Премини към съдържанието

Филтри за търсене

Показани резултати за тагове 'приключен'.

  • Търсене по таг

    Въведете тагове разделени със запетая
  • Търсене по автор

Търсене в


Форуми

  • Софтуер
    • Нови Програми
    • Търсене на Програми
    • Програми - Проблеми и Дискусии
    • Драйвери - Търсене, Проблеми, Линкове
    • Операционни системи
    • Сигурност и антивирусна защита
    • Игри
  • Хардуер
    • Общи хардуерни въпроси
    • Преносими компютри
    • Дънни платки
    • Запаметяващи устройства и памети
    • Монитори, Аудио и Видеокарти
    • Периферия
    • Овърклок и PC модинг
    • Нови конфигурации и части, въпроси, препоръки и мнения
  • Мобилни телефони, GSM, Мобилни приложения, Комуникации
    • Мобилни телефони - Въпроси, Проблеми, Софтуер
    • Съвети при избор на телефон
    • Мобилни Приложения (Apps)
    • Мобилни оператори, Мрежи, Промоции, Абонаменти, Услуги
    • Други теми относно мобилни телефони
  • Уеб дизайн, Графичен дизайн, Програмиране
    • Програмиране
    • Графичен Дизайн и Визуални изкуства
    • CMS, Форумни и Торент системи
    • Хостинг, Домейни, Уеб сървъри
    • SEO, Уеб оптимизация и стандарти
  • Битова Техника
    • Аудиотехника
    • Телевизори, Видео и Фото техника, Видео наблюдение
    • Климатици - проблеми, съвети, въпроси
    • Бойлери, Печки, Отопление
    • Друга битова техника
  • Интернет, Локални Мрежи и GPS Навигации
    • Интернет, WiFi, xDSL и Локална Мрежа
    • Биткойн и Криптовалути
    • Онлайн бизнес, AdSense, Affilate програми
    • Рутери, Модеми, Суичове
    • Facebook - проблеми, въпроси, вируси
    • Skype, VoIP - Интернет телефония
    • GPS, Навигационни системи - Въпроси, Карти, Проблеми
  • Изкуство
    • Музика
    • Кино и Телевизия
    • Поезия и Лично творчество
    • Изкуство - Изящно, Приложно и Сценично
    • Фотография и Фотографска техника
    • Литература, Книги (e-books, video trainings, tutorials & etc.)
  • Други
    • Статии и ревюта
    • Образование и обща култура
    • Религия, Мистика, Езотерика
    • История
    • Философия
    • Психология и Психотерапия
    • Новини от България и Света
    • Българите по света
    • Политика
    • Право и Юридически консултации
    • Здраве и Mедицина
    • Банки, Застраховане, Финанси, Кредити
    • Тийн Зона (Teen Zone)
    • Купувам / Продавам
    • Всичко останало
  • Хоби, Развлечение и Свободно време
  • За kaldata.com
  • Теми
  • Photoshop майнаци Теми
  • python3 data types
  • какви са ви любимите игри?? Темиигри за вас
  • супрески игри и рекорди Темиигри за вас

Блогове

Няма резултати

Няма резултати

Категории

  • Компютри
    • Компютърни конфигурации
    • Компютърни компоненти
    • Периферни устройства
    • Дънни платки
    • Мултимедия
    • Компютърни игри и софтуер
    • Администриране и интернет услуги
    • Компютърни аксесоари
    • Лаптопи и таблети
    • Видеокарти
    • Монитори
    • Процесори
    • Хард дискове и Памети
    • Други
  • Електроника
    • Телефони, GSM апарати
    • Аудио
    • Битова електроника
    • GPS и навигационни системи
    • Фотоапарати и обективи
    • TV и Видео
    • Други
  • Имоти
    • Гарсониери
    • Къщи и вили
    • Търговски площи
    • Гаражи
    • Апартаменти
    • Терени
    • Офиси
    • Други имоти в продажба
  • Авто-мото
    • Автомобили
    • Велосипеди
    • Лодки
    • Резервни части
    • Авто аксесоари
    • Мотоциклети
    • Скутери и ATV
    • Камиони и Автобуси
    • Авто сервизи и Rent-a-Car
    • Други
  • Работа
    • Работа в страната
    • Работа в чужбина
    • Стажове
    • Работа от вкъщи
    • Непълно работно време
  • Услуги
  • Строителство
  • Туризъм
  • Курсове и обучение
  • Домашни любимци
  • Други
  • супрески игри и рекорди Обяви
  • супрески игри и рекорди Обяви

Категории

  • Домашни любимци и Животни
  • Игри
  • Инциденти и Екстремни
  • Коли и превозни средства
  • Музика
    • Българска музика
    • Джаз
    • Електронна
    • Метъл и Рок
    • Народна и Фолклор
    • Поп и Диско
    • Поп-фолк
    • Рап и хип-хоп
    • Ритъм енд блус и соул
    • Друга
  • Новини и политика
  • Реклами
  • Смях и Развлечение
  • Спорт
  • Технологии, Компютри, Хардуер
  • ТВ Предавания и Шоу Програми
  • Хора и блогове
  • Филми и анимация
  • Други
  • Old School Hip-Hop and Electroo 80" Видео клипчета

Календари

  • Събития
  • Изложения
  • Семинари
  • Парти
  • Празници в България

Групи продукти

  • Банер Реклами

Търсене в...

Търси резултати които съдържат...


Дата

  • Начало

    Край


Последно обновяване

  • Начало

    Край


Филтриране по брой...

