.com) eBay -> C:\Program Files\WindowsApps\eBay_1.0.1606.2210_x64__96rgg7pjt343r [2017-01-06] (CN=Acer Incorporated) Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-08-12] (AMZN Mobile LLC) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Corporation) [MS Ad] March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.1.0.6_x86__h6adky7gbf63m [2019-07-13] (Gameloft.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad] Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Studios) MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad] Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-08-12] (MAGIX) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-07-13] (Netflix, Inc.) Norton Password Manager -> C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13] (Symantec Corporation) Norton Safe Web -> C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26] (Symantec Corporation) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-10-18] (Twitter Inc.) WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.76.0_x64__qt5r5pa5dyg8m [2019-07-13] (WildTangent Games) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1801165484-3255497710-3470013671-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\astra\Dropbox [2019-07-13 15:41] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxDTCM.dll [2018-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\astra\AppData\Local:fgLWSWvcNK90pVbNiuttcfY [2158] AlternateDataStreams: C:\Users\astra\AppData\Local\6Xrb7BuFYhaI:6cAhTWwnId6ZmRcDBKN9ftXRfR [1988] AlternateDataStreams: C:\Users\astra\AppData\Local\Temp:SRXsx872vxEMxDomUb [2152] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 12:47 - 2019-04-27 19:22 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{E5F7562B-8087-408D-BB92-FE85EAE24E06}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> ) FirewallRules: [{1CED9AF7-C2E4-4601-9F53-0D4A15D79526}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4FCD7CA6-3EC3-4577-92C6-D62DF955E70A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C2EAF120-A536-47AE-980D-EF2F8EA7BD08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{838AA21F-0809-4986-AD7A-2800780F07DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{29AB0F8B-66D4-4861-A599-D15A96774C1A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{9F7B2182-4AD3-4CEF-87C9-9BA0940FD01E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File FirewallRules: [{204B5F4D-1EF6-4678-A02B-5FCBE25E2DDD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File FirewallRules: [{14B95CFD-0740-469F-9B61-52C1A692DF74}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File FirewallRules: [{4B353FE0-2A63-48A1-96D5-465EF3CA5B31}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{DC36C9C9-C11B-43B8-9ED3-30347F18C419}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{1E303C68-A431-4E0C-80B8-3FA642A19F5D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology) FirewallRules: [{2C9F3EF0-87ED-4525-9AE2-207182083A0A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology) FirewallRules: [{3ED16D29-665C-4147-8DD8-8DEAD8F9AEF3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{98B55E2D-4153-4DDB-A2BA-8919843ABB84}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{99C30625-10D2-4F6B-BBE8-91CFE7B92870}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{CB2D87E8-9BD0-4F41-944E-B122536C42C6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{1CDC0D08-EA3D-4177-AE6F-D3C83EA126E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0A3323F7-E225-4DCE-8263-99C7EB92186F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F22EAC21-9A04-4333-A9FB-43688D470A57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{84A4FE6C-C5DF-4AA6-99AB-B01C079C62AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{F4881749-9682-4F05-BE05-0F0C5D6A3382}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{0E06B349-AF00-4A12-B7C4-ABCA920C0E77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{637E078F-3C4D-4EF5-A713-7B007747D38A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) ==================== Restore Points ========================= 14-07-2019 16:02:52 Windows Update 22-07-2019 18:39:46 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/23/2019 07:32:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x01c52b90 Faulting process ID: 0x2e7c Faulting application start time: 0x01d5418458272dfd Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe Faulting module path: unknown Report ID: 55864420-e3dd-4815-84d7-2015f7fe640b Faulting package full name: Faulting package-relative application ID: Error: (07/23/2019 07:32:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: AWC.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException at Amundsen.LSM.Load() at Amundsen.Program.TimeIntervalElapsed(Boolean) at Amundsen.Program.Main(System.String[]) Error: (07/23/2019 07:28:51 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program chrome.exe version 75.0.3770.142 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2ab8 Start Time: 01d54184303bf1d1 Termination Time: 32 Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Report Id: 3cda8669-c302-4e51-bdef-4332bb5a88e1 Faulting package full name: Faulting package-relative application ID: Error: (07/23/2019 07:28:50 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. Error: (07/23/2019 07:28:50 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. Error: (07/23/2019 07:28:50 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. Error: (07/23/2019 07:28:50 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. Error: (07/23/2019 07:28:35 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. System errors: ============= Error: (07/23/2019 07:31:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 07:28:55 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 07:27:31 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 07:25:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 07:25:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 07:24:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 04:43:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 04:41:46 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2018-10-18 01:39:46.496 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.277.1243.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15300.6 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. ==================== Memory info =========================== BIOS: Insyde Corp. V1.06 11/02/2016 Motherboard: Acer T-Rex_SK Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz Percentage of memory in use: 54% Total physical RAM: 8060.22 MB Available physical RAM: 3639.06 MB Total Virtual: 9340.22 MB Available Virtual: 4399.75 MB ==================== Drives ================================ Drive 😄 (Acer) (Fixed) (Total:481.18 GB) (Free:403.93 GB) NTFS Drive e: (Work) (Fixed) (Total:449.22 GB) (Free:421.28 GB) NTFS \\?\Volume{032d40ac-eca6-4db7-bcdb-a36256b5a3e4}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.57 GB) NTFS \\?\Volume{1f5023ca-1e9d-40b1-808a-26b415179399}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 4D3D691C) Partition: GPT. ==================== End of Addition.txt ============================
  8. РАзбира се.... ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2247272 2018-08-29] (Guangzhou Ugee Computers Technology Co.,Ltd -> UGEE) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM\...\Run: [CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662 (the data entry has 44 more characters). HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.) HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [GoogleChromeAutoLaunch_FE4A4543431CDBB1D3752425BDF66A5F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-07-13] (Google LLC -> Google LLC) HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [AdobeBridge] => [X] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-08-12] ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {014A4B1E-EB87-43CD-8771-3D54DF1E2FEF} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {04B91F18-5149-4C16-B37F-AB0B2B61BDF7} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-24] (Acer Incorporated -> ) Task: {0AB39C25-0879-435E-9F0F-5D56E3A138C4} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {0BD26A45-9552-4CC9-B6F7-DBFB1D6F6ABA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) Task: {1B7FAFCC-7B6C-4338-8C9A-36FBEFB2E11B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> ) Task: {21EFCF0F-D7E5-415F-9D4C-47811C875F5A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {27B37B28-F56A-4EC4-8297-EC519F12A84C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {2AAC5FDF-0122-469F-B5CF-02097774795A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {33C5F447-1E0B-48CC-88EA-1F13A16474A0} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {34910470-5ED1-48D2-A019-697167083F92} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [422704 2016-09-13] (Acer Incorporated -> Acer Incorporated) Task: {3F3B38E4-F290-45BE-A984-8A7A27EEC9D0} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {48835C3F-DCD3-49EA-BF10-F84338580BF6} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated) Task: {4BC6FF17-0170-4310-B3AF-37D5718078CE} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> ) Task: {4C850587-5334-4490-9BF5-5917C734163C} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {71BC7D34-AB7B-4A79-890D-F579C988584B} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {7A1114B3-BE7A-403E-9DE8-749333A208BE} - System32\Tasks\App Explorer => C:\Users\astra\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7241384 2019-05-22] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION Task: {8312D9D7-3701-433B-A083-10A6A2B7E5A9} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767152 2016-09-13] (Acer Incorporated -> Acer Incorporated) Task: {88737B2D-E0DB-4ED7-BED9-00F6AF0B0BBF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {903FA2A0-D83F-43EE-8D86-B52A8EDF1AE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {A51114AA-9E48-4A0C-9D7F-956D10D153D5} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> ) Task: {A84FECC7-DBF5-4F97-B26B-10048D49DBE1} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {B2FD0A1B-C8D5-4EEC-9842-89EF760AAD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {C6D8FF7B-4BB1-48D2-935C-29B1348A05D5} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated) Task: {D0A73DEB-437E-4129-A07C-0FA3925E82C9} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {D5092C74-28AB-425D-826B-9BC89BEEECF1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-12] (Acer Incorporated -> TODO: <Company name>) Task: {D5F1D5F9-4EE8-4236-8816-BF4694DBBCC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {D6CAC0E2-774D-4065-A6A1-E2FEAD14E3C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {E5BD174C-13E0-4098-AB2D-264116D13CCF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504384 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {E743DBFC-E3E8-419E-ADF6-ADC2E84D97B3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {F5EB49F8-E72F-4AD4-B3F0-DE08F1B75DDA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{80bff6ca-ac63-49b4-b1c6-ad2f0eef04e7}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== Edge Extension: (Norton Password Manager) -> EdgeExtension_SymantecCorporation5478111E43ACF_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13] Edge Extension: (Norton Safe Web) -> EdgeExtension_SymantecCorporationNortonSafeWeb_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26] FireFox: ======== FF DefaultProfile: lrtt3h84.default FF ProfilePath: C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default [2019-03-02] FF Extension: (Amazon Assistant for Firefox) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\[email protected] [2017-08-12] [Legacy] FF Extension: (English (US) Language Pack) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\[email protected] [2017-08-12] [Legacy] FF Extension: (Mozilla Partner Defaults) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\[email protected] [2017-08-12] [Legacy] FF Extension: (Youtube Unblocker Remediation) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\features\{1bc4a344-5d8d-4fd1-97c6-f8c6065e34ec}\[email protected] [2017-08-12] [Legacy] FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2017-01-06] [Legacy] FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2017-01-06] [Legacy] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2017-01-06] [Legacy] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.co.uk/","hxxp://google.com/" CHR NewTab: Default -> Not-active:"chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html" CHR Profile: C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default [2019-07-23] CHR Extension: (Norton Password Manager) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2019-07-13] CHR Extension: (Flash Video Downloader) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-06-03] CHR Extension: (Docs) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-29] CHR Extension: (Google Drive) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-12] CHR Extension: (YouTube) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-12] CHR Extension: (Norton Safe Search) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2019-04-27] CHR Extension: (Norton Safe Web) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2019-07-13] CHR Extension: (Google Docs Offline) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-18] CHR Extension: (Grammarly for Chrome) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-07-23] CHR Extension: (Norton Home Page) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2019-04-27] CHR Extension: (Chrome Web Store Payments) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-21] CHR Extension: (Gmail) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-26] CHR Extension: (Chrome Media Router) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-13] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-25] (Microsoft Corporation -> Microsoft Corporation) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [181512 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [799928 2018-10-18] (ICEpower a/s -> ICEpower) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> ) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608 2019-06-20] (Symantec Corporation -> Symantec Corporation) R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe [933200 2019-06-20] (Symantec Corporation -> Symantec Corporation) R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated -> Acer Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11969880 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-09] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-09] (Microsoft Corporation -> Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3755176 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\BASHDefs\20190716.001\BHDrvx64.sys [1935880 2019-06-14] (Symantec Corporation -> Symantec Corporation) R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\ccSetx64.sys [192704 2019-06-20] (Symantec Corporation -> Symantec Corporation) R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2019-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-07-12] (Symantec Corporation -> Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-07-13] (Symantec Corporation -> Symantec Corporation) R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [172304 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\IPSDefs\20190722.061\IDSvia64.sys [1441800 2019-07-12] (Symantec Corporation -> Symantec Corporation) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7643648 2017-07-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-19] (Realtek Semiconductor Corp. -> Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSP64.SYS [864776 2019-06-20] (Symantec Corporation -> Symantec Corporation) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSPX64.SYS [49672 2019-06-20] (Symantec Corporation -> Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SYMEFASI64.SYS [1998552 2019-06-20] (Symantec Corporation -> Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SymELAM.sys [25744 2019-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-27] (Symantec Corporation -> Symantec Corporation) R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.0.183\SymPlatform\SymEvnt.sys [717832 2019-07-16] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\Ironx64.SYS [315912 2019-06-20] (Symantec Corporation -> Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\symnets.sys [573448 2019-06-20] (Symantec Corporation -> Symantec Corporation) R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-09] (Microsoft Windows -> Microsoft Corporation) S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\wpCtrlDrv.sys [1012120 2019-06-20] (Symantec Corporation -> Symantec Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-23 16:42 - 2019-07-23 16:47 - 000023230 _____ C:\Users\astra\Desktop\FRST.txt 2019-07-22 19:34 - 2019-07-23 16:39 - 000000000 ____D C:\FRST 2019-07-22 19:20 - 2019-07-22 19:20 - 002095104 _____ (Farbar) C:\Users\astra\Desktop\FRST64.exe 2019-07-22 19:14 - 2019-07-22 19:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2019-07-22 18:47 - 2019-07-22 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-07-16 22:25 - 2019-07-16 22:25 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys 2019-07-15 15:41 - 2019-07-15 15:41 - 000000000 ____D C:\WINDOWS\system32\DAX3 2019-07-15 12:51 - 2019-07-15 12:43 - 027886358 _____ C:\Users\astra\Desktop\Evidence_2.avi 2019-07-15 12:51 - 2019-07-15 11:42 - 010416140 _____ C:\Users\astra\Desktop\Evidence_1.avi 2019-07-15 11:54 - 2019-07-15 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu 2019-07-15 11:52 - 2019-07-15 11:53 - 000001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk 2019-07-15 11:52 - 2019-07-15 11:53 - 000001271 _____ C:\Users\Public\Desktop\Express Burn Disc Burning Software.lnk 2019-07-15 11:52 - 2019-07-15 11:52 - 000002381 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2019-07-15 11:52 - 2019-07-15 11:52 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2019-07-15 11:47 - 2019-07-15 11:47 - 000001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk 2019-07-15 11:47 - 2019-07-15 11:47 - 000001215 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk 2019-07-15 11:42 - 2019-07-15 11:50 - 402587648 _____ C:\Users\astra\Downloads\Adobe-Master-Collection-CS6-Windows.iso 2019-07-15 11:38 - 2019-07-15 11:38 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1 (1).exe 2019-07-15 11:38 - 2019-07-15 11:38 - 000000000 ____D C:\Program Files (x86)\WinCDEmu 2019-07-15 11:37 - 2019-07-15 11:37 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1.exe 2019-07-15 11:34 - 2019-07-15 11:34 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2019-07-15 11:33 - 2019-07-15 11:33 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2019-07-15 11:26 - 2019-07-15 11:26 - 000791712 _____ (Disc Soft Ltd.) C:\Users\astra\Downloads\DTLiteInstaller.exe 2019-07-14 17:02 - 2019-07-04 10:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-07-14 17:02 - 2019-07-04 05:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-07-14 17:02 - 2019-07-04 05:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-07-14 17:02 - 2019-07-04 05:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-07-14 17:02 - 2019-07-04 05:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-07-14 17:02 - 2019-07-04 05:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-07-14 17:02 - 2019-05-17 07:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-07-14 17:02 - 2019-05-17 06:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-07-14 17:01 - 2019-07-04 10:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-07-14 17:01 - 2019-07-04 10:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-07-14 17:01 - 2019-07-04 10:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-07-14 17:01 - 2019-07-04 10:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-07-14 17:01 - 2019-07-04 10:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-07-14 17:01 - 2019-07-04 09:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-07-14 17:01 - 2019-07-04 09:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-07-14 17:01 - 2019-07-04 09:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-07-14 17:01 - 2019-07-04 09:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-07-14 17:01 - 2019-07-04 09:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-07-14 17:01 - 2019-07-04 06:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-07-14 17:01 - 2019-07-04 05:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-07-14 17:01 - 2019-07-04 05:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-07-14 17:01 - 2019-07-04 05:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-07-14 17:01 - 2019-07-04 05:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-07-14 17:01 - 2019-07-04 05:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2019-07-14 17:01 - 2019-07-04 05:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-07-14 17:01 - 2019-07-04 05:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-07-14 17:01 - 2019-07-04 05:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-07-14 17:01 - 2019-07-04 05:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-07-14 17:01 - 2019-07-04 05:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-07-14 17:01 - 2019-07-04 05:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-07-14 17:01 - 2019-07-04 05:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-07-14 17:01 - 2019-07-04 05:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-07-14 17:01 - 2019-07-04 05:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-07-14 17:01 - 2019-07-04 05:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-07-14 17:01 - 2019-07-04 05:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2019-07-14 17:01 - 2019-07-04 05:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2019-07-14 17:01 - 2019-07-04 05:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-07-14 17:01 - 2019-07-04 05:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-07-14 17:01 - 2019-07-04 05:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-07-14 17:01 - 2019-07-04 05:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-07-14 17:01 - 2019-07-04 05:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-07-14 17:01 - 2019-07-04 05:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-07-14 17:01 - 2019-07-04 05:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-07-14 17:01 - 2019-07-04 05:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-07-14 17:01 - 2019-07-04 05:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2019-07-14 17:01 - 2019-07-04 05:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-07-14 17:01 - 2019-06-13 13:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-07-14 17:01 - 2019-06-13 13:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-07-14 17:01 - 2019-06-13 13:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-07-14 17:01 - 2019-06-13 13:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-07-14 17:01 - 2019-06-13 13:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-07-14 17:01 - 2019-06-13 12:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-07-14 17:01 - 2019-06-13 12:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-07-14 17:01 - 2019-06-13 12:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-07-14 17:01 - 2019-06-13 12:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-07-14 17:01 - 2019-06-13 12:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2019-07-14 17:01 - 2019-06-13 12:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-07-14 17:01 - 2019-06-13 12:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe 2019-07-14 17:01 - 2019-06-13 12:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2019-07-14 17:01 - 2019-06-13 12:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2019-07-14 17:01 - 2019-06-13 12:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-07-14 17:01 - 2019-06-13 12:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-07-14 17:01 - 2019-06-13 12:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-07-14 17:01 - 2019-06-13 12:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll 2019-07-14 17:01 - 2019-06-13 12:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-07-14 17:01 - 2019-06-13 12:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2019-07-14 17:01 - 2019-06-13 12:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe 2019-07-14 17:01 - 2019-06-13 12:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-07-14 17:01 - 2019-06-13 12:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2019-07-14 17:01 - 2019-06-13 12:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll 2019-07-14 17:01 - 2019-06-13 12:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2019-07-14 17:01 - 2019-06-13 11:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2019-07-14 17:01 - 2019-06-13 11:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-07-14 17:01 - 2019-06-13 10:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2019-07-14 17:01 - 2019-06-13 10:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-07-14 17:01 - 2019-06-13 10:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2019-07-14 17:01 - 2019-06-13 08:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2019-07-14 17:01 - 2019-06-13 08:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-07-14 17:01 - 2019-06-13 08:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-07-14 17:01 - 2019-06-13 07:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll 2019-07-14 17:01 - 2019-06-13 07:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-07-14 17:01 - 2019-06-13 07:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2019-07-14 17:01 - 2019-06-13 07:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-07-14 17:01 - 2019-06-13 07:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-07-14 17:01 - 2019-06-13 07:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-07-14 17:01 - 2019-06-13 07:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2019-07-14 17:01 - 2019-06-13 07:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-07-14 17:01 - 2019-06-13 07:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-07-14 17:01 - 2019-06-13 07:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2019-07-14 17:01 - 2019-06-13 07:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll 2019-07-14 17:01 - 2019-06-13 07:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-07-14 17:01 - 2019-06-13 07:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2019-07-14 17:01 - 2019-06-13 07:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-07-14 17:01 - 2019-06-13 07:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-07-14 17:01 - 2019-06-13 07:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2019-07-14 17:01 - 2019-06-13 07:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-07-14 17:01 - 2019-06-13 06:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2019-07-14 17:01 - 2019-06-13 06:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2019-07-14 17:01 - 2019-06-13 06:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-07-14 17:01 - 2019-06-13 05:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2019-07-14 17:01 - 2019-06-13 05:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2019-07-14 17:01 - 2019-06-13 05:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-07-14 17:01 - 2019-06-13 05:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2019-07-14 17:01 - 2019-06-07 11:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-07-14 17:01 - 2019-06-07 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-07-14 17:01 - 2019-06-07 11:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-07-14 17:01 - 2019-06-07 06:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-07-14 17:01 - 2019-06-07 06:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-07-14 17:01 - 2019-06-07 06:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-07-14 17:01 - 2019-06-07 06:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-07-14 17:01 - 2019-06-07 06:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-07-14 17:01 - 2019-06-07 06:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-07-14 17:01 - 2019-06-07 06:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-07-14 17:01 - 2019-06-07 06:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-07-14 17:01 - 2019-06-07 06:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-07-14 17:01 - 2019-06-07 06:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2019-07-14 17:01 - 2019-06-07 06:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-07-14 17:01 - 2019-05-18 23:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-07-14 17:01 - 2019-05-17 13:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2019-07-14 17:01 - 2019-05-17 13:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-07-14 17:01 - 2019-05-17 13:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2019-07-14 17:01 - 2019-05-17 13:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-07-14 17:01 - 2019-05-17 12:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2019-07-14 17:01 - 2019-05-17 07:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2019-07-14 17:01 - 2019-05-17 07:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-07-14 17:01 - 2019-05-17 07:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-07-14 17:01 - 2019-05-17 07:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-07-14 17:01 - 2019-05-17 07:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2019-07-14 17:01 - 2019-05-17 07:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2019-07-14 17:01 - 2019-05-17 07:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2019-07-14 17:01 - 2019-05-17 07:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2019-07-14 17:01 - 2019-05-17 07:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2019-07-14 17:01 - 2019-05-17 07:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-07-14 17:01 - 2019-05-17 07:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-07-14 17:01 - 2019-05-17 07:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-07-14 17:01 - 2019-05-17 06:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-07-14 17:01 - 2019-05-17 06:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-07-14 17:01 - 2019-05-17 06:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-07-14 17:01 - 2019-05-17 06:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2019-07-14 17:01 - 2019-05-17 06:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-07-14 17:01 - 2019-05-17 06:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2019-07-14 17:01 - 2019-05-17 06:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-07-14 17:01 - 2019-05-17 06:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2019-07-14 17:00 - 2019-07-04 10:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-07-14 17:00 - 2019-07-04 10:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-07-14 17:00 - 2019-07-04 10:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-07-14 17:00 - 2019-07-04 10:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-07-14 17:00 - 2019-07-04 10:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-07-14 17:00 - 2019-07-04 10:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2019-07-14 17:00 - 2019-07-04 09:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-07-14 17:00 - 2019-07-04 05:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2019-07-14 17:00 - 2019-07-04 05:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-07-14 17:00 - 2019-07-04 05:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-07-14 17:00 - 2019-07-04 05:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-07-14 17:00 - 2019-07-04 05:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-07-14 17:00 - 2019-07-04 05:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-07-14 17:00 - 2019-07-04 05:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-07-14 17:00 - 2019-07-04 05:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-07-14 17:00 - 2019-07-04 05:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2019-07-14 17:00 - 2019-07-04 05:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2019-07-14 17:00 - 2019-07-04 05:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-07-14 17:00 - 2019-07-04 05:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-07-14 17:00 - 2019-07-04 05:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-07-14 17:00 - 2019-07-04 05:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-07-14 17:00 - 2019-07-04 05:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-07-14 17:00 - 2019-07-04 05:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-07-14 17:00 - 2019-07-04 05:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-07-14 17:00 - 2019-07-04 05:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-07-14 17:00 - 2019-07-04 05:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-07-14 17:00 - 2019-07-04 05:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2019-07-14 17:00 - 2019-07-04 05:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2019-07-14 17:00 - 2019-07-04 05:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2019-07-14 17:00 - 2019-07-04 05:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-07-14 17:00 - 2019-07-04 05:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-07-14 17:00 - 2019-07-04 05:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-07-14 17:00 - 2019-07-04 05:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-07-14 17:00 - 2019-07-04 05:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-07-14 17:00 - 2019-07-04 05:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-07-14 17:00 - 2019-07-04 05:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2019-07-14 17:00 - 2019-07-04 04:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim 2019-07-14 17:00 - 2019-06-21 09:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2019-07-14 17:00 - 2019-06-13 12:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-07-14 17:00 - 2019-06-13 12:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll 2019-07-14 17:00 - 2019-06-13 12:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe 2019-07-14 17:00 - 2019-06-13 12:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2019-07-14 17:00 - 2019-06-13 12:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe 2019-07-14 17:00 - 2019-06-13 12:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll 2019-07-14 17:00 - 2019-06-13 12:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2019-07-14 17:00 - 2019-06-13 12:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2019-07-14 17:00 - 2019-06-13 12:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2019-07-14 17:00 - 2019-06-13 12:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe 2019-07-14 17:00 - 2019-06-13 12:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll 2019-07-14 17:00 - 2019-06-13 12:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2019-07-14 17:00 - 2019-06-13 12:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2019-07-14 17:00 - 2019-06-13 12:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2019-07-14 17:00 - 2019-06-13 12:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2019-07-14 17:00 - 2019-06-13 11:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll 2019-07-14 17:00 - 2019-06-13 11:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll 2019-07-14 17:00 - 2019-06-13 10:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll 2019-07-14 17:00 - 2019-06-13 10:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2019-07-14 17:00 - 2019-06-13 10:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2019-07-14 17:00 - 2019-06-13 10:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2019-07-14 17:00 - 2019-06-13 10:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll 2019-07-14 17:00 - 2019-06-13 08:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll 2019-07-14 17:00 - 2019-06-13 08:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-07-14 17:00 - 2019-06-13 07:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-07-14 17:00 - 2019-06-13 07:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2019-07-14 17:00 - 2019-06-13 07:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll 2019-07-14 17:00 - 2019-06-13 07:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2019-07-14 17:00 - 2019-06-13 07:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2019-07-14 17:00 - 2019-06-13 07:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-07-14 17:00 - 2019-06-13 07:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2019-07-14 17:00 - 2019-06-13 07:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2019-07-14 17:00 - 2019-06-13 07:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll 2019-07-14 17:00 - 2019-06-13 07:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2019-07-14 17:00 - 2019-06-13 07:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2019-07-14 17:00 - 2019-06-13 07:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll 2019-07-14 17:00 - 2019-06-13 07:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2019-07-14 17:00 - 2019-06-13 07:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-07-14 17:00 - 2019-06-13 07:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2019-07-14 17:00 - 2019-06-13 07:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2019-07-14 17:00 - 2019-06-13 07:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2019-07-14 17:00 - 2019-06-13 07:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2019-07-14 17:00 - 2019-06-13 07:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2019-07-14 17:00 - 2019-06-13 07:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2019-07-14 17:00 - 2019-06-13 06:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2019-07-14 17:00 - 2019-06-13 06:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll 2019-07-14 17:00 - 2019-06-13 06:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2019-07-14 17:00 - 2019-06-13 06:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-07-14 17:00 - 2019-06-13 05:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2019-07-14 17:00 - 2019-06-13 05:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2019-07-14 17:00 - 2019-06-13 05:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-07-14 17:00 - 2019-06-13 05:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2019-07-14 17:00 - 2019-06-13 05:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2019-07-14 17:00 - 2019-06-13 05:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-07-14 17:00 - 2019-06-13 05:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2019-07-14 17:00 - 2019-06-13 05:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 05:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2019-07-14 17:00 - 2019-06-07 11:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-07-14 17:00 - 2019-06-07 11:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-07-14 17:00 - 2019-06-07 11:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-07-14 17:00 - 2019-06-07 07:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2019-07-14 17:00 - 2019-06-07 06:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll 2019-07-14 17:00 - 2019-06-07 06:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-07-14 17:00 - 2019-06-07 06:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2019-07-14 17:00 - 2019-06-07 06:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-07-14 17:00 - 2019-06-07 06:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2019-07-14 17:00 - 2019-06-07 06:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-07-14 17:00 - 2019-06-07 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-07-14 17:00 - 2019-06-07 06:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-07-14 17:00 - 2019-06-07 06:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2019-07-14 17:00 - 2019-06-07 06:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll 2019-07-14 17:00 - 2019-06-07 06:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2019-07-14 17:00 - 2019-06-07 06:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-07-14 17:00 - 2019-06-07 06:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2019-07-14 17:00 - 2019-06-07 06:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-07-14 17:00 - 2019-06-07 06:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-07-14 17:00 - 2019-06-07 06:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll 2019-07-14 17:00 - 2019-06-07 06:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-07-14 17:00 - 2019-06-07 06:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2019-07-14 17:00 - 2019-05-18 23:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-07-14 17:00 - 2019-05-18 23:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-07-14 17:00 - 2019-05-18 23:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2019-07-14 17:00 - 2019-05-17 13:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2019-07-14 17:00 - 2019-05-17 13:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe 2019-07-14 17:00 - 2019-05-17 13:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2019-07-14 17:00 - 2019-05-17 13:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2019-07-14 17:00 - 2019-05-17 13:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2019-07-14 17:00 - 2019-05-17 13:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll 2019-07-14 17:00 - 2019-05-17 13:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2019-07-14 17:00 - 2019-05-17 13:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll 2019-07-14 17:00 - 2019-05-17 13:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2019-07-14 17:00 - 2019-05-17 13:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-07-14 17:00 - 2019-05-17 13:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2019-07-14 17:00 - 2019-05-17 13:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL 2019-07-14 17:00 - 2019-05-17 12:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2019-07-14 17:00 - 2019-05-17 12:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll 2019-07-14 17:00 - 2019-05-17 12:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-07-14 17:00 - 2019-05-17 12:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2019-07-14 17:00 - 2019-05-17 12:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2019-07-14 17:00 - 