Регистрация

  • Начало

    Край


Група


Skype


Facebook


Google+


Twitter


ICQ


Yahoo


Интернет сайт


Град


Интереси

Открити 321 резултата

  1. През 2015 компютърът ми беше заразен с Cryptowall 3.0. Понеже тогава нямаше начин да си възстановя информацията, бях изкарал въпросния хард диск и си сложих нов, започвайки всичко наново... Въпросът ми е, към днешна дата дали се е намерило лек за този вирус и дали има начин да си върна информацията ?
  2. Здравейте От около месец на настолния ми компютър се появява тази глупост след като стартирам Хром-а Обаче днеска ми се появи и на лаптопа.. Хрома ми е синхронизиран с Gmail На настолния съм с Windows 7 а на лаптопа с Win10 Антивирусни нямам и не ползам по принцип. Как мога да го разкарам това нещо ?
  3. Мисля че ги почистих с есет, но не съм напълно сигурен. Ето ги двата файла: Файл : Addition.txt Линк за сваляне : http://dox.bg/files/dw?a=96c4a4b28b Файл : FRST.txt Линк за сваляне : http://dox.bg/files/dw?a=ad8e0bfac3 Ето и от есет: http://imgur.com/GvUWpcK
  4. Вчера си пуснах лаптопа и видях, че половината ми файлове (музикални, текстови и снимки) са променени с окончанието [email protected] Когато премахна това окончание файловете не работят... Моля за помощ!!! Преинсталирах лаптопа веднага (файловете си стоят така), инсталирах си и едномесечна версия на Касперски, уж за повече сигурност. Иска ми се да възстановя, ако може файловете си, защото някои от тях ги нямам на друг носител, а и ме е страх да си включа външния хард за да не се зарази и той! Следвах инструкциите ви в подобна тема, ето копието на FRST.txt файла: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 Ran by Mira_Bobi (administrator) on MIRA_BOBI-PC (08-11-2015 21:47:24) Running from E:\PROGRAMI\PROGRAMI MIRA\2015 Loaded Profiles: Mira_Bobi (Available Profiles: Mira_Bobi) Platform: Windows 7 Ultimate (X64) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (M-Audio) C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ASUS Quick Gesture (x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [17376 2012-07-13] (ASUSTeK Computer Inc.) HKLM\...\Run: [ASUS TP Center (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [235488 2012-07-13] (AsusTek) HKLM\...\Run: [ASUS Quick Gesture (x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [19424 2012-07-13] (ASUSTeK Computer Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1014432 2011-12-29] (Atheros Commnucations) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2011-12-29] (Atheros Commnucations) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation) HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2760275696-4011297367-3674788362-1000\...\MountPoints2: {960cffd2-b846-11e2-aec7-806e6f6e6963} - G:\InstAll.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 88.87.0.2 88.87.10.2 Tcpip\..\Interfaces\{C9F3A2BC-AAAF-426D-A7F6-8AE367E8306E}: [DhcpNameServer] 88.87.0.2 88.87.10.2 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-2760275696-4011297367-3674788362-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.atcomet.com/b/ BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll [2012-07-13] (ASUSTeK Computer Inc.) BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-04-15] (Skype Technologies S.A.) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-06] (AO Kaspersky Lab) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated) BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.3.3.2.dll [2009-03-02] (BitComet) BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll [2012-07-13] (ASUSTeK Computer Inc.) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-12-29] (Atheros Commnucations) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-04-15] (Skype Technologies S.A.) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-11-06] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-06] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-11-06] (AO Kaspersky Lab) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-04-15] (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-04-15] (Skype Technologies S.A.) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Mira_Bobi\AppData\Roaming\Mozilla\Firefox\Profiles\zm6e8972.default FF Homepage: www.google.bg FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-11-08] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2008-11-11] (BitComet) FF Extension: DownloadHelper - C:\Users\Mira_Bobi\AppData\Roaming\Mozilla\Firefox\Profiles\zm6e8972.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-11-05] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-11-07] [not signed] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-11-07] [not signed] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2015-11-06] [not signed] FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found Chrome: ======= CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 .EsetTrialReset; C:\Windows\reset.exe [357182 2009-03-20] () [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2011-12-29] (Atheros Commnucations) [File not signed] R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-11-06] (Kaspersky Lab ZAO) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MIDISPORTAudioDevMon; C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe [1636872 2010-10-06] (M-Audio) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-07-13] (Windows (R) Win 7 DDK provider) R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [19104 2012-07-13] (ASUS) R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [49824 2012-07-13] (ASUS Corporation) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-11-06] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-11-06] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-11-06] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-11-06] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) S3 MAUSBMIDISPORT; C:\Windows\System32\DRIVERS\MAudioMIDISPORT.sys [199176 2010-10-06] (M-Audio) S3 ASUSProcObsrv; \??\G:\I386\AsPrOb64.sys [X] U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-08 21:47 - 2015-11-08 21:47 - 00000000 ____D C:\FRST 2015-11-08 20:42 - 2015-11-08 21:12 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-08 20:42 - 2015-11-08 20:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-08 20:34 - 2015-11-08 20:34 - 00000000 ___RD C:\Users\Mira_Bobi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2015-11-07 18:31 - 2015-11-07 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-05 23:56 - 2015-11-05 23:56 - 00002115 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk 2015-11-05 23:56 - 2015-11-05 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security 2015-11-05 23:55 - 2015-11-08 20:42 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-11-05 23:55 - 2015-11-06 00:02 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2015-11-05 23:55 - 2015-11-06 00:02 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2015-11-05 23:55 - 2015-11-05 23:55 - 00000000 ____D C:\Windows\ELAMBKUP 2015-11-05 23:55 - 2015-11-05 23:55 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2015-11-05 23:55 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2015-11-05 23:53 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2015-11-05 23:53 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2015-11-05 23:53 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll 2015-11-05 23:53 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe 2015-11-05 23:53 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll 2015-11-05 23:53 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe 2015-11-05 23:53 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll 2015-11-05 23:53 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll 2015-11-05 23:53 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll 2015-11-05 23:53 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll 2015-11-05 23:38 - 2015-11-05 23:38 - 00001009 _____ C:\Users\Mira_Bobi\Desktop\POP FOLK.lnk 2015-11-05 23:03 - 2015-11-05 23:03 - 00000000 ____D C:\Users\Mira_Bobi\Tracing 2015-11-05 23:02 - 2015-11-05 23:02 - 00000000 ____D C:\Users\Mira_Bobi\AppData\Local\Skype 2015-11-05 23:02 - 2015-11-05 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-11-04 22:58 - 2015-11-04 22:58 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings 2015-11-04 22:58 - 2015-11-04 22:58 - 00000000 ____D C:\Program Files\Common Files\AV 2015-11-04 22:47 - 2015-11-06 03:13 - 00000000 ____D C:\Users\Mira_Bobi\Documents\Any Video Converter 2015-11-04 22:46 - 2015-11-06 00:01 - 00000000 ____D C:\Users\Mira_Bobi\Desktop\O6TE PROGRAMI 2015-11-04 22:46 - 2015-11-04 22:46 - 00001244 _____ C:\Users\Mira_Bobi\Desktop\Any Video Converter.lnk 2015-11-04 22:46 - 2015-11-04 22:46 - 00000000 ____D C:\Users\Mira_Bobi\AppData\Roaming\AnvSoft 2015-11-04 22:46 - 2015-11-04 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft 2015-11-04 22:46 - 2015-11-04 22:46 - 00000000 ____D C:\Program Files (x86)\AnvSoft 2015-11-04 22:32 - 2015-01-02 22:24 - 00000853 _____ C:\Users\Mira_Bobi\Desktop\GREEK - Shortcut.lnk 2015-11-04 22:31 - 2014-04-16 15:47 - 00001015 _____ C:\Users\Mira_Bobi\Desktop\DISKO 2012 MIRELA - Shortcut.lnk 2015-11-04 22:31 - 2013-05-15 13:56 - 00001015 _____ C:\Users\Mira_Bobi\Desktop\MAKEDONSKI.lnk 2015-11-04 22:30 - 2015-11-04 22:30 - 00001357 _____ C:\Users\Mira_Bobi\Desktop\ZA OTKRIVANE NA DISKOTEKA.mp3 - Shortcut.lnk 2015-11-04 22:01 - 2015-11-04 22:01 - 00000000 ____D C:\Users\Mira_Bobi\Desktop\МАРИЯНА И ТОДОР ТРАЙЧЕВИ 2015-11-04 21:15 - 2015-11-04 21:15 - 00000000 _____ C:\autoexec.bat 2015-11-04 20:44 - 2015-11-04 20:44 - 00108840 _____ C:\Users\Mira_Bobi\AppData\Local\GDIPFONTCACHEV1.DAT 2015-11-04 19:36 - 2015-11-04 19:36 - 00000000 ____D C:\Users\Mira_Bobi\AppData\Local\ESET ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-08 21:48 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-08 21:48 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-08 21:23 - 2013-05-08 14:53 - 00000000 ____D C:\Program Files (x86)\KaraFun 2015-11-08 21:05 - 2013-05-09 03:24 - 00561499 _____ C:\Windows\WindowsUpdate.log 2015-11-08 21:02 - 2009-07-14 07:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-08 20:53 - 2013-05-08 14:13 - 00000000 ____D C:\Users\Mira_Bobi\AppData\Local\Mozilla 2015-11-08 20:42 - 2013-05-08 14:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-08 20:42 - 2013-05-08 14:15 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-08 20:42 - 2013-05-08 13:17 - 00000000 ____D C:\Users\Mira_Bobi\AppData\Local\Adobe 2015-11-08 20:35 - 2013-05-08 14:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-08 20:34 - 2013-05-08 17:00 - 00002533 _____ C:\Windows\setupact.log 2015-11-08 20:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-07 05:01 - 2013-05-08 15:17 - 00000000 ____D C:\Program Files (x86)\BitComet 2015-11-07 04:39 - 2013-05-08 15:22 - 00000000 ____D C:\Users\Mira_Bobi\AppData\Roaming\Skype 2015-11-06 00:02 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2015-11-06 00:02 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys 2015-11-05 23:03 - 2013-05-08 12:37 - 00000000 ____D C:\Users\Mira_Bobi 2015-11-05 23:02 - 2013-05-08 15:25 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-11-05 23:02 - 2013-05-08 15:21 - 00000000 ____D C:\ProgramData\Skype 2015-11-05 19:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF Some files in TEMP: ==================== C:\Users\Mira_Bobi\AppData\Local\Temp\_is7B66.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-11-05 10:07 ==================== End of FRST.txt ============================ Ето и Addition.txt файла.... Addition.txt