2019-05-17 12:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-07-14 17:00 - 2019-05-17 12:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2019-07-14 17:00 - 2019-05-17 10:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-07-14 17:00 - 2019-05-17 09:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-07-14 17:00 - 2019-05-17 08:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2019-07-14 17:00 - 2019-05-17 07:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2019-07-14 17:00 - 2019-05-17 07:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2019-07-14 17:00 - 2019-05-17 07:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2019-07-14 17:00 - 2019-05-17 07:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll 2019-07-14 17:00 - 2019-05-17 07:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2019-07-14 17:00 - 2019-05-17 07:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2019-07-14 17:00 - 2019-05-17 07:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-07-14 17:00 - 2019-05-17 07:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2019-07-14 17:00 - 2019-05-17 07:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2019-07-14 17:00 - 2019-05-17 07:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe 2019-07-14 17:00 - 2019-05-17 07:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2019-07-14 17:00 - 2019-05-17 07:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2019-07-14 17:00 - 2019-05-17 07:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2019-07-14 17:00 - 2019-05-17 07:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2019-07-14 17:00 - 2019-05-17 07:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2019-07-14 17:00 - 2019-05-17 07:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-07-14 17:00 - 2019-05-17 07:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll 2019-07-14 17:00 - 2019-05-17 06:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2019-07-14 17:00 - 2019-05-17 06:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-07-14 17:00 - 2019-05-17 06:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2019-07-14 17:00 - 2019-05-17 06:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-07-14 17:00 - 2019-05-17 06:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe 2019-07-14 17:00 - 2019-05-17 06:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2019-07-14 17:00 - 2019-05-17 06:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2019-07-14 17:00 - 2019-05-17 06:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2019-07-14 17:00 - 2019-05-17 06:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2019-07-14 17:00 - 2019-05-17 06:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2019-07-14 17:00 - 2019-05-17 06:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2019-07-14 17:00 - 2019-05-17 06:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2019-07-14 17:00 - 2019-05-17 06:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-07-14 17:00 - 2019-05-17 06:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2019-07-14 17:00 - 2019-05-17 06:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2019-07-14 16:49 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Evidence.avi 2019-07-14 16:17 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Itdoesnt work.avi 2019-07-14 16:15 - 2019-02-13 06:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2019-07-14 16:00 - 2019-07-14 16:00 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5 (1).exe 2019-07-14 15:58 - 2019-07-23 16:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup 2019-07-14 15:51 - 2019-07-15 12:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2019-07-14 15:51 - 2019-07-14 15:51 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2019-07-14 15:28 - 2019-07-22 18:43 - 000000000 ____D C:\Users\astra\AppData\Roaming\NCH Software 2019-07-14 15:28 - 2019-07-22 18:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\ProgramData\NCH Software 2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\Program Files (x86)\NCH Software 2019-07-14 15:28 - 2019-07-14 15:28 - 000001317 _____ C:\Users\Public\Desktop\NCH Suite.lnk 2019-07-14 15:28 - 2019-07-14 15:28 - 000001203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk 2019-07-14 15:28 - 2019-07-14 15:28 - 000001191 _____ C:\Users\Public\Desktop\Debut Video Capture Software.lnk 2019-07-14 15:27 - 2019-07-14 15:27 - 002421848 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftwareFree.exe 2019-07-14 15:26 - 2019-07-14 15:26 - 002422872 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftware.exe 2019-07-14 15:24 - 2019-07-14 15:24 - 055488424 _____ (Apowersoft LIMITED ) C:\Users\astra\Downloads\apowerrec-135.exe 2019-07-14 15:22 - 2019-07-14 15:22 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5.exe 2019-07-14 15:18 - 2019-07-14 15:19 - 069823400 _____ (obsproject.com) C:\Users\astra\Downloads\OBS-Studio-23.2.1-Full-Installer-x64.exe 2019-07-13 19:31 - 2019-07-13 19:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2019-07-13 15:41 - 2019-07-15 13:40 - 000000000 ___RD C:\Users\astra\Dropbox 2019-07-13 15:41 - 2019-07-13 15:41 - 000001307 _____ C:\Users\astra\Desktop\Dropbox.lnk 2019-07-13 15:33 - 2019-07-13 15:33 - 000000000 ____D C:\Users\astra\AppData\Roaming\Dropbox 2019-07-13 15:32 - 2019-07-22 18:49 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-07-13 15:32 - 2019-07-13 17:06 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2019-07-13 15:32 - 2019-07-13 17:06 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2019-07-13 15:32 - 2019-07-13 15:41 - 000000000 ____D C:\Users\astra\AppData\Local\Dropbox 2019-07-13 15:32 - 2019-07-13 15:32 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller (1).exe 2019-07-13 15:32 - 2019-07-13 15:32 - 000003984 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2019-07-13 15:32 - 2019-07-13 15:32 - 000003752 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2019-07-13 15:32 - 2019-07-13 15:32 - 000000000 ____D C:\ProgramData\Dropbox 2019-07-13 15:25 - 2019-07-13 15:25 - 000000000 ____D C:\Program Files\UNP 2019-07-13 15:11 - 2019-07-13 15:11 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller.exe 2019-07-13 15:09 - 2019-07-13 15:09 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-23 16:46 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-07-23 16:42 - 2017-08-11 00:18 - 000000000 ____D C:\Users\astra\AppData\Local\Host App Service 2019-07-23 16:41 - 2018-08-10 03:36 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-07-23 16:41 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2019-07-23 16:38 - 2018-08-10 03:44 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck 2019-07-23 16:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-07-23 16:37 - 2017-08-11 00:21 - 000000000 __SHD C:\Users\astra\IntelGraphicsProfiles 2019-07-23 16:36 - 2019-06-03 01:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-07-23 16:35 - 2018-08-10 03:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-07-23 16:34 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-07-23 16:33 - 2018-04-11 22:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2019-07-23 16:31 - 2018-08-10 03:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-07-23 06:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-07-22 18:58 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-07-22 18:45 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-07-16 22:55 - 2019-06-03 01:36 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk 2019-07-16 22:55 - 2019-06-03 01:36 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk 2019-07-16 22:49 - 2017-08-12 15:34 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-07-16 22:49 - 2017-08-12 15:34 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-07-16 22:46 - 2017-08-11 00:26 - 000000000 ____D C:\Users\astra\AppData\Local\CrashDumps 2019-07-15 16:17 - 2018-08-10 03:25 - 000000000 ____D C:\Users\astra 2019-07-15 15:42 - 2017-08-11 03:03 - 002033568 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\system32\DAX2 2019-07-15 13:05 - 2019-04-27 20:35 - 000000000 ____D C:\Program Files\Common Files\AV 2019-07-15 12:24 - 2019-03-02 18:53 - 000000000 ____D C:\Users\astra\AppData\Local\D3DSCache 2019-07-15 12:22 - 2018-10-17 23:39 - 000000000 ___RD C:\Users\astra\3D Objects 2019-07-15 12:22 - 2017-01-06 00:02 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-07-15 12:19 - 2018-08-10 03:19 - 005061952 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-07-15 12:18 - 2019-04-27 19:29 - 000002412 _____ C:\Users\Public\Desktop\Norton Security.lnk 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-07-15 12:12 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Provisioning 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-07-14 16:59 - 2017-08-12 12:02 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-07-14 16:33 - 2017-08-12 12:01 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-07-14 16:05 - 2018-01-26 09:32 - 000000000 ____D C:\Program Files\rempl 2019-07-14 15:52 - 2019-04-27 19:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64 2019-07-14 15:39 - 2018-10-18 01:27 - 000000000 ____D C:\ProgramData\Adobe 2019-07-14 15:15 - 2018-10-18 01:26 - 000000000 ____D C:\Users\astra\AppData\Local\Adobe 2019-07-14 15:14 - 2017-08-11 00:21 - 000000000 ____D C:\Users\astra\AppData\Roaming\Adobe 2019-07-13 17:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ELAMBKUP 2019-07-13 15:16 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-07-13 15:07 - 2017-01-06 00:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-07-13 14:44 - 2018-08-10 03:44 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1801165484-3255497710-3470013671-1002 2019-07-13 14:44 - 2018-08-10 03:25 - 000002371 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-07-13 14:44 - 2017-08-11 00:24 - 000000000 ___RD C:\Users\astra\OneDrive ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================ започва и свършва както оригиналния фаил - би трябвало да е пълен (този път) да прикача ли самите файлове ако има съмнение някакво?
  9. "............. Drive 😄 (Acer) (Fixed) (Total:481.18 GB) (Free:405.7 GB) NTFS ........................" Drive С: (Acer) е толкова весел....ха ха
  10. Здравейте отново, Прилагам съдържанието на генерираните файлове (последна ъпдейтната версия на тях, която току що беше приключена, тъйкато след последната направена вчера, компютъра се ъпдейтна). FRST: ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2247272 2018-08-29] (Guangzhou Ugee Computers Technology Co.,Ltd -> UGEE) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM\...\Run: [CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662 (the data entry has 44 more characters). HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.) HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [GoogleChromeAutoLaunch_FE4A4543431CDBB1D3752425BDF66A5F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-07-13] (Google LLC -> Google LLC) HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [AdobeBridge] => [X] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-08-12] ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {014A4B1E-EB87-43CD-8771-3D54DF1E2FEF} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {04B91F18-5149-4C16-B37F-AB0B2B61BDF7} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-24] (Acer Incorporated -> ) Task: {0AB39C25-0879-435E-9F0F-5D56E3A138C4} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {0BD26A45-9552-4CC9-B6F7-DBFB1D6F6ABA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) Task: {1B7FAFCC-7B6C-4338-8C9A-36FBEFB2E11B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> ) Task: {21EFCF0F-D7E5-415F-9D4C-47811C875F5A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {27B37B28-F56A-4EC4-8297-EC519F12A84C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {2AAC5FDF-0122-469F-B5CF-02097774795A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {33C5F447-1E0B-48CC-88EA-1F13A16474A0} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {34910470-5ED1-48D2-A019-697167083F92} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [422704 2016-09-13] (Acer Incorporated -> Acer Incorporated) Task: {3F3B38E4-F290-45BE-A984-8A7A27EEC9D0} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {48835C3F-DCD3-49EA-BF10-F84338580BF6} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated) Task: {4BC6FF17-0170-4310-B3AF-37D5718078CE} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> ) Task: {4C850587-5334-4490-9BF5-5917C734163C} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {71BC7D34-AB7B-4A79-890D-F579C988584B} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {7A1114B3-BE7A-403E-9DE8-749333A208BE} - System32\Tasks\App Explorer => C:\Users\astra\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7241384 2019-05-22] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION Task: {8312D9D7-3701-433B-A083-10A6A2B7E5A9} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767152 2016-09-13] (Acer Incorporated -> Acer Incorporated) Task: {88737B2D-E0DB-4ED7-BED9-00F6AF0B0BBF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {903FA2A0-D83F-43EE-8D86-B52A8EDF1AE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {A51114AA-9E48-4A0C-9D7F-956D10D153D5} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> ) Task: {A84FECC7-DBF5-4F97-B26B-10048D49DBE1} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {B2FD0A1B-C8D5-4EEC-9842-89EF760AAD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {C6D8FF7B-4BB1-48D2-935C-29B1348A05D5} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated) Task: {D0A73DEB-437E-4129-A07C-0FA3925E82C9} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation) Task: {D5092C74-28AB-425D-826B-9BC89BEEECF1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-12] (Acer Incorporated -> TODO: <Company name>) Task: {D5F1D5F9-4EE8-4236-8816-BF4694DBBCC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.) Task: {D6CAC0E2-774D-4065-A6A1-E2FEAD14E3C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation) Task: {E5BD174C-13E0-4098-AB2D-264116D13CCF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504384 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {E743DBFC-E3E8-419E-ADF6-ADC2E84D97B3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {F5EB49F8-E72F-4AD4-B3F0-DE08F1B75DDA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{80bff6ca-ac63-49b4-b1c6-ad2f0eef04e7}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== Edge Extension: (Norton Password Manager) -> EdgeExtension_SymantecCorporation5478111E43ACF_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13] Edge Extension: (Norton Safe Web) -> EdgeExtension_SymantecCorporationNortonSafeWeb_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26] FireFox: ======== FF DefaultProfile: lrtt3h84.default FF ProfilePath: C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default [2019-03-02] FF Extension: (Amazon Assistant for Firefox) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\[email protected] [2017-08-12] [Legacy] FF Extension: (English (US) Language Pack) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\[email protected] [2017-08-12] [Legacy] FF Extension: (Mozilla Partner Defaults) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\[email protected] [2017-08-12] [Legacy] FF Extension: (Youtube Unblocker Remediation) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\features\{1bc4a344-5d8d-4fd1-97c6-f8c6065e34ec}\[email protected] [2017-08-12] [Legacy] FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2017-01-06] [Legacy] FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2017-01-06] [Legacy] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2017-01-06] [Legacy] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.co.uk/","hxxp://google.com/" CHR NewTab: Default -> Not-active:"chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html" CHR Profile: C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default [2019-07-23] CHR Extension: (Norton Password Manager) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2019-07-13] CHR Extension: (Flash Video Downloader) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-06-03] CHR Extension: (Docs) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-29] CHR Extension: (Google Drive) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-12] CHR Extension: (YouTube) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-12] CHR Extension: (Norton Safe Search) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2019-04-27] CHR Extension: (Norton Safe Web) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2019-07-13] CHR Extension: (Google Docs Offline) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-18] CHR Extension: (Grammarly for Chrome) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-07-23] CHR Extension: (Norton Home Page) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2019-04-27] CHR Extension: (Chrome Web Store Payments) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-21] CHR Extension: (Gmail) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-26] CHR Extension: (Chrome Media Router) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-13] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-25] (Microsoft Corporation -> Microsoft Corporation) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [181512 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [799928 2018-10-18] (ICEpower a/s -> ICEpower) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> ) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608 2019-06-20] (Symantec Corporation -> Symantec Corporation) R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe [933200 2019-06-20] (Symantec Corporation -> Symantec Corporation) R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated -> Acer Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11969880 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-09] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-09] (Microsoft Corporation -> Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3755176 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\BASHDefs\20190716.001\BHDrvx64.sys [1935880 2019-06-14] (Symantec Corporation -> Symantec Corporation) R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\ccSetx64.sys [192704 2019-06-20] (Symantec Corporation -> Symantec Corporation) R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2019-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-07-12] (Symantec Corporation -> Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-07-13] (Symantec Corporation -> Symantec Corporation) R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [172304 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\IPSDefs\20190722.061\IDSvia64.sys [1441800 2019-07-12] (Symantec Corporation -> Symantec Corporation) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7643648 2017-07-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-19] (Realtek Semiconductor Corp. -> Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSP64.SYS [864776 2019-06-20] (Symantec Corporation -> Symantec Corporation) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSPX64.SYS [49672 2019-06-20] (Symantec Corporation -> Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SYMEFASI64.SYS [1998552 2019-06-20] (Symantec Corporation -> Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SymELAM.sys [25744 2019-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-27] (Symantec Corporation -> Symantec Corporation) R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.0.183\SymPlatform\SymEvnt.sys [717832 2019-07-16] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\Ironx64.SYS [315912 2019-06-20] (Symantec Corporation -> Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\symnets.sys [573448 2019-06-20] (Symantec Corporation -> Symantec Corporation) R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-09] (Microsoft Windows -> Microsoft Corporation) S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\wpCtrlDrv.sys [1012120 2019-06-20] (Symantec Corporation -> Symantec Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-23 16:42 - 2019-07-23 16:47 - 000023230 _____ C:\Users\astra\Desktop\FRST.txt 2019-07-22 19:34 - 2019-07-23 16:39 - 000000000 ____D C:\FRST 2019-07-22 19:20 - 2019-07-22 19:20 - 002095104 _____ (Farbar) C:\Users\astra\Desktop\FRST64.exe 2019-07-22 19:14 - 2019-07-22 19:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2019-07-22 18:47 - 2019-07-22 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-07-16 22:25 - 2019-07-16 22:25 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys 2019-07-15 15:41 - 2019-07-15 15:41 - 000000000 ____D C:\WINDOWS\system32\DAX3 2019-07-15 12:51 - 2019-07-15 12:43 - 027886358 _____ C:\Users\astra\Desktop\Evidence_2.avi 2019-07-15 12:51 - 2019-07-15 11:42 - 010416140 _____ C:\Users\astra\Desktop\Evidence_1.avi 2019-07-15 11:54 - 2019-07-15 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu 2019-07-15 11:52 - 2019-07-15 11:53 - 000001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk 2019-07-15 11:52 - 2019-07-15 11:53 - 000001271 _____ C:\Users\Public\Desktop\Express Burn Disc Burning Software.lnk 2019-07-15 11:52 - 2019-07-15 11:52 - 000002381 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2019-07-15 11:52 - 2019-07-15 11:52 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk 2019-07-15 11:47 - 2019-07-15 11:47 - 000001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk 2019-07-15 11:47 - 2019-07-15 11:47 - 000001215 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk 2019-07-15 11:42 - 2019-07-15 11:50 - 402587648 _____ C:\Users\astra\Downloads\Adobe-Master-Collection-CS6-Windows.iso 2019-07-15 11:38 - 2019-07-15 11:38 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1 (1).exe 2019-07-15 11:38 - 2019-07-15 11:38 - 000000000 ____D C:\Program Files (x86)\WinCDEmu 2019-07-15 11:37 - 2019-07-15 11:37 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1.exe 2019-07-15 11:34 - 2019-07-15 11:34 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2019-07-15 11:33 - 2019-07-15 11:33 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2019-07-15 11:26 - 2019-07-15 11:26 - 000791712 _____ (Disc Soft Ltd.) C:\Users\astra\Downloads\DTLiteInstaller.exe 2019-07-14 17:02 - 2019-07-04 10:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-07-14 17:02 - 2019-07-04 05:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-07-14 17:02 - 2019-07-04 05:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-07-14 17:02 - 2019-07-04 05:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-07-14 17:02 - 2019-07-04 05:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-07-14 17:02 - 2019-07-04 05:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-07-14 17:02 - 2019-05-17 07:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-07-14 17:02 - 2019-05-17 06:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-07-14 17:01 - 2019-07-04 10:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-07-14 17:01 - 2019-07-04 10:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-07-14 17:01 - 2019-07-04 10:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-07-14 17:01 - 2019-07-04 10:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-07-14 17:01 - 2019-07-04 10:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-07-14 17:01 - 2019-07-04 09:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-07-14 17:01 - 2019-07-04 09:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-07-14 17:01 - 2019-07-04 09:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-07-14 17:01 - 2019-07-04 09:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-07-14 17:01 - 2019-07-04 09:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-07-14 17:01 - 2019-07-04 06:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-07-14 17:01 - 2019-07-04 05:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-07-14 17:01 - 2019-07-04 05:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-07-14 17:01 - 2019-07-04 05:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-07-14 17:01 - 2019-07-04 05:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-07-14 17:01 - 2019-07-04 05:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2019-07-14 17:01 - 2019-07-04 05:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-07-14 17:01 - 2019-07-04 05:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-07-14 17:01 - 2019-07-04 05:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-07-14 17:01 - 2019-07-04 05:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-07-14 17:01 - 2019-07-04 05:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-07-14 17:01 - 2019-07-04 05:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-07-14 17:01 - 2019-07-04 05:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-07-14 17:01 - 2019-07-04 05:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-07-14 17:01 - 2019-07-04 05:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-07-14 17:01 - 2019-07-04 05:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-07-14 17:01 - 2019-07-04 05:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-07-14 17:01 - 2019-07-04 05:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2019-07-14 17:01 - 2019-07-04 05:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2019-07-14 17:01 - 2019-07-04 05:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2019-07-14 17:01 - 2019-07-04 05:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-07-14 17:01 - 2019-07-04 05:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-07-14 17:01 - 2019-07-04 05:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-07-14 17:01 - 2019-07-04 05:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-07-14 17:01 - 2019-07-04 05:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-07-14 17:01 - 2019-07-04 05:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-07-14 17:01 - 2019-07-04 05:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-07-14 17:01 - 2019-07-04 05:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-07-14 17:01 - 2019-07-04 05:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-07-14 17:01 - 2019-07-04 05:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-07-14 17:01 - 2019-07-04 05:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-07-14 17:01 - 2019-07-04 05:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2019-07-14 17:01 - 2019-07-04 05:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-07-14 17:01 - 2019-06-13 13:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-07-14 17:01 - 2019-06-13 13:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-07-14 17:01 - 2019-06-13 13:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-07-14 17:01 - 2019-06-13 13:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-07-14 17:01 - 2019-06-13 13:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-07-14 17:01 - 2019-06-13 12:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-07-14 17:01 - 2019-06-13 12:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-07-14 17:01 - 2019-06-13 12:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-07-14 17:01 - 2019-06-13 12:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-07-14 17:01 - 2019-06-13 12:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2019-07-14 17:01 - 2019-06-13 12:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-07-14 17:01 - 2019-06-13 12:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe 2019-07-14 17:01 - 2019-06-13 12:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2019-07-14 17:01 - 2019-06-13 12:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2019-07-14 17:01 - 2019-06-13 12:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-07-14 17:01 - 2019-06-13 12:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-07-14 17:01 - 2019-06-13 12:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-07-14 17:01 - 2019-06-13 12:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll 2019-07-14 17:01 - 2019-06-13 12:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-07-14 17:01 - 2019-06-13 12:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2019-07-14 17:01 - 2019-06-13 12:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe 2019-07-14 17:01 - 2019-06-13 12:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-07-14 17:01 - 2019-06-13 12:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2019-07-14 17:01 - 2019-06-13 12:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll 2019-07-14 17:01 - 2019-06-13 12:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2019-07-14 17:01 - 2019-06-13 11:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2019-07-14 17:01 - 2019-06-13 11:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-07-14 17:01 - 2019-06-13 10:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2019-07-14 17:01 - 2019-06-13 10:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-07-14 17:01 - 2019-06-13 10:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2019-07-14 17:01 - 2019-06-13 08:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2019-07-14 17:01 - 2019-06-13 08:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-07-14 17:01 - 2019-06-13 08:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-07-14 17:01 - 2019-06-13 07:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll 2019-07-14 17:01 - 2019-06-13 07:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-07-14 17:01 - 2019-06-13 07:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2019-07-14 17:01 - 2019-06-13 07:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-07-14 17:01 - 2019-06-13 07:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-07-14 17:01 - 2019-06-13 07:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2019-07-14 17:01 - 2019-06-13 07:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-07-14 17:01 - 2019-06-13 07:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2019-07-14 17:01 - 2019-06-13 07:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-07-14 17:01 - 2019-06-13 07:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-07-14 17:01 - 2019-06-13 07:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2019-07-14 17:01 - 2019-06-13 07:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2019-07-14 17:01 - 2019-06-13 07:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll 2019-07-14 17:01 - 2019-06-13 07:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-07-14 17:01 - 2019-06-13 07:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2019-07-14 17:01 - 2019-06-13 07:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-07-14 17:01 - 2019-06-13 07:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-07-14 17:01 - 2019-06-13 07:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2019-07-14 17:01 - 2019-06-13 07:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-07-14 17:01 - 2019-06-13 06:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2019-07-14 17:01 - 2019-06-13 06:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2019-07-14 17:01 - 2019-06-13 06:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-07-14 17:01 - 2019-06-13 05:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2019-07-14 17:01 - 2019-06-13 05:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2019-07-14 17:01 - 2019-06-13 05:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-07-14 17:01 - 2019-06-13 05:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2019-07-14 17:01 - 2019-06-07 11:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-07-14 17:01 - 2019-06-07 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-07-14 17:01 - 2019-06-07 11:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-07-14 17:01 - 2019-06-07 06:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-07-14 17:01 - 2019-06-07 06:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-07-14 17:01 - 2019-06-07 06:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-07-14 17:01 - 2019-06-07 06:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-07-14 17:01 - 2019-06-07 06:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-07-14 17:01 - 2019-06-07 06:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-07-14 17:01 - 2019-06-07 06:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-07-14 17:01 - 2019-06-07 06:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-07-14 17:01 - 2019-06-07 06:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-07-14 17:01 - 2019-06-07 06:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2019-07-14 17:01 - 2019-06-07 06:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-07-14 17:01 - 2019-05-18 23:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-07-14 17:01 - 2019-05-17 13:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2019-07-14 17:01 - 2019-05-17 13:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-07-14 17:01 - 2019-05-17 13:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2019-07-14 17:01 - 2019-05-17 13:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-07-14 17:01 - 2019-05-17 12:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2019-07-14 17:01 - 2019-05-17 07:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2019-07-14 17:01 - 2019-05-17 07:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2019-07-14 17:01 - 2019-05-17 07:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-07-14 17:01 - 2019-05-17 07:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-07-14 17:01 - 2019-05-17 07:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-07-14 17:01 - 2019-05-17 07:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2019-07-14 17:01 - 2019-05-17 07:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2019-07-14 17:01 - 2019-05-17 07:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2019-07-14 17:01 - 2019-05-17 07:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2019-07-14 17:01 - 2019-05-17 07:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-07-14 17:01 - 2019-05-17 07:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2019-07-14 17:01 - 2019-05-17 07:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-07-14 17:01 - 2019-05-17 07:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-07-14 17:01 - 2019-05-17 07:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-07-14 17:01 - 2019-05-17 06:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-07-14 17:01 - 2019-05-17 06:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-07-14 17:01 - 2019-05-17 06:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-07-14 17:01 - 2019-05-17 06:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2019-07-14 17:01 - 2019-05-17 06:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-07-14 17:01 - 2019-05-17 06:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2019-07-14 17:01 - 2019-05-17 06:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2019-07-14 17:01 - 2019-05-17 06:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-07-14 17:01 - 2019-05-17 06:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2019-07-14 17:00 - 2019-07-04 10:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-07-14 17:00 - 2019-07-04 10:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-07-14 17:00 - 2019-07-04 10:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-07-14 17:00 - 2019-07-04 10:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-07-14 17:00 - 2019-07-04 10:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-07-14 17:00 - 2019-07-04 10:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2019-07-14 17:00 - 2019-07-04 09:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-07-14 17:00 - 2019-07-04 05:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2019-07-14 17:00 - 2019-07-04 05:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-07-14 17:00 - 2019-07-04 05:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-07-14 17:00 - 2019-07-04 05:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-07-14 17:00 - 2019-07-04 05:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-07-14 17:00 - 2019-07-04 05:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-07-14 17:00 - 2019-07-04 05:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-07-14 17:00 - 2019-07-04 05:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-07-14 17:00 - 2019-07-04 05:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2019-07-14 17:00 - 2019-07-04 05:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-07-14 17:00 - 2019-07-04 05:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2019-07-14 17:00 - 2019-07-04 05:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2019-07-14 17:00 - 2019-07-04 05:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-07-14 17:00 - 2019-07-04 05:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-07-14 17:00 - 2019-07-04 05:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-07-14 17:00 - 2019-07-04 05:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-07-14 17:00 - 2019-07-04 05:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-07-14 17:00 - 2019-07-04 05:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-07-14 17:00 - 2019-07-04 05:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-07-14 17:00 - 2019-07-04 05:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-07-14 17:00 - 2019-07-04 05:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-07-14 17:00 - 2019-07-04 05:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2019-07-14 17:00 - 2019-07-04 05:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2019-07-14 17:00 - 2019-07-04 05:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-07-14 17:00 - 2019-07-04 05:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2019-07-14 17:00 - 2019-07-04 05:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-07-14 17:00 - 2019-07-04 05:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-07-14 17:00 - 2019-07-04 05:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-07-14 17:00 - 2019-07-04 05:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-07-14 17:00 - 2019-07-04 05:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-07-14 17:00 - 2019-07-04 05:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-07-14 17:00 - 2019-07-04 05:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2019-07-14 17:00 - 2019-07-04 04:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim 2019-07-14 17:00 - 2019-06-21 09:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2019-07-14 17:00 - 2019-06-13 12:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-07-14 17:00 - 2019-06-13 12:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll 2019-07-14 17:00 - 2019-06-13 12:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe 2019-07-14 17:00 - 2019-06-13 12:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2019-07-14 17:00 - 2019-06-13 12:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe 2019-07-14 17:00 - 2019-06-13 12:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll 2019-07-14 17:00 - 2019-06-13 12:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2019-07-14 17:00 - 2019-06-13 12:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2019-07-14 17:00 - 2019-06-13 12:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2019-07-14 17:00 - 2019-06-13 12:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe 2019-07-14 17:00 - 2019-06-13 12:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll 2019-07-14 17:00 - 2019-06-13 12:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2019-07-14 17:00 - 2019-06-13 12:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2019-07-14 17:00 - 2019-06-13 12:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2019-07-14 17:00 - 2019-06-13 12:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2019-07-14 17:00 - 2019-06-13 11:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll 2019-07-14 17:00 - 2019-06-13 11:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll 2019-07-14 17:00 - 2019-06-13 10:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll 2019-07-14 17:00 - 2019-06-13 10:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2019-07-14 17:00 - 2019-06-13 10:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2019-07-14 17:00 - 2019-06-13 10:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2019-07-14 17:00 - 2019-06-13 10:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll 2019-07-14 17:00 - 2019-06-13 08:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll 2019-07-14 17:00 - 2019-06-13 08:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-07-14 17:00 - 2019-06-13 07:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-07-14 17:00 - 2019-06-13 07:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2019-07-14 17:00 - 2019-06-13 07:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll 2019-07-14 17:00 - 2019-06-13 07:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2019-07-14 17:00 - 2019-06-13 07:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2019-07-14 17:00 - 2019-06-13 07:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-07-14 17:00 - 2019-06-13 07:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2019-07-14 17:00 - 2019-06-13 07:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2019-07-14 17:00 - 2019-06-13 07:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll 2019-07-14 17:00 - 2019-06-13 07:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2019-07-14 17:00 - 2019-06-13 07:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2019-07-14 17:00 - 2019-06-13 07:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll 2019-07-14 17:00 - 2019-06-13 07:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2019-07-14 17:00 - 2019-06-13 07:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-07-14 17:00 - 2019-06-13 07:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2019-07-14 17:00 - 2019-06-13 07:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2019-07-14 17:00 - 2019-06-13 07:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2019-07-14 17:00 - 2019-06-13 07:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2019-07-14 17:00 - 2019-06-13 07:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 07:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2019-07-14 17:00 - 2019-06-13 07:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2019-07-14 17:00 - 2019-06-13 06:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2019-07-14 17:00 - 2019-06-13 06:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll 2019-07-14 17:00 - 2019-06-13 06:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2019-07-14 