  5. Здравейте! В петъчната вечер останах неприятно изненадан, след като установих, че всичките ми файлове са криптирани. От прочетеното в интернет установих, че най-вероятния причинител е CryptoWall 4. Всички файлове (основно .mp3 и .jpeg) са криптирани и изглеждат така: 0xjyfa9v.6g5 1vkcd8.5ch 5nxvrbsqt.u8y ... Прочетох тук, че вероятността за декриптиране на така криптираните файлове клони към 0, но все пак се надявам да помогнете. По-долу са логовете: FRST_21-02-2016_07-40-32.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-02-2016 Ran by admin (administrator) on HP (21-02-2016 07:39:32) Running from D:\x3 Loaded Profiles: admin (Available Profiles: admin) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\ProgramData\DatacardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (KoshyJohn.com) C:\Users\admin\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Behringer Spezielle Studiotechnik GmbH) C:\Program Files\Behringer\BCD3000\Drivers\bcd3kcpan.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\ouc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated) HKU\S-1-5-21-2618793138-2398098279-1768262542-1000\...\Run: [Memory Cleaner] => C:\Users\admin\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe [762984 2014-12-03] (KoshyJohn.com) HKU\S-1-5-21-2618793138-2398098279-1768262542-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-2618793138-2398098279-1768262542-1000\...\MountPoints2: {21cef856-a59e-11e5-b25a-d8d38522b1df} - G:\AutoRun.exe HKU\S-1-5-21-2618793138-2398098279-1768262542-1000\...\MountPoints2: {21cef8a7-a59e-11e5-b25a-d8d38522b1df} - G:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BCD3000 Control Panel.lnk [2015-12-31] ShortcutTarget: BCD3000 Control Panel.lnk -> C:\Program Files\Behringer\BCD3000\Drivers\bcd3kcpan.exe (Behringer Spezielle Studiotechnik GmbH) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.107.1 Tcpip\..\Interfaces\{0CDE5368-06F8-4A4A-B7B9-33AA1F4BC6C0}: [DhcpNameServer] 192.168.0.1 192.168.107.1 Tcpip\..\Interfaces\{2CBE2096-5B86-41B0-B6C2-D38F50011E2B}: [NameServer] Tcpip\..\Interfaces\{92D0B543-BA98-47AE-8D1C-995C1BB9C5F6}: [NameServer] 84.238.228.1 Internet Explorer: ================== HKU\S-1-5-21-2618793138-2398098279-1768262542-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\S-1-5-21-2618793138-2398098279-1768262542-1000 -> DefaultScope {2167E39C-5C6B-4100-B95E-88FBFAA40C4B} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2618793138-2398098279-1768262542-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2618793138-2398098279-1768262542-1000 -> {2167E39C-5C6B-4100-B95E-88FBFAA40C4B} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Презентации) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-16] CHR Extension: (Google Документи) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-16] CHR Extension: (Google Диск) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-16] CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-16] CHR Extension: (Google Търсене) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16] CHR Extension: (Електронни таблици от Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-16] CHR Extension: (Google Документи офлайн) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-16] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-16] CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-16] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) S2 VIVACOM 3G USB Modem. RunOuc; C:\Program Files (x86)\VIVACOM 3G USB Modem\UpdateDog\ouc.exe [655712 2015-12-18] () S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2015-12-01] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 HPDrvMntSvc.exe; "C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe" [X] S2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service [X] <==== ATTENTION ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 bcd3000; C:\Windows\System32\DRIVERS\bcd3000_x64.sys [54888 2010-08-05] (Behringer) S3 bcd3000wdm; C:\Windows\System32\DRIVERS\bcd3000wdm_x64.sys [32872 2010-08-05] (Behringer) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-12-01] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2015-12-18] (Huawei Technologies Co., Ltd.) R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-21 07:39 - 2016-02-21 07:39 - 00000000 ____D C:\FRST 2016-02-20 22:50 - 2016-02-20 22:50 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-02-20 22:50 - 2016-02-20 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-02-20 20:49 - 2016-02-20 20:49 - 00000000 ____D C:\Users\admin\AppData\Roaming\www.shadowexplorer.com 2016-02-20 20:29 - 2016-02-20 20:30 - 00000023 _____ C:\Users\admin\Desktop\crypt.txt 2016-02-20 20:23 - 2016-02-20 20:36 - 00000000 ____D C:\Program Files (x86)\Boxcryptor 2016-02-20 20:23 - 2015-10-04 13:23 - 00009000 _____ (EldoS Corporation) C:\Windows\system32\elevtmsg.dll 2016-02-20 15:44 - 2016-02-20 15:45 - 00011770 _____ C:\Users\admin\Desktop\Spectre.2015.1080p.BluRay.x264_SPARKS.(subs.sab.bz).rar 2016-02-20 14:18 - 2016-02-20 14:18 - 00012288 ___SH C:\Users\admin\AppData\Roaming\Thumbs.db 2016-02-20 14:11 - 2016-02-20 14:11 - 00081920 ___SH C:\Users\admin\Thumbs.db 2016-02-20 14:11 - 2016-02-20 14:11 - 00012288 ___SH C:\Users\admin\AppData\Thumbs.db 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\HELP_FILE_8F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\HELP_FILE_7F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\HELP_FILE_6F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\HELP_FILE_5F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\HELP_FILE_4F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\HELP_FILE_3F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\HELP_FILE_2F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\HELP_FILE_1F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\admin\HELP_FILE_8F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\admin\HELP_FILE_7F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\admin\HELP_FILE_6F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\admin\HELP_FILE_5F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\admin\HELP_FILE_4F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\admin\HELP_FILE_3F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\admin\HELP_FILE_2F734965.html 2016-02-19 16:57 - 2016-02-19 16:57 - 00003152 _____ C:\Users\admin\HELP_FILE_1F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 144825692 _____ C:\Users\admin\Desktop\tquk7h.xj3x9 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\Roaming\HELP_FILE_8F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\Roaming\HELP_FILE_7F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\Roaming\HELP_FILE_6F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\Roaming\HELP_FILE_5F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\Roaming\HELP_FILE_4F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\Roaming\HELP_FILE_3F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\Roaming\HELP_FILE_2F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\Roaming\HELP_FILE_1F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\HELP_FILE_8F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\HELP_FILE_7F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\HELP_FILE_6F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\HELP_FILE_5F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\HELP_FILE_4F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\HELP_FILE_3F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\HELP_FILE_2F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 00003152 _____ C:\Users\admin\AppData\HELP_FILE_1F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\LocalLow\HELP_FILE_8F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\LocalLow\HELP_FILE_7F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\LocalLow\HELP_FILE_6F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\LocalLow\HELP_FILE_5F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\LocalLow\HELP_FILE_4F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\LocalLow\HELP_FILE_3F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\LocalLow\HELP_FILE_2F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\LocalLow\HELP_FILE_1F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\Local\HELP_FILE_8F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\Local\HELP_FILE_7F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\Local\HELP_FILE_6F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\Local\HELP_FILE_5F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\Local\HELP_FILE_4F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\Local\HELP_FILE_3F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\Local\HELP_FILE_2F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 00003152 _____ C:\Users\admin\AppData\Local\HELP_FILE_1F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 00003152 _____ C:\ProgramData\HELP_FILE_8F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 00003152 _____ C:\ProgramData\HELP_FILE_7F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 00003152 _____ C:\ProgramData\HELP_FILE_6F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 00003152 _____ C:\ProgramData\HELP_FILE_5F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 00003152 _____ C:\ProgramData\HELP_FILE_4F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 00003152 _____ C:\ProgramData\HELP_FILE_3F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 00003152 _____ C:\ProgramData\HELP_FILE_2F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 00003152 _____ C:\ProgramData\HELP_FILE_1F734965.html 2016-02-19 16:51 - 2016-02-19 16:51 - 00000764 _____ C:\ProgramData\5zzs483q.cy97 2016-02-16 22:14 - 2016-02-19 22:45 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-16 22:14 - 2016-02-19 16:52 - 00000000 ____D C:\Users\admin\AppData\Local\Google 2016-02-16 22:13 - 2016-02-21 07:18 - 00000996 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-16 22:13 - 2016-02-20 22:47 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-16 22:13 - 2016-02-16 22:14 - 00000000 ____D C:\Program Files (x86)\Google 2016-02-16 22:13 - 2016-02-16 22:13 - 00003992 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-16 22:13 - 2016-02-16 22:13 - 00003740 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-16 22:13 - 2016-02-16 22:13 - 00000000 ____D C:\Users\admin\AppData\Local\Deployment 2016-02-16 22:13 - 2016-02-16 22:13 - 00000000 ____D C:\Users\admin\AppData\Local\Apps\2.0 2016-02-16 21:41 - 2016-02-19 16:56 - 00000000 ____D C:\Users\admin\AppData\Roaming\Winamp 2016-02-16 21:41 - 2016-02-16 21:41 - 00000983 _____ C:\Users\Public\Desktop\Winamp.lnk 2016-02-10 06:00 - 2016-02-06 12:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-02-10 06:00 - 2016-02-06 12:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-02-10 06:00 - 2016-02-06 12:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-02-10 06:00 - 2016-02-06 12:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-02-10 06:00 - 2016-02-06 12:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-02-10 06:00 - 2016-02-06 12:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-02-10 06:00 - 2016-02-06 11:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-02-10 06:00 - 2016-02-06 11:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-02-10 06:00 - 2016-02-06 11:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-02-10 06:00 - 2016-02-06 11:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-02-10 06:00 - 2016-02-06 11:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-02-10 06:00 - 2016-02-06 11:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-02-10 06:00 - 2016-02-06 11:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-02-10 06:00 - 2016-02-06 10:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-02-10 06:00 - 2016-01-22 22:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-02-10 06:00 - 2016-01-22 22:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-02-10 06:00 - 2016-01-22 08:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-02-10 06:00 - 2016-01-22 08:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-02-10 06:00 - 2016-01-22 08:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-02-10 06:00 - 2016-01-22 08:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-02-10 06:00 - 2016-01-22 08:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-02-10 06:00 - 2016-01-22 08:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-02-10 06:00 - 2016-01-22 08:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-02-10 06:00 - 2016-01-22 08:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-02-10 06:00 - 2016-01-22 08:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-02-10 06:00 - 2016-01-22 08:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-02-10 06:00 - 2016-01-22 08:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-02-10 06:00 - 2016-01-22 08:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-02-10 06:00 - 2016-01-22 08:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-02-10 06:00 - 2016-01-22 08:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-02-10 06:00 - 2016-01-22 08:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-02-10 06:00 - 2016-01-22 08:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-02-10 06:00 - 2016-01-22 08:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-02-10 06:00 - 2016-01-22 08:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-02-10 06:00 - 2016-01-22 08:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-02-10 06:00 - 2016-01-22 08:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-02-10 06:00 - 2016-01-22 08:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-02-10 06:00 - 2016-01-22 08:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-02-10 06:00 - 2016-01-22 08:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-02-10 06:00 - 2016-01-22 08:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-02-10 06:00 - 2016-01-22 08:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-02-10 06:00 - 2016-01-22 07:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-02-10 06:00 - 2016-01-22 07:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-02-10 06:00 - 2016-01-22 07:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-02-10 06:00 - 2016-01-22 07:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-02-10 06:00 - 2016-01-22 07:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-02-10 06:00 - 2016-01-22 07:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-02-10 06:00 - 2016-01-22 07:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-02-10 06:00 - 2016-01-22 07:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-02-10 06:00 - 2016-01-22 07:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-02-10 06:00 - 2016-01-22 07:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-02-10 06:00 - 2016-01-22 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-02-10 06:00 - 2016-01-22 07:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-02-10 06:00 - 2016-01-22 07:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-02-10 06:00 - 2016-01-22 07:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-02-10 06:00 - 2016-01-22 07:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-02-10 06:00 - 2016-01-22 07:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-02-10 06:00 - 2016-01-22 07:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-02-10 06:00 - 2016-01-22 07:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-02-10 06:00 - 2016-01-22 07:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-02-10 06:00 - 2016-01-22 07:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-02-10 06:00 - 2016-01-22 07:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-02-10 06:00 - 2016-01-22 07:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-02-10 06:00 - 2016-01-22 07:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-02-10 06:00 - 2016-01-22 07:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-02-10 06:00 - 2016-01-22 07:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-02-10 06:00 - 2016-01-16 21:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-02-10 06:00 - 2016-01-16 20:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-10 06:00 - 2016-01-11 21:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-02-10 06:00 - 2016-01-11 21:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-02-10 06:00 - 2016-01-11 21:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-02-10 06:00 - 2016-01-11 20:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-02-10 06:00 - 2016-01-11 20:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-02-10 06:00 - 2016-01-11 20:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-02-10 06:00 - 2016-01-11 20:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-02-10 06:00 - 2016-01-11 20:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-02-10 06:00 - 2016-01-11 20:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-02-10 06:00 - 2016-01-11 20:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-02-10 06:00 - 2016-01-11 20:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-02-10 06:00 - 2016-01-11 20:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-02-10 06:00 - 2016-01-11 20:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-02-10 06:00 - 2016-01-11 20:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-02-10 06:00 - 2016-01-11 20:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-02-10 06:00 - 2016-01-11 20:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-02-10 06:00 - 2016-01-11 16:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-02-10 06:00 - 2016-01-11 16:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-02-10 06:00 - 2016-01-11 16:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-02-10 06:00 - 2016-01-11 16:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-02-10 06:00 - 2016-01-11 16:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-02-10 06:00 - 2016-01-07 19:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-02-10 06:00 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-02-10 06:00 - 2016-01-06 21:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-02-10 06:00 - 2016-01-06 21:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2016-02-10 06:00 - 2016-01-06 20:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-02-10 05:59 - 2016-01-22 08:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-10 05:59 - 2016-01-22 08:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-10 05:59 - 2016-01-22 08:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-02-10 05:59 - 2016-01-22 08:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-02-10 05:59 - 2016-01-22 08:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-02-10 05:59 - 2016-01-22 08:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-02-10 05:59 - 2016-01-22 08:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-10 05:59 - 2016-01-22 08:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-02-10 05:59 - 2016-01-22 08:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-02-10 05:59 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-02-10 05:59 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2016-02-10 05:59 - 2016-01-22 08:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-02-10 05:59 - 2016-01-22 08:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-10 05:59 - 2016-01-22 08:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-02-10 05:59 - 2016-01-22 08:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-02-10 05:59 - 2016-01-22 08:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-10 05:59 - 2016-01-22 08:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-10 05:59 - 2016-01-22 08:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-02-10 05:59 - 2016-01-22 08:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-02-10 05:59 - 2016-01-22 08:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-02-10 05:59 - 2016-01-22 08:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-10 05:59 - 2016-01-22 08:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-02-10 05:59 - 2016-01-22 08:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-02-10 05:59 - 2016-01-22 08:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-02-10 05:59 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-10 05:59 - 2016-01-22 08:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-02-10 05:59 - 2016-01-22 08:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 08:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-02-10 05:59 - 2016-01-22 08:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-02-10 05:59 - 2016-01-22 08:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-02-10 05:59 - 2016-01-22 08:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-02-10 05:59 - 2016-01-22 08:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-02-10 05:59 - 2016-01-22 08:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-02-10 05:59 - 2016-01-22 08:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-02-10 05:59 - 2016-01-22 08:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-02-10 05:59 - 2016-01-22 08:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-02-10 05:59 - 2016-01-22 08:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-02-10 05:59 - 2016-01-22 08:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-02-10 05:59 - 2016-01-22 08:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-02-10 05:59 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2016-02-10 05:59 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2016-02-10 05:59 - 2016-01-22 08:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-02-10 05:59 - 2016-01-22 08:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-02-10 05:59 - 2016-01-22 08:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-02-10 05:59 - 2016-01-22 08:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-02-10 05:59 - 2016-01-22 08:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-02-10 05:59 - 2016-01-22 08:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-02-10 05:59 - 2016-01-22 08:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-02-10 05:59 - 2016-01-22 08:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 07:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-02-10 05:59 - 2016-01-22 07:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-02-10 05:59 - 2016-01-22 07:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-02-10 05:59 - 2016-01-22 07:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-02-10 05:59 - 2016-01-22 07:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-02-10 05:59 - 2016-01-22 07:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-02-10 05:59 - 2016-01-22 06:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-10 05:59 - 2016-01-22 06:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-10 05:59 - 2016-01-22 06:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-10 05:59 - 2016-01-22 06:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-02-10 05:59 - 2016-01-22 06:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-02-10 05:59 - 2016-01-22 06:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-02-10 05:59 - 2016-01-22 06:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-02-10 05:59 - 2016-01-22 06:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-02-10 05:59 - 2016-01-22 06:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-02-10 05:59 - 2016-01-22 06:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-02-10 05:59 - 2016-01-22 06:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 06:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 06:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 05:59 - 2016-01-22 06:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-02-10 05:59 - 2016-01-16 21:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-02-10 05:59 - 2016-01-16 20:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-21 06:47 - 2009-07-14 06:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-21 06:47 - 2009-07-14 06:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-20 23:13 - 2009-07-14 07:13 - 00781782 _____ C:\Windows\system32\PerfStringBackup.INI 2016-02-20 23:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-02-20 22:58 - 2015-12-27 13:38 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype 2016-02-20 22:50 - 2015-12-27 13:38 - 00000000 ____D C:\ProgramData\Skype 2016-02-20 22:47 - 2016-01-10 20:21 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-02-20 22:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-20 22:46 - 2016-01-10 21:01 - 00000718 _____ C:\Windows\wininit.ini 2016-02-20 22:46 - 2016-01-10 20:21 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-02-20 22:45 - 2015-12-27 21:41 - 00000000 ____D C:\Users\admin\AppData\Local\Viber 2016-02-20 20:36 - 2015-12-14 05:53 - 00000000 ____D C:\Windows\system32\appmgmt 2016-02-20 15:43 - 2015-12-01 06:54 - 00000000 ____D C:\Users\admin\AppData\LocalLow\Adblock Plus for IE 2016-02-20 14:15 - 2015-12-24 23:52 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-02-20 14:14 - 2015-12-17 18:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\uTorrent 2016-02-20 14:11 - 2015-11-29 20:41 - 00000000 ____D C:\Users\admin 2016-02-20 01:57 - 2015-12-14 05:55 - 00000000 ____D C:\Windows\pss 2016-02-20 01:54 - 2016-01-10 09:09 - 00001150 _____ C:\Users\Public\Desktop\Free MP3 Cutter Joiner.lnk 2016-02-19 21:50 - 2015-12-30 23:33 - 00002048 ____H C:\Users\admin\Documents\Default.rdp 2016-02-19 16:57 - 2015-12-29 20:15 - 00000000 ____D C:\Users\admin\Tracing 2016-02-19 16:53 - 2015-12-01 23:07 - 00000000 ____D C:\Users\admin\AppData\Roaming\DAEMON Tools Lite 2016-02-19 16:53 - 2015-12-01 22:41 - 00000000 ____D C:\Users\admin\AppData\LocalLow\Adobe 2016-02-19 16:53 - 2015-12-01 06:46 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe 2016-02-19 16:52 - 2015-12-31 20:42 - 00000000 ____D C:\ProgramData\Native Instruments 2016-02-19 16:52 - 2015-12-28 20:45 - 00000000 ____D C:\Users\admin\.VirtualBox 2016-02-19 16:52 - 2015-12-18 17:48 - 00000000 ____D C:\ProgramData\VIVACOM 3G USB Modem 2016-02-19 16:51 - 2015-12-01 23:15 - 00000000 ____D C:\ProgramData\BatteryOptimizer.exe 2016-02-19 05:08 - 2015-12-01 22:36 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-16 21:41 - 2015-11-30 17:22 - 00000000 ____D C:\Program Files (x86)\Winamp 2016-02-15 05:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports 2016-02-14 10:12 - 2015-12-27 21:44 - 00000000 ____D C:\ViberDownloads 2016-02-12 03:03 - 2015-12-18 03:03 - 00765724 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-02-11 04:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2016-02-11 03:29 - 2009-07-14 06:45 - 00287216 _____ C:\Windows\system32\FNTCACHE.DAT 2016-02-11 03:26 - 2015-12-01 06:36 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-02-11 03:26 - 2015-12-01 06:36 - 00000000 ____D C:\Windows\system32\appraiser 2016-02-11 03:26 - 2010-11-21 09:16 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-09 19:25 - 2015-12-29 21:28 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc 2016-02-05 23:54 - 2016-01-01 22:57 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics ==================== Files in the root of some directories ======= 2016-02-19 16:56 - 2016-02-19 16:56 - 0003152 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_1F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 0114942 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_1F734965.png 2016-02-19 16:56 - 2016-02-19 16:56 - 0003152 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_2F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 0114942 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_2F734965.png 2016-02-19 16:56 - 2016-02-19 16:56 - 0003152 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_3F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 0114942 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_3F734965.png 2016-02-19 16:56 - 2016-02-19 16:56 - 0003152 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_4F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 0114942 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_4F734965.png 2016-02-19 16:56 - 2016-02-19 16:56 - 0003152 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_5F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 0114942 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_5F734965.png 2016-02-19 16:56 - 2016-02-19 16:56 - 0003152 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_6F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 0114942 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_6F734965.png 2016-02-19 16:56 - 2016-02-19 16:56 - 0003152 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_7F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 0114942 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_7F734965.png 2016-02-19 16:56 - 2016-02-19 16:56 - 0003152 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_8F734965.html 2016-02-19 16:56 - 2016-02-19 16:56 - 0114942 _____ () C:\Users\admin\AppData\Roaming\HELP_FILE_8F734965.png 2016-02-20 14:18 - 2016-02-20 14:18 - 0012288 ___SH () C:\Users\admin\AppData\Roaming\Thumbs.db 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_1F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_1F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_2F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_2F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_3F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_3F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_4F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_4F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_5F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_5F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_6F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_6F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_7F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_7F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_8F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Roaming\Microsoft\HELP_FILE_8F734965.png 2016-02-20 14:18 - 2016-02-20 14:19 - 0012288 ___SH () C:\Users\admin\AppData\Roaming\Microsoft\Thumbs.db 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Local\HELP_FILE_1F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Local\HELP_FILE_1F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Local\HELP_FILE_2F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Local\HELP_FILE_2F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Local\HELP_FILE_3F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Local\HELP_FILE_3F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Local\HELP_FILE_4F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Local\HELP_FILE_4F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Local\HELP_FILE_5F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Local\HELP_FILE_5F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Local\HELP_FILE_6F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Local\HELP_FILE_6F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Local\HELP_FILE_7F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Local\HELP_FILE_7F734965.png 2016-02-19 16:53 - 2016-02-19 16:53 - 0003152 _____ () C:\Users\admin\AppData\Local\HELP_FILE_8F734965.html 2016-02-19 16:53 - 2016-02-19 16:53 - 0114942 _____ () C:\Users\admin\AppData\Local\HELP_FILE_8F734965.png 2016-02-19 16:51 - 2016-02-19 16:51 - 0000764 _____ () C:\ProgramData\5zzs483q.cy97 2016-02-19 16:52 - 2016-02-19 16:52 - 0003152 _____ () C:\ProgramData\HELP_FILE_1F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 0114942 _____ () C:\ProgramData\HELP_FILE_1F734965.png 2016-02-19 16:52 - 2016-02-19 16:52 - 0003152 _____ () C:\ProgramData\HELP_FILE_2F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 0114942 _____ () C:\ProgramData\HELP_FILE_2F734965.png 2016-02-19 16:52 - 2016-02-19 16:52 - 0003152 _____ () C:\ProgramData\HELP_FILE_3F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 0114942 _____ () C:\ProgramData\HELP_FILE_3F734965.png 2016-02-19 16:52 - 2016-02-19 16:52 - 0003152 _____ () C:\ProgramData\HELP_FILE_4F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 0114942 _____ () C:\ProgramData\HELP_FILE_4F734965.png 2016-02-19 16:52 - 2016-02-19 16:52 - 0003152 _____ () C:\ProgramData\HELP_FILE_5F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 0114942 _____ () C:\ProgramData\HELP_FILE_5F734965.png 2016-02-19 16:52 - 2016-02-19 16:52 - 0003152 _____ () C:\ProgramData\HELP_FILE_6F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 0114942 _____ () C:\ProgramData\HELP_FILE_6F734965.png 2016-02-19 16:52 - 2016-02-19 16:52 - 0003152 _____ () C:\ProgramData\HELP_FILE_7F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 0114942 _____ () C:\ProgramData\HELP_FILE_7F734965.png 2016-02-19 16:52 - 2016-02-19 16:52 - 0003152 _____ () C:\ProgramData\HELP_FILE_8F734965.html 2016-02-19 16:52 - 2016-02-19 16:52 - 0114942 _____ () C:\ProgramData\HELP_FILE_8F734965.png Files to move or delete: ==================== C:\ProgramData\BatteryOptimizer.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll [2015-12-09 17:54] - [2015-12-28 21:13] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79 C:\Windows\SysWOW64\User32.dll [2015-12-09 17:54] - [2015-12-28 21:13] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-02-18 08:03 ==================== End of FRST.txt ============================ Addition_21-02-2016_07-40-31.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-02-2016 Ran by admin (2016-02-21 07:40:11) Running from D:\x3 Windows 7 Ultimate Service Pack 1 (X64) (2015-11-29 18:41:02) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= admin (S-1-5-21-2618793138-2398098279-1768262542-1000 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-2618793138-2398098279-1768262542-500 - Administrator - Disabled) Guest (S-1-5-21-2618793138-2398098279-1768262542-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2618793138-2398098279-1768262542-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2618793138-2398098279-1768262542-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.) Adblock Plus за IE (32-битов и 64-битов) (HKLM\...\{F4DB1AB6-0AEC-4B67-ADAD-F3BA4AEC89F0}) (Version: 1.5 - Eyeo GmbH) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Behringer BCD3000 Driver v1.3.4 (HKLM-x32\...\Behringer BCD3000 Driver v1.3.4) (Version: 1.3.4 - Behringer) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Free MP3 Cutter Joiner 10.7 (HKLM-x32\...\{02509E6E-B951-45A8-BF42-ACFAF0D6B4DA}}_is1) (Version: 10.7 - DVDVideoMedia, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden K-Lite Codec Pack 10.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.0 - ) Memory Cleaner 2.00 (HKLM-x32\...\MemClean) (Version: 2.00 - KoshyJohn.com) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mixed In Key 2.5 (HKLM-x32\...\Mixed In Key) (Version: 2.5 - ) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.2.189 - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.9.132 - Native Instruments) Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.7.1.854 - Native Instruments) Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer) VIVACOM 3G USB Modem (HKLM-x32\...\VIVACOM 3G USB Modem) (Version: 21.005.22.07.738 - Huawei Technologies Co.,Ltd) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {099FEA1A-8638-4954-A1A1-8A1718CB7425} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-16] (Google Inc.) Task: {0F87329B-AF20-4D42-BA55-23C5C10E017D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-16] (Google Inc.) Task: {E6094706-C9E6-40CD-AB5D-A780B09C080E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {EC06D3C6-2718-47FE-B911-799C19E06BF6} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-12-01] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-11-30 17:21 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2015-12-18 17:48 - 2015-12-18 17:47 - 00655712 _____ () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\ouc.exe 2015-12-18 17:48 - 2015-12-18 17:47 - 00011362 _____ () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\mingwm10.dll 2015-12-18 17:48 - 2015-12-18 17:47 - 00043008 _____ () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\libgcc_s_dw2-1.dll 2015-12-18 17:48 - 2015-12-18 17:47 - 02415104 _____ () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\QtCore4.dll 2015-12-18 17:48 - 2015-12-18 17:47 - 01148416 _____ () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\QtNetwork4.dll 2015-12-18 17:48 - 2015-12-18 17:47 - 00843264 _____ () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\QueryStrategy.dll 2015-12-18 17:48 - 2015-12-18 17:47 - 00398336 _____ () C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\QtXml4.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2618793138-2398098279-1768262542-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 - 192.168.107.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AEADIFilters => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: hpsrv => 2 MSCONFIG\Services: SDScannerService => 2 MSCONFIG\Services: SDUpdateService => 2 MSCONFIG\Services: SDWSCService => 2 MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_1F734965.html => C:\Windows\pss\HELP_FILE_1F734965.html.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_1F734965.png => C:\Windows\pss\HELP_FILE_1F734965.png.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_2F734965.html => C:\Windows\pss\HELP_FILE_2F734965.html.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_2F734965.png => C:\Windows\pss\HELP_FILE_2F734965.png.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_3F734965.html => C:\Windows\pss\HELP_FILE_3F734965.html.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_3F734965.png => C:\Windows\pss\HELP_FILE_3F734965.png.