17:00 - 2019-06-13 06:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-07-14 17:00 - 2019-06-13 05:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2019-07-14 17:00 - 2019-06-13 05:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2019-07-14 17:00 - 2019-06-13 05:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-07-14 17:00 - 2019-06-13 05:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2019-07-14 17:00 - 2019-06-13 05:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2019-07-14 17:00 - 2019-06-13 05:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2019-07-14 17:00 - 2019-06-13 05:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-07-14 17:00 - 2019-06-13 05:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2019-07-14 17:00 - 2019-06-13 05:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2019-07-14 17:00 - 2019-06-13 05:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2019-07-14 17:00 - 2019-06-07 11:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-07-14 17:00 - 2019-06-07 11:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-07-14 17:00 - 2019-06-07 11:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-07-14 17:00 - 2019-06-07 07:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2019-07-14 17:00 - 2019-06-07 06:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll 2019-07-14 17:00 - 2019-06-07 06:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-07-14 17:00 - 2019-06-07 06:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-07-14 17:00 - 2019-06-07 06:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2019-07-14 17:00 - 2019-06-07 06:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-07-14 17:00 - 2019-06-07 06:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2019-07-14 17:00 - 2019-06-07 06:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-07-14 17:00 - 2019-06-07 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-07-14 17:00 - 2019-06-07 06:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-07-14 17:00 - 2019-06-07 06:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2019-07-14 17:00 - 2019-06-07 06:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll 2019-07-14 17:00 - 2019-06-07 06:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2019-07-14 17:00 - 2019-06-07 06:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-07-14 17:00 - 2019-06-07 06:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2019-07-14 17:00 - 2019-06-07 06:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-07-14 17:00 - 2019-06-07 06:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-07-14 17:00 - 2019-06-07 06:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll 2019-07-14 17:00 - 2019-06-07 06:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-07-14 17:00 - 2019-06-07 06:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2019-07-14 17:00 - 2019-05-18 23:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-07-14 17:00 - 2019-05-18 23:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-07-14 17:00 - 2019-05-18 23:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2019-07-14 17:00 - 2019-05-17 13:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2019-07-14 17:00 - 2019-05-17 13:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe 2019-07-14 17:00 - 2019-05-17 13:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2019-07-14 17:00 - 2019-05-17 13:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2019-07-14 17:00 - 2019-05-17 13:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2019-07-14 17:00 - 2019-05-17 13:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll 2019-07-14 17:00 - 2019-05-17 13:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2019-07-14 17:00 - 2019-05-17 13:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll 2019-07-14 17:00 - 2019-05-17 13:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2019-07-14 17:00 - 2019-05-17 13:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-07-14 17:00 - 2019-05-17 13:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2019-07-14 17:00 - 2019-05-17 13:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL 2019-07-14 17:00 - 2019-05-17 12:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2019-07-14 17:00 - 2019-05-17 12:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll 2019-07-14 17:00 - 2019-05-17 12:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-07-14 17:00 - 2019-05-17 12:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2019-07-14 17:00 - 2019-05-17 12:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2019-07-14 17:00 - 2019-05-17 12:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-07-14 17:00 - 2019-05-17 12:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2019-07-14 17:00 - 2019-05-17 10:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-07-14 17:00 - 2019-05-17 09:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-07-14 17:00 - 2019-05-17 08:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2019-07-14 17:00 - 2019-05-17 07:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2019-07-14 17:00 - 2019-05-17 07:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2019-07-14 17:00 - 2019-05-17 07:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2019-07-14 17:00 - 2019-05-17 07:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll 2019-07-14 17:00 - 2019-05-17 07:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2019-07-14 17:00 - 2019-05-17 07:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2019-07-14 17:00 - 2019-05-17 07:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-07-14 17:00 - 2019-05-17 07:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2019-07-14 17:00 - 2019-05-17 07:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2019-07-14 17:00 - 2019-05-17 07:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe 2019-07-14 17:00 - 2019-05-17 07:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2019-07-14 17:00 - 2019-05-17 07:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2019-07-14 17:00 - 2019-05-17 07:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2019-07-14 17:00 - 2019-05-17 07:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2019-07-14 17:00 - 2019-05-17 07:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2019-07-14 17:00 - 2019-05-17 07:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-07-14 17:00 - 2019-05-17 07:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll 2019-07-14 17:00 - 2019-05-17 06:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2019-07-14 17:00 - 2019-05-17 06:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-07-14 17:00 - 2019-05-17 06:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2019-07-14 17:00 - 2019-05-17 06:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-07-14 17:00 - 2019-05-17 06:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-07-14 17:00 - 2019-05-17 06:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe 2019-07-14 17:00 - 2019-05-17 06:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2019-07-14 17:00 - 2019-05-17 06:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2019-07-14 17:00 - 2019-05-17 06:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2019-07-14 17:00 - 2019-05-17 06:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2019-07-14 17:00 - 2019-05-17 06:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2019-07-14 17:00 - 2019-05-17 06:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2019-07-14 17:00 - 2019-05-17 06:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2019-07-14 17:00 - 2019-05-17 06:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-07-14 17:00 - 2019-05-17 06:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2019-07-14 17:00 - 2019-05-17 06:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2019-07-14 16:49 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Evidence.avi 2019-07-14 16:17 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Itdoesnt work.avi 2019-07-14 16:15 - 2019-02-13 06:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2019-07-14 16:00 - 2019-07-14 16:00 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5 (1).exe 2019-07-14 15:58 - 2019-07-23 16:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup 2019-07-14 15:51 - 2019-07-15 12:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2019-07-14 15:51 - 2019-07-14 15:51 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2019-07-14 15:28 - 2019-07-22 18:43 - 000000000 ____D C:\Users\astra\AppData\Roaming\NCH Software 2019-07-14 15:28 - 2019-07-22 18:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\ProgramData\NCH Software 2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\Program Files (x86)\NCH Software 2019-07-14 15:28 - 2019-07-14 15:28 - 000001317 _____ C:\Users\Public\Desktop\NCH Suite.lnk 2019-07-14 15:28 - 2019-07-14 15:28 - 000001203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk 2019-07-14 15:28 - 2019-07-14 15:28 - 000001191 _____ C:\Users\Public\Desktop\Debut Video Capture Software.lnk 2019-07-14 15:27 - 2019-07-14 15:27 - 002421848 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftwareFree.exe 2019-07-14 15:26 - 2019-07-14 15:26 - 002422872 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftware.exe 2019-07-14 15:24 - 2019-07-14 15:24 - 055488424 _____ (Apowersoft LIMITED ) C:\Users\astra\Downloads\apowerrec-135.exe 2019-07-14 15:22 - 2019-07-14 15:22 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5.exe 2019-07-14 15:18 - 2019-07-14 15:19 - 069823400 _____ (obsproject.com) C:\Users\astra\Downloads\OBS-Studio-23.2.1-Full-Installer-x64.exe 2019-07-13 19:31 - 2019-07-13 19:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2019-07-13 15:41 - 2019-07-15 13:40 - 000000000 ___RD C:\Users\astra\Dropbox 2019-07-13 15:41 - 2019-07-13 15:41 - 000001307 _____ C:\Users\astra\Desktop\Dropbox.lnk 2019-07-13 15:33 - 2019-07-13 15:33 - 000000000 ____D C:\Users\astra\AppData\Roaming\Dropbox 2019-07-13 15:32 - 2019-07-22 18:49 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-07-13 15:32 - 2019-07-13 17:06 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2019-07-13 15:32 - 2019-07-13 17:06 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2019-07-13 15:32 - 2019-07-13 15:41 - 000000000 ____D C:\Users\astra\AppData\Local\Dropbox 2019-07-13 15:32 - 2019-07-13 15:32 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller (1).exe 2019-07-13 15:32 - 2019-07-13 15:32 - 000003984 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2019-07-13 15:32 - 2019-07-13 15:32 - 000003752 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2019-07-13 15:32 - 2019-07-13 15:32 - 000000000 ____D C:\ProgramData\Dropbox 2019-07-13 15:25 - 2019-07-13 15:25 - 000000000 ____D C:\Program Files\UNP 2019-07-13 15:11 - 2019-07-13 15:11 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller.exe 2019-07-13 15:09 - 2019-07-13 15:09 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2019-07-13 15:09 - 2019-07-13 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-23 16:46 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-07-23 16:42 - 2017-08-11 00:18 - 000000000 ____D C:\Users\astra\AppData\Local\Host App Service 2019-07-23 16:41 - 2018-08-10 03:36 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-07-23 16:41 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2019-07-23 16:38 - 2018-08-10 03:44 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck 2019-07-23 16:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-07-23 16:37 - 2017-08-11 00:21 - 000000000 __SHD C:\Users\astra\IntelGraphicsProfiles 2019-07-23 16:36 - 2019-06-03 01:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-07-23 16:35 - 2018-08-10 03:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-07-23 16:34 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-07-23 16:33 - 2018-04-11 22:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2019-07-23 16:31 - 2018-08-10 03:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-07-23 06:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-07-22 18:58 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-07-22 18:45 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-07-16 22:55 - 2019-06-03 01:36 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk 2019-07-16 22:55 - 2019-06-03 01:36 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk 2019-07-16 22:49 - 2017-08-12 15:34 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-07-16 22:49 - 2017-08-12 15:34 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-07-16 22:46 - 2017-08-11 00:26 - 000000000 ____D C:\Users\astra\AppData\Local\CrashDumps 2019-07-15 16:17 - 2018-08-10 03:25 - 000000000 ____D C:\Users\astra 2019-07-15 15:42 - 2017-08-11 03:03 - 002033568 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\system32\DAX2 2019-07-15 13:05 - 2019-04-27 20:35 - 000000000 ____D C:\Program Files\Common Files\AV 2019-07-15 12:24 - 2019-03-02 18:53 - 000000000 ____D C:\Users\astra\AppData\Local\D3DSCache 2019-07-15 12:22 - 2018-10-17 23:39 - 000000000 ___RD C:\Users\astra\3D Objects 2019-07-15 12:22 - 2017-01-06 00:02 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-07-15 12:19 - 2018-08-10 03:19 - 005061952 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-07-15 12:18 - 2019-04-27 19:29 - 000002412 _____ C:\Users\Public\Desktop\Norton Security.lnk 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-07-15 12:12 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Provisioning 2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-07-14 16:59 - 2017-08-12 12:02 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-07-14 16:33 - 2017-08-12 12:01 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-07-14 16:05 - 2018-01-26 09:32 - 000000000 ____D C:\Program Files\rempl 2019-07-14 15:52 - 2019-04-27 19:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64 2019-07-14 15:39 - 2018-10-18 01:27 - 000000000 ____D C:\ProgramData\Adobe 2019-07-14 15:15 - 2018-10-18 01:26 - 000000000 ____D C:\Users\astra\AppData\Local\Adobe 2019-07-14 15:14 - 2017-08-11 00:21 - 000000000 ____D C:\Users\astra\AppData\Roaming\Adobe 2019-07-13 17:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ELAMBKUP 2019-07-13 15:16 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-07-13 15:07 - 2017-01-06 00:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-07-13 14:44 - 2018-08-10 03:44 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1801165484-3255497710-3470013671-1002 2019-07-13 14:44 - 2018-08-10 03:25 - 000002371 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-07-13 14:44 - 2017-08-11 00:24 - 000000000 ___RD C:\Users\astra\OneDrive ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================ Addition|: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01 Ran by astra (23-07-2019 16:50:07) Running from C:\Users\astra\Desktop Windows 10 Home Version 1803 17134.885 (X64) (2018-08-10 02:46:21) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1801165484-3255497710-3470013671-500 - Administrator - Disabled) astra (S-1-5-21-1801165484-3255497710-3470013671-1002 - Administrator - Enabled) => C:\Users\astra DefaultAccount (S-1-5-21-1801165484-3255497710-3470013671-503 - Limited - Disabled) Guest (S-1-5-21-1801165484-3255497710-3470013671-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1801165484-3255497710-3470013671-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated) Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated) Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated) Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated) Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3008 - Acer Incorporated) Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated) Adobe Connect (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Adobe Connect App) (Version: 11.9.982.478 - Adobe Systems Inc.) AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated) App Explorer (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Host App Service) (Version: 0.273.3.484 - SweetLabs) <==== ATTENTION bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.) Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.) Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.49 - NCH Software) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3019 - Acer Incorporated) Dropbox (HKLM-x32\...\Dropbox) (Version: 77.4.131 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden ELAN HIDI2C Filter Driver X64 13.6.7.2_WHQL (HKLM\...\Elantech) (Version: 13.6.7.2 - ELAN Microelectronic Corp.) Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 7.10 - NCH Software) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3A55D9C8-17B6-41F9-B9C2-4B1532DCD016}) (Version: 19.10.1635.0483 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{ed5cef80-a339-45bd-8c06-514eaf785ca8}) (Version: 19.71.0 - Intel Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11727.20244 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla) Norton Security (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Pentablet version 1.5.2.180829 (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 1.5.2.180829 - UGEE Technology Co.,Ltd) ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 7.22 - NCH Software) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) Packages: ========= Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-26] (Acer Incorporated) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-03] (Autodesk Inc.) Booking.com -> C:\Program Files\WindowsApps\Booking.com_1.0.1606.2210_x64__96rgg7pjt343r [2017-01-06] (CN=Acer Incorporated) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-22] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-13] (king.com) eBay -> C:\Program Files\WindowsApps\eBay_1.0.1606.2210_x64__96rgg7pjt343r [2017-01-06] (CN=Acer Incorporated) Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-08-12] (AMZN Mobile LLC) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Corporation) [MS Ad] March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.1.0.6_x86__h6adky7gbf63m [2019-07-13] (Gameloft.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad] Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Studios) MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad] Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-08-12] (MAGIX) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-07-13] (Netflix, Inc.) Norton Password Manager -> C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13] (Symantec Corporation) Norton Safe Web -> C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26] (Symantec Corporation) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-10-18] (Twitter Inc.) WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.76.0_x64__qt5r5pa5dyg8m [2019-07-13] (WildTangent Games) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1801165484-3255497710-3470013671-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\astra\Dropbox [2019-07-13 15:41] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxDTCM.dll [2018-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-10-26 18:15 - 2018-10-26 18:16 - 008034816 _____ () [File not signed] C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4\AcerCollection.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\astra\AppData\Local:fgLWSWvcNK90pVbNiuttcfY [2158] AlternateDataStreams: C:\Users\astra\AppData\Local\6Xrb7BuFYhaI:6cAhTWwnId6ZmRcDBKN9ftXRfR [1988] AlternateDataStreams: C:\Users\astra\AppData\Local\Temp:SRXsx872vxEMxDomUb [2152] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 12:47 - 2019-04-27 19:22 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{E5F7562B-8087-408D-BB92-FE85EAE24E06}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> ) FirewallRules: [{1CED9AF7-C2E4-4601-9F53-0D4A15D79526}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4FCD7CA6-3EC3-4577-92C6-D62DF955E70A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C2EAF120-A536-47AE-980D-EF2F8EA7BD08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{838AA21F-0809-4986-AD7A-2800780F07DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{29AB0F8B-66D4-4861-A599-D15A96774C1A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{9F7B2182-4AD3-4CEF-87C9-9BA0940FD01E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File FirewallRules: [{204B5F4D-1EF6-4678-A02B-5FCBE25E2DDD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File FirewallRules: [{14B95CFD-0740-469F-9B61-52C1A692DF74}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File FirewallRules: [{4B353FE0-2A63-48A1-96D5-465EF3CA5B31}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{DC36C9C9-C11B-43B8-9ED3-30347F18C419}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{1E303C68-A431-4E0C-80B8-3FA642A19F5D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology) FirewallRules: [{2C9F3EF0-87ED-4525-9AE2-207182083A0A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology) FirewallRules: [{3ED16D29-665C-4147-8DD8-8DEAD8F9AEF3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{98B55E2D-4153-4DDB-A2BA-8919843ABB84}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{99C30625-10D2-4F6B-BBE8-91CFE7B92870}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{CB2D87E8-9BD0-4F41-944E-B122536C42C6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{1CDC0D08-EA3D-4177-AE6F-D3C83EA126E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0A3323F7-E225-4DCE-8263-99C7EB92186F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F22EAC21-9A04-4333-A9FB-43688D470A57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{84A4FE6C-C5DF-4AA6-99AB-B01C079C62AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{F4881749-9682-4F05-BE05-0F0C5D6A3382}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{0E06B349-AF00-4A12-B7C4-ABCA920C0E77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{637E078F-3C4D-4EF5-A713-7B007747D38A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) ==================== Restore Points ========================= 14-07-2019 16:02:52 Windows Update 22-07-2019 18:39:46 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/23/2019 04:46:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x015b2b90 Faulting process ID: 0x21a8 Faulting application start time: 0x01d5416ce70e395a Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe Faulting module path: unknown Report ID: 58aecf20-407d-42c2-b1ff-3bd260b9d60f Faulting package full name: Faulting package-relative application ID: Error: (07/23/2019 04:46:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: AWC.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException at Amundsen.LSM.Load() at Amundsen.Program.TimeIntervalElapsed(Boolean) at Amundsen.Program.Main(System.String[]) Error: (07/23/2019 04:43:13 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. Error: (07/23/2019 04:43:13 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. Error: (07/23/2019 04:43:13 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. Error: (07/23/2019 04:43:13 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. Error: (07/23/2019 04:42:54 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property. Error: (07/23/2019 07:58:18 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1907 System errors: ============= Error: (07/23/2019 04:43:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 04:41:46 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 04:41:21 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 04:40:47 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 04:40:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Delivery Optimization service did not respond on starting. Error: (07/23/2019 04:39:38 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/23/2019 04:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (07/23/2019 04:37:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0 service to connect. Windows Defender: =================================== Date: 2018-10-18 01:39:46.496 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.277.1243.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15300.6 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. ==================== Memory info =========================== BIOS: Insyde Corp. V1.06 11/02/2016 Motherboard: Acer T-Rex_SK Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz Percentage of memory in use: 48% Total physical RAM: 8060.22 MB Available physical RAM: 4142.19 MB Total Virtual: 9340.22 MB Available Virtual: 5140.95 MB ==================== Drives ================================ Drive 😄 (Acer) (Fixed) (Total:481.18 GB) (Free:405.7 GB) NTFS Drive e: (Work) (Fixed) (Total:449.22 GB) (Free:421.28 GB) NTFS \\?\Volume{032d40ac-eca6-4db7-bcdb-a36256b5a3e4}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.57 GB) NTFS \\?\Volume{1f5023ca-1e9d-40b1-808a-26b415179399}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 4D3D691C) Partition: GPT. ==================== End of Addition.txt ============================ Благодаря
  11. Здравейте, Имам следния проблем. Закупих от eBay версиа на Adobe CS6, която ми я продадоха за лицензирана. Въпросната версия не търси активационен код, а върви само със сериен номер, което ми се видя съмнително, но понеже не претендитам, че знам всичко за активацията на адоб го приех за истина. Свалих инсталационните файлове от тук http://bit.ly/2HbpqYp ако това има някакво значение. След диспут с продавача, заради отказа му да се легитимира, като такъв, издавайки ми фактура, след като единия от серийните номера, които ми продаде не работи и след като инсталирах софтуера на няколко компютъра, започнах да се съмнявам, че софтуера му не е читав. Установих, че компютрите почнаха да вървят бавно. Като се замислят забравят да спрат... Бавно зареждат самита програми на Адоб, но не само тях.... Като се опитам да включа Task Manager-ра той не се отваря веднага, а седи много дълго време като бяло квадратче на екрана, нещо което не се беше случвало преди. Също днес без предупреждение уиндоуса се бъгна и ми показа син екран.... и не започна да върти процентите, както обикновенно, а си остана на 0 поне 5-6 мин докъто не го резстартирах с копчето...... Предполагам съм направила някои "подобрения" на системата след качването на Adobe. Дезинсталирах пакета, но компютъра се държи по същия начин. На другите компютри още седи инсталиран. Интересува ме дали е вирус, това което бави машината(те). Възможно ли е "пипания" софтуер да рови из машината и да търси пароли и банкови сметки. Ако да, възможно ли е тези му "функции" да останат и след деинсталация? Също ако се установи нещо такова, може ли да се докаже времето, (дата, час) когато е качено. та това ми е проблема. Ако тука се установи нещо ще го махна от всички машини (още 6) и ще се наложи да почистя и тях. Благодаря предварително за помоща. Анелия
  12. Интересува ме как да проверя дали въпросния софтуер е само бавен или е бавен защото е зает с други задачи. Как да разбера дали шпионира и краде.
  13. Седмица е нищо!!!!! Аз говоря за година в най оптимистичните си представи, като период в който ще стане ясно ще го бъде ли или не. За това време трябва да мога да осигуря всички необходими ресурси на минимална цена! да скоча на скъпо платените версии в началото е като да подкарам колата на 4-та.
  14. инсталационен фаил - предполагам същия който би се свалил от диска с тази разлика че диска предполагам няма да е хакнат. за СС искат £32 на месец (може и повече) на компютър. За проект който сега започва с 8 компютъра не мога да си позволя - може би ако тръгне добре Пробен период на адоб - какво имате пред вид - седмица е ако инсталирам легална версия без номер.
  15. Серийни номера и файл който свалих от негов сървър. защо ще понасям санкции -аз съм жертвата. adobe вече не предлагат cs6 и единствената опция е да се закупи "на старо". Повечето компании които го ползват и решат да минат на CC не могат просто да го ъпгрейднат а трябва да си закупят абонамент за CC и затова продават CS6-тата си. Въпросът е че всякакви се възползват. Искам само да мога да проверя дали не е пипана версията по начин по който да нанесе щети на компютрите и мене. Предполагам ако е дописана по начин да рови из компютъра и да търси пароли и прочие, няма как да я хване антивирусната, защото инсталирайки я аз съм казала че и вярвам Има ли как да се провери
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×
×
  • Добави ново...