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_4F734965.html => C:\Windows\pss\HELP_FILE_4F734965.html.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_4F734965.png => C:\Windows\pss\HELP_FILE_4F734965.png.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_5F734965.html => C:\Windows\pss\HELP_FILE_5F734965.html.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_5F734965.png => C:\Windows\pss\HELP_FILE_5F734965.png.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_6F734965.html => C:\Windows\pss\HELP_FILE_6F734965.html.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_6F734965.png => C:\Windows\pss\HELP_FILE_6F734965.png.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_7F734965.html => C:\Windows\pss\HELP_FILE_7F734965.html.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_7F734965.png => C:\Windows\pss\HELP_FILE_7F734965.png.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_8F734965.html => C:\Windows\pss\HELP_FILE_8F734965.html.Startup MSCONFIG\startupfolder: C:^Users^admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HELP_FILE_8F734965.png => C:\Windows\pss\HELP_FILE_8F734965.png.Startup MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SoundMAXPnP => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{19537F68-EAD7-4E6E-B48E-A900A564FEE8}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{473DE86A-4317-4557-AB5C-223225AC76C7}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{88625B67-CCA2-4A47-89C3-9CAE34A87977}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{07B2E54E-4D5E-4F24-8414-2E2AA5B739FE}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E891828F-DBBA-433C-8EC2-4CCBB86E1A35}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BE198D88-4365-4CAD-9862-DE2D8F086D30}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{444BDD34-3B19-4687-88D6-B38C619DB49D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{BB4AEEB4-3EF5-48EB-9720-8D45EE7786D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{BE555006-4776-47F6-9E05-A88788A173C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A21E79C7-6A46-4093-A2FF-A3C0F8FD7299}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{365AF961-5F88-4E66-B46F-7C3213624C66}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe FirewallRules: [{FB15AFCA-B5E4-476A-B4CA-BCDC315CE666}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe FirewallRules: [{C75C1F66-E69C-41A3-856D-5BAD4F5076C0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{F2C25463-D483-461C-91B2-F582B1C28632}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{1DBB352F-5C34-4178-BBD7-9A6EE8E36F96}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{585931AC-C3DB-4478-90AB-4B9D2B864140}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/20/2016 10:48:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/20/2016 10:47:18 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (02/20/2016 08:29:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: explorer.exe, version: 6.1.7601.19135, time stamp: 0x56a1bbe2 Faulting module name: ntdll.dll, version: 6.1.7601.19135, time stamp: 0x56a1c9c5 Exception code: 0xc0000005 Fault offset: 0x0000000000050901 Faulting process id: 0x8d4 Faulting application start time: 0xexplorer.exe0 Faulting application path: explorer.exe1 Faulting module path: explorer.exe2 Report Id: explorer.exe3 Error: (02/20/2016 08:18:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/20/2016 08:16:28 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (02/20/2016 02:05:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/20/2016 02:03:31 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (02/20/2016 01:58:28 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (02/19/2016 09:19:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2016 09:18:30 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. System errors: ============= Error: (02/21/2016 07:17:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (02/21/2016 06:17:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (02/21/2016 05:17:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (02/21/2016 04:17:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (02/21/2016 03:17:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (02/21/2016 02:17:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (02/21/2016 01:17:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (02/21/2016 12:17:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (02/20/2016 11:17:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (02/20/2016 10:47:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The VIVACOM 3G USB Modem. OUC service failed to start due to the following error: %%1053 ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz Percentage of memory in use: 53% Total physical RAM: 3036.27 MB Available physical RAM: 1402.5 MB Total Virtual: 6070.74 MB Available Virtual: 4275.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:46.48 GB) (Free:10.09 GB) NTFS Drive d: () (Fixed) (Total:419.18 GB) (Free:291.61 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 66068FB6) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=46.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=419.2 GB) - (Type=07 NTFS) ==================== End of Addition.txt =========================== Надявам се да успеете да помогнете. Поздрави, Петков Addition_21-02-2016_07-40-31.txt FRST_21-02-2016_07-40-32.txt HELP_FILE_1F734965.html
  6. Здравейте! Преди няколко дена, домашния ми комп. се събуди със съобщение на английски, че файловете са ми криптирани с RSA-4096. За съжаление там са и всички снимки на децата ми - единствената информация, която бих искал да спася. Лошото е че в началото подцених проблема и преинсталирах компа, та затова не знам дали информацията получена от сканирането с FRST ще ви е от полза, но въпреки това ще я постна. И да не забравя криптираните файлове са с разширение XXX Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-01-2015 01 Ran by miro (administrator) on MIRO-PC (16-01-2016 13:15:25) Running from D:\ Loaded Profiles: miro (Available Profiles: miro) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Български (България) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{95E56E67-5BFB-4CB7-9898-ED5C74352748}: [NameServer] 82.119.88.14 8.8.8.8 Internet Explorer: ================== ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc. ) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-16 18:54 - 2016-01-16 18:54 - 00008192 __RSH C:\BOOTSECT.BAK 2016-01-16 18:54 - 2016-01-16 09:07 - 00000000 ____D C:\Windows\Panther 2016-01-16 18:54 - 2010-11-20 23:29 - 00383786 __RSH C:\bootmgr 2016-01-16 13:14 - 2016-01-16 13:15 - 00000000 ____D C:\FRST 2016-01-16 11:29 - 2016-01-16 11:29 - 00000000 ____D C:\Users\miro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-16 11:29 - 2016-01-16 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-01-16 11:25 - 2016-01-16 11:26 - 00000000 ____D C:\Users\miro\AppData\Roaming\WinRAR 2016-01-16 11:24 - 2016-01-16 11:24 - 00000000 ____D C:\Program Files\WinRAR 2016-01-16 11:14 - 2016-01-16 11:15 - 00000923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-01-16 11:14 - 2016-01-16 11:15 - 00000000 ____D C:\Program Files\uTorrent 2016-01-16 11:08 - 2016-01-16 11:19 - 00000000 ____D C:\Users\miro\AppData\Roaming\uTorrent 2016-01-16 09:17 - 2016-01-16 09:17 - 00002218 _____ C:\Users\miro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2016-01-16 09:16 - 2016-01-16 09:17 - 00000000 ____D C:\Users\miro\AppData\Local\Chromium 2016-01-16 09:14 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-01-16 09:14 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-01-16 09:14 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-01-16 09:14 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-01-16 09:14 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-01-16 09:14 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-01-16 09:14 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-01-16 09:13 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-01-16 09:13 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-01-16 09:08 - 2016-01-16 09:08 - 00001401 _____ C:\Users\miro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-01-16 09:08 - 2016-01-16 09:08 - 00000020 ___SH C:\Users\miro\ntuser.ini 2016-01-16 09:08 - 2016-01-16 09:08 - 00000000 ____D C:\Users\miro\AppData\Local\VirtualStore 2016-01-16 09:08 - 2016-01-16 09:08 - 00000000 ____D C:\Users\miro 2016-01-16 09:08 - 2011-04-12 04:24 - 00000000 ____D C:\Users\miro\AppData\Roaming\Media Center Programs 2016-01-16 09:00 - 2016-01-16 09:00 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-01-16 09:00 - 2016-01-16 09:00 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-16 18:54 - 2009-07-14 06:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template 2016-01-16 13:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows 2016-01-16 13:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2016-01-16 12:19 - 2010-11-20 23:01 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-16 12:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf 2016-01-16 12:14 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-16 12:13 - 2009-07-14 06:34 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-16 12:13 - 2009-07-14 06:34 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-16 11:34 - 2011-04-12 04:24 - 00000000 ___RD C:\Users\Public\Recorded TV 2016-01-16 09:00 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-01-16 08:59 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sysprep 2016-01-16 08:56 - 2011-04-12 04:24 - 00000000 ____D C:\Windows\CSC 2016-01-16 08:56 - 2009-07-14 06:33 - 00266808 _____ C:\Windows\system32\FNTCACHE.DAT Some files in TEMP: ==================== C:\Users\miro\AppData\Local\Temp\RTBK.EXE ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-16 12:51 ==================== End of FRST.txt ============================ Addition.txt
  7. Здравейте, преди малко като влязох в C:\ намерих странна папка с наименование - 3590F75ABA9E485486C100C1A9D4FF06Z.ZZZZ..Z....ZZZ , а в нея има още 81 папки с различно разположени ZZZZ.Z.ZZ....Z.Z папки, а в някой от тях намерих и архиви с подобни имена ZZZZ.ZZZZZZ..Z а при тях имаше и ZZZZZ.....Z.Z с .ZZ разширение. FRST.txt Addition.txt
  8. Здравейте , от няколко месеца лаптопа ми работи много бавно и запецва постоянно с една дума не може да се работи за него. FRST.txt Addition.txt
  9. За последните няколко дни ми се случва два-три пъти да ми излезе съобщение за грешка при опит за стартиране на някаква програма. Съобщението което ми излиза е: windows cannot find ... make sure you typed the name correctly and try again. Първия път когато ми излезе беше при опит за инсталиране на един драйвер. Сега ми го изписва при опит за стартиране на зареден .img файл в DaemonTools. Разполагам с диск на ОС. Addition.txt П.П: Пуснах AdwCleaner,JRT,ComboFix и проблема се оправи.
  10. Доставчикът ми спря интернета, защото съм имал вирус и им е пречило на мрежата. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-10-2015 Ran by Niki (administrator) on NIKI-PC (30-10-2015 17:39:26) Running from C:\Users\Niki\Downloads Loaded Profiles: Niki (Available Profiles: Niki) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () D:\Programs\qBittorrent\qbittorrent.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Disc Soft Ltd) D:\Programs\DAEMON Tools Lite\DiscSoftBusService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Daum Kakao) D:\Programs\PotPlayer\PotPlayerMini64.exe (Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1283192 2015-07-01] (QIHU 360 SOFTWARE CO. LIMITED) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-06-18] (Razer Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKU\S-1-5-21-3480637338-448579713-385441971-1000\...\Run: [DAEMON Tools Lite Automount] => D:\Programs\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-3480637338-448579713-385441971-1000\...\Run: [qBittorrent] => D:\Programs\qBittorrent\qbittorrent.exe [14725120 2015-07-11] () HKU\S-1-5-21-3480637338-448579713-385441971-1000\...\MountPoints2: E - E:\Setup.exe HKU\S-1-5-21-3480637338-448579713-385441971-1000\...\MountPoints2: F - F:\setup.exe HKU\S-1-5-21-3480637338-448579713-385441971-1000\...\MountPoints2: {5f9d0b13-2adb-11e5-92c8-74d4359d227e} - E:\autorun.exe HKU\S-1-5-21-3480637338-448579713-385441971-1000\...\MountPoints2: {62012ba2-287b-11e5-9566-74d4359d227e} - F:\setup.exe HKU\S-1-5-21-3480637338-448579713-385441971-1000\...\MountPoints2: {9e93a5c8-4bdd-11e5-ad96-74d4359d227e} - G:\autorun.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C101276D-53CD-48BE-996A-C855929199A5}: [DhcpNameServer] 46.40.72.13 46.40.72.25 Tcpip\..\Interfaces\{C2CCF3F7-53AF-470A-9B97-AF16D17AF127}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKU\S-1-5-21-3480637338-448579713-385441971-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKLM -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} SearchScopes: HKLM -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} SearchScopes: HKLM-x32 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} SearchScopes: HKU\S-1-5-21-3480637338-448579713-385441971-1000 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} SearchScopes: HKU\S-1-5-21-3480637338-448579713-385441971-1000 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms} BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-07-01] (Qihu 360 Software Co., Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-20] (Oracle Corporation) BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-07-01] (Qihu 360 Software Co., Ltd.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-20] (Oracle Corporation) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://vbox7.com/ CHR StartupUrls: Default -> "hxxp://find.localstrike.net/","hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592","hxxp://search.searchonme.com/","" CHR Profile: C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Adblock Plus) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-22] CHR Extension: (Google Search) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Chrome Web Store Payments) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR Extension: (Gmail) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-11] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-06-22] (Advanced Micro Devices) [File not signed] R3 Disc Soft Lite Bus Service; D:\Programs\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) S2 MBAMService; D:\Programs\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [858232 2015-07-01] (QIHU 360 SOFTWARE CO. LIMITED) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-01-14] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-07-01] (360.cn) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-07-01] (360.cn) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-07-01] (360.cn) S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-07-01] (360.cn) R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [361552 2015-07-01] (360.cn) R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [297672 2015-06-23] (Advanced Micro Devices) R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-07-01] (Qihu 360 Software Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-12] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2212496 2014-07-04] (MediaTek Inc.) R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.) S3 xhunter1; C:\Windows\xhunter1.sys [37416 2015-10-28] (Wellbia.com Co., Ltd.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-30 17:39 - 2015-10-30 17:39 - 00011922 _____ C:\Users\Niki\Downloads\FRST.txt 2015-10-30 16:46 - 2015-10-30 16:46 - 00031968 _____ C:\Users\Niki\Downloads\house.601.602.broken-notv(subsunacs.net).zip 2015-10-30 15:19 - 2015-10-30 17:39 - 00000000 ____D C:\FRST 2015-10-30 15:19 - 2015-10-30 15:19 - 02198016 _____ (Farbar) C:\Users\Niki\Downloads\FRST64.exe 2015-10-29 15:05 - 2015-10-30 15:13 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-10-29 15:05 - 2015-10-29 15:05 - 00000726 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-10-29 15:05 - 2015-10-29 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-10-29 15:05 - 2015-10-29 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-10-29 15:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-10-29 15:05 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-10-29 15:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2015-10-29 14:56 - 2015-10-29 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7 2015-10-29 14:56 - 2015-10-29 14:56 - 00000000 ____D C:\Windows\system32\appmgmt 2015-10-28 23:43 - 2015-10-28 23:43 - 00037416 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys 2015-10-20 14:15 - 2015-10-29 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Is Strange Episode 5 2015-10-15 20:19 - 2015-10-15 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal 2015-10-06 14:55 - 2015-10-06 14:55 - 00000000 ____D C:\ProgramData\Orbit 2015-10-06 14:21 - 2015-10-29 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4 - Gold Edition 2015-10-03 09:51 - 2015-10-03 10:15 - 00000000 ____D C:\Users\Niki\Documents\Mount&Blade Warband Savegames 2015-10-03 09:50 - 2015-10-03 09:51 - 00000000 ____D C:\Users\Niki\AppData\Roaming\Mount&Blade Warband 2015-10-03 09:50 - 2015-10-03 09:50 - 00000000 ____D C:\Users\Niki\Documents\Mount&Blade Warband 2015-10-02 20:17 - 2015-10-29 15:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband 2015-10-02 20:17 - 2015-10-02 20:17 - 00000000 ____D C:\Users\Niki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-30 16:43 - 2015-07-11 19:21 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-30 16:23 - 2009-07-14 06:51 - 00105373 _____ C:\Windows\setupact.log 2015-10-30 15:41 - 2015-07-14 15:21 - 00000000 __SHD C:\$360Section 2015-10-30 15:41 - 2015-07-11 19:25 - 00000000 ____D C:\ProgramData\360Quarant 2015-10-30 15:41 - 2015-07-11 19:23 - 00000000 ____D C:\ProgramData\360safe 2015-10-30 15:30 - 2015-07-11 19:21 - 00004004 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-10-30 15:30 - 2015-07-11 19:21 - 00003750 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-10-30 15:30 - 2015-07-11 19:21 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-30 15:10 - 2015-07-11 18:58 - 01915490 _____ C:\Windows\WindowsUpdate.log 2015-10-29 23:57 - 2015-07-11 19:31 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bbff5ee4acd6.job 2015-10-29 15:24 - 2015-07-11 19:23 - 00000000 ____D C:\Users\Niki\AppData\LocalLow\360WD 2015-10-29 15:20 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-29 15:20 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-29 15:17 - 2009-07-14 07:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-29 15:13 - 2015-07-11 19:26 - 00000000 ____D C:\Users\Niki\AppData\Roaming\qBittorrent 2015-10-29 15:12 - 2015-07-11 19:47 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2015-10-29 15:12 - 2010-11-21 05:47 - 00023986 _____ C:\Windows\PFRO.log 2015-10-29 15:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-29 15:08 - 2015-09-05 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Gear Solid V Ground Zeroes 2015-10-29 15:08 - 2015-09-04 08:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Naruto Shippuden Ultimate Ninja Storm Revolution 2015-10-29 13:03 - 2015-07-11 19:21 - 00058848 _____ C:\Users\Niki\AppData\Local\GDIPFONTCACHEV1.DAT 2015-10-29 13:02 - 2009-07-14 06:45 - 00274000 _____ C:\Windows\system32\FNTCACHE.DAT 2015-10-28 04:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-10-23 20:47 - 2015-07-11 19:21 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-10-20 22:38 - 2015-07-11 19:23 - 00000000 _RSHD C:\360SANDBOX 2015-10-20 14:27 - 2015-07-12 17:02 - 00000000 ____D C:\Users\Niki\Documents\My Games 2015-10-16 13:52 - 2015-08-05 16:13 - 00000000 ____D C:\Users\Niki\AppData\Local\Microsoft Games 2015-10-15 20:20 - 2015-07-12 16:56 - 00065019 _____ C:\Windows\DirectX.log 2015-10-15 20:20 - 2015-07-11 19:40 - 00000000 ____D C:\ProgramData\Package Cache 2015-10-15 15:07 - 2015-07-11 20:22 - 00000866 _____ C:\Users\Niki\Desktop\Counter-Strike WaRzOnE.lnk 2015-10-10 18:42 - 2015-07-17 21:15 - 00000000 ____D C:\Users\Niki\Desktop\avatars ==================== Files in the root of some directories ======= 2015-07-17 20:37 - 2015-07-17 20:37 - 0001456 _____ () C:\Users\Niki\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-07-16 17:29 - 2015-07-16 17:31 - 1065984 _____ () C:\Users\Niki\AppData\Local\file__0.localstorage Some files in TEMP: ==================== C:\Users\Niki\AppData\Local\Temp\abf3d91912692e44029523851daad156.dll C:\Users\Niki\AppData\Local\Temp\AutoRun.exe C:\Users\Niki\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Niki\AppData\Local\Temp\EAInstall.dll C:\Users\Niki\AppData\Local\Temp\f1110d733c8939dcd961030d636e45d3.dll C:\Users\Niki\AppData\Local\Temp\SIntf16.dll C:\Users\Niki\AppData\Local\Temp\SIntf32.dll C:\Users\Niki\AppData\Local\Temp\SIntfNT.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-10-21 03:30 ==================== End of FRST.txt ============================ Addition.txt
  11. Добър ден, искам да попитам дали не съм се заразил с някоя гадинка тъй като от около седмица пц-то работи доста бавно,като дори когато в момента пиша това и натисна дясно копче върху самият сайт то отворения прозорец остава така замазан на екрана както и ако отворя някоя друга програма върху сайта или друг няма значение. Дали случайно не съм се напълнил с гадинки или просто лин-а е просто за преинсталация и е доста намазан ? Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 8.02.2019 Ran by GAMEPC (administrator) on GAMEPC-PC (10-02-2019 12:37:44) Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [StereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [2362248 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Viber] => C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe [37073480 2019-01-30] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Spotify] => C:\Users\GAMEPC\AppData\Roaming\Spotify\Spotify.exe [26154216 2019-02-03] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35195280 2019-02-01] (Epic Games Inc. -> Epic Games, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc -> Google Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 94.72.140.1 Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 94.72.140.1 Internet Explorer: ================== HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: mrpwyf7s.default FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2019-01-31] FF user.js: detected! => C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\user.js [2019-01-02] FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2019-01-31] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] () FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-30] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-30] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.bg/" CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2019-02-10] CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08] CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (Hoxx VPN Proxy) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2019-01-23] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-08] CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-12-20] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-01-31] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-07-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 mracsvc; C:\Windows\System32\mracsvc.exe [11132176 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8019808 2018-03-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Windows -> Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [28216 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [13287800 2019-02-01] (FACE IT LIMITED -> ) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (Martin Malik - REALiX -> REALiX(tm)) S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [10348560 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [34872 2009-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-10 12:37 - 2019-02-10 12:38 - 000016274 _____ C:\Users\GAMEPC\Downloads\FRST.txt 2019-02-10 12:37 - 2019-02-10 12:37 - 002434048 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe 2019-02-10 12:37 - 2019-02-10 12:37 - 000000000 ____D C:\FRST 2019-02-09 10:46 - 2019-02-09 10:46 - 008736903 _____ C:\Users\GAMEPC\Downloads\5. Курве.mp4 2019-02-08 23:47 - 2019-02-08 23:47 - 000004811 _____ C:\Users\GAMEPC\Downloads\niko.zip 2019-02-08 03:03 - 2019-02-08 03:03 - 067321320 _____ (Electronic Arts) C:\Users\GAMEPC\Downloads\ApexLegendsInstaller.exe 2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS.torrent 2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS (1).torrent 2019-02-06 13:10 - 2019-02-06 13:10 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Viber 2019-02-05 14:41 - 2019-02-05 14:41 - 014648464 _____ (Microsoft Corporation) C:\Users\GAMEPC\Downloads\vc_redist.x86.exe 2019-02-04 20:49 - 2019-01-30 22:07 - 000133512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2019-02-04 20:47 - 2019-02-04 20:49 - 000000000 ____D C:\Windows\LastGood 2019-02-04 20:45 - 2019-02-01 23:36 - 000228768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2019-02-04 20:45 - 2019-02-01 23:36 - 000047592 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000551920 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000457304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2019-02-04 20:45 - 2019-02-01 03:41 - 071470016 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 040344024 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 030021616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 020887352 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 020409840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2019-02-04 20:45 - 2019-02-01 03:41 - 001463952 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 001129368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000631440 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000521872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000419832 _____ C:\Windows\system32\nvofapi64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000368808 _____ C:\Windows\SysWOW64\nvofapi.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 040235096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 035140696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 004868080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 004339616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 002030736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001734560 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441881.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001533936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441881.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 000497056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 035477392 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 031989600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 029985200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 021206192 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 020096416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 017616432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 010894304 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 009254488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 001168936 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000914912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000524248 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000450648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000419776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000182040 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000163184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000159480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000141568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2019-02-04 20:45 - 2019-02-01 03:38 - 017424680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2019-02-04 20:45 - 2019-02-01 03:38 - 004311968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\system32\nv-vk64.json 2019-02-04 00:33 - 2019-02-04 00:33 - 000016205 _____ C:\Users\GAMEPC\Downloads\Beautiful.Creature.2013.BRRip.XviD.AC3.BGAUDiO-SiSO&QT.torrent 2019-02-02 19:10 - 2019-02-02 19:10 - 000032425 _____ C:\Users\GAMEPC\Downloads\Speed.2.1997.DVDRip.XviD.BGAUDiO-ZmN.torrent 2019-02-02 19:09 - 2019-02-02 19:09 - 000056272 _____ C:\Users\GAMEPC\Downloads\Speed 2 (1997)[DVDRip].torrent 2019-01-31 21:58 - 2019-01-31 21:58 - 000061719 _____ C:\Users\GAMEPC\Downloads\ggirl_din.(subs.sab.bz).rar 2019-01-31 21:58 - 2019-01-31 21:58 - 000012712 _____ C:\Users\GAMEPC\Downloads\Gone.Girl.2014.576p.BRRip.x265-DiN.torrent 2019-01-30 22:43 - 2019-01-30 22:43 - 000023223 _____ C:\Users\GAMEPC\Downloads\The.Call.2013.720p.BluRay.x264_SPARKS.(subs.sab.bz).zip 2019-01-30 22:43 - 2019-01-30 22:43 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR (1).torrent 2019-01-30 22:41 - 2019-01-30 22:41 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR.torrent 2019-01-30 22:22 - 2019-01-30 22:22 - 000028835 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.DC.2004.720p.HDDVD.x264_ESiR.(subs.sab.bz).zip 2019-01-30 22:22 - 2019-01-30 22:22 - 000019710 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.2004.DC.BRRip.x264.AAC-WAR.torrent 2019-01-29 20:26 - 2019-01-29 20:26 - 000029511 _____ C:\Users\GAMEPC\Downloads\The_Cloverfield_Paradox.2018.HDRip.XViD_ETRG.(subs.sab.bz).zip 2019-01-29 20:26 - 2019-01-29 20:26 - 000008066 _____ C:\Users\GAMEPC\Downloads\The.Cloverfield.Paradox.2018.HDRip.XviD.AC3-EVO.torrent 2019-01-29 20:22 - 2019-01-29 20:22 - 000029721 _____ C:\Users\GAMEPC\Downloads\tucker.and.dale.vs.evil.2010.bluray.720p.dts.x264-chd(subsunacs.net).rar 2019-01-29 20:21 - 2019-01-29 20:21 - 000014671 _____ C:\Users\GAMEPC\Downloads\Tucker.And.Dale.vs.Evil.2010.BRRip.XviD-DiN.torrent 2019-01-29 20:11 - 2019-01-29 20:11 - 000014405 _____ C:\Users\GAMEPC\Downloads\Predators.2010.DVDRip.XviD.BG.AUDIO-BDB.torrent 2019-01-29 20:03 - 2019-01-29 20:03 - 000011568 _____ C:\Users\GAMEPC\Downloads\Pandorum.2008.1080p.BluRay.H264.AAC.Dual Audio-ASA.torrent 2019-01-29 19:56 - 2019-01-29 19:56 - 000015401 _____ C:\Users\GAMEPC\Downloads\Abraham.Lincoln.Vampire.Hunter.2012.480p.BDRip.x264.DUAL-SLSS.torrent 2019-01-29 19:55 - 2019-01-29 19:55 - 000027007 _____ C:\Users\GAMEPC\Downloads\cocaine.godmother.2017.720p.webrip.x264-yts.am(subsunacs.net).rar 2019-01-29 19:55 - 2019-01-29 19:55 - 000013125 _____ C:\Users\GAMEPC\Downloads\Cocaine.Godmother.2017.WEBRip.x265-DiN.torrent 2019-01-29 17:26 - 2019-01-29 17:26 - 000014876 _____ C:\Users\GAMEPC\Downloads\api-ms-win-crt-runtime-l1-1-0.dll_85.rar 2019-01-28 17:46 - 2019-01-28 17:46 - 000017617 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.720p.BluRay.x264_DON.(subs.sab.bz).rar 2019-01-28 17:46 - 2019-01-28 17:46 - 000014588 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.BDRp.XviD.AC3-WAR.torrent 2019-01-28 00:46 - 2019-01-28 00:46 - 000014403 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi (1).torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000033323 _____ C:\Users\GAMEPC\Downloads\top.gear.at.the.movies.2011.bdrip.xvid-taste(subsunacs.net).rar 2019-01-28 00:02 - 2019-01-28 00:02 - 000014764 _____ C:\Users\GAMEPC\Downloads\Top.Gear.At.The.Movies.2011.BDRip.XviD-TASTE.torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000014423 _____ C:\Users\GAMEPC\Downloads\Top.Gear.S14E06.DVBRip.XviD.BGAudio.torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000011585 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Great.African.Adventure.2013.720p.BluRay.x264.torrent 2019-01-28 00:00 - 2019-01-28 00:00 - 000036810 _____ C:\Users\GAMEPC\Downloads\Top_Gear_India_Special.(subs.sab.bz).rar 2019-01-27 23:59 - 2019-01-27 23:59 - 000014401 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi.torrent 2019-01-26 04:50 - 2019-01-26 04:50 - 000011416 _____ C:\Users\GAMEPC\Downloads\Top Gear - Burma Special.torrent 2019-01-26 04:47 - 2019-01-26 04:47 - 000020539 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Worst.Car.In.The.History.Of.The.World.2012.720p.BluRay.x264.torrent 2019-01-25 04:45 - 2019-01-25 04:45 - 000016631 _____ C:\Users\GAMEPC\Downloads\Top Gear - Season 16.torrent 2019-01-23 23:26 - 2019-01-23 23:26 - 000000219 _____ C:\Users\GAMEPC\Desktop\Counter-Strike Global Offensive.url 2019-01-20 15:34 - 2019-01-20 15:34 - 000094134 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x08.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000092379 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x07.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000086708 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x06.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000067819 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x10.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000063437 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x09.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000055727 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x05.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000051267 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x11.(subs.sab.bz).zip 2019-01-19 22:51 - 2019-01-19 22:51 - 000000222 _____ C:\Users\GAMEPC\Desktop\DiRT 3 Complete Edition.url 2019-01-19 17:40 - 2019-01-19 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-01-18 18:47 - 2019-01-18 18:47 - 000091478 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x04.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:47 - 000104011 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E02.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:47 - 000086312 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x03.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:46 - 000101264 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E01.(subs.sab.bz).zip 2019-01-18 18:45 - 2019-01-18 18:45 - 000038914 _____ C:\Users\GAMEPC\Downloads\The.Grand.Tour.S02.WEBRip.X264-Mixed.torrent 2019-01-18 18:43 - 2019-01-18 18:43 - 000028976 _____ C:\Users\GAMEPC\Downloads\_Yavka.net_Goosebumps.2.Haunted.Halloween.2018.720p.BluRay.H264.AAC-RARBG.rar 2019-01-18 18:42 - 2019-01-18 18:42 - 000014612 _____ C:\Users\GAMEPC\Downloads\Goosebumps.2.Haunted.Halloween.2018.BRRip.XViD-ETRG.torrent 2019-01-18 17:30 - 2019-01-18 17:36 - 032841688 _____ C:\Users\GAMEPC\Downloads\masturbira pred kamera.flv 2019-01-18 17:30 - 2019-01-18 17:32 - 011506791 _____ C:\Users\GAMEPC\Downloads\Bulgarian teen girl selfshot her orgasm - xHamster.com.flv 2019-01-18 17:29 - 2019-01-18 17:50 - 196627499 _____ C:\Users\GAMEPC\Downloads\Тийнейджърка.mkv 2019-01-18 17:27 - 2019-01-18 17:28 - 021624320 _____ C:\Users\GAMEPC\Downloads\Maria Bratoeva - Ruse.avi 2019-01-18 17:27 - 2019-01-18 17:27 - 003177723 _____ C:\Users\GAMEPC\Downloads\Cumming on my girlfriend's tits and face - xHamster.com.flv 2019-01-18 17:27 - 2019-01-18 17:27 - 001862496 _____ C:\Users\GAMEPC\Downloads\SEX Denica Stoqnova .3gp 2019-01-18 17:27 - 2019-01-18 17:27 - 000215130 _____ C:\Users\GAMEPC\Downloads\Seks v kenefa.3gp 2019-01-18 17:13 - 2019-01-18 17:23 - 096802616 _____ C:\Users\GAMEPC\Downloads\PUTIBG_9-2. от Асеновград пред камератаvideo (1).flv 2019-01-18 14:31 - 2019-01-18 14:31 - 000003476 _____ C:\Users\GAMEPC\Downloads\d2c4a999-a7cb-4247-957e-b682f76cd2ea-profile_image-70x70.jpeg 2019-01-18 00:46 - 2019-01-18 00:46 - 000000218 _____ C:\Users\GAMEPC\Desktop\Counter-Strike.url 2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina.avi 2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina (1).avi 2019-01-17 16:57 - 2019-01-17 16:57 - 007733248 _____ C:\Users\GAMEPC\Downloads\Mimi Kavarna.3gp 2019-01-16 15:51 - 2019-01-16 15:51 - 002824729 _____ C:\Users\GAMEPC\Downloads\IMG_2378.MOV 2019-01-15 17:01 - 2019-01-12 06:02 - 000383568 _____ C:\Windows\system32\nvofapi.dll 2019-01-15 17:00 - 2019-01-12 06:01 - 002018184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441771.dll 2019-01-15 17:00 - 2019-01-12 06:01 - 001467648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441771.dll 2019-01-13 21:23 - 2019-01-13 21:23 - 000016563 _____ C:\Users\GAMEPC\Downloads\The.Hangover.Part.II.2011.BDRip.XviD.AC3.DUAL-REFLUX.torrent 2019-01-13 21:17 - 2019-01-13 21:17 - 000014673 _____ C:\Users\GAMEPC\Downloads\Accepted[2006]DvDrip[Eng]-aXXo.torrent 2019-01-13 21:09 - 2019-01-13 21:09 - 000014129 _____ C:\Users\GAMEPC\Downloads\The.Social.Network.2010.BDRip.XviD.AC3.BGAUDiO-SiSO.torrent 2019-01-11 01:57 - 2019-01-11 21:58 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\PokerStars.BG 2019-01-11 01:57 - 2019-01-11 02:00 - 000000000 ____D C:\Program Files (x86)\PokerStars.BG 2019-01-11 01:57 - 2019-01-11 01:57 - 000002008 _____ C:\Users\GAMEPC\Desktop\PokerStars.bg.lnk 2019-01-11 01:57 - 2019-01-11 01:57 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.BG 2019-01-11 01:56 - 2019-01-11 01:56 - 002174984 _____ (Rational Intellectual Holdings Ltd.) C:\Users\GAMEPC\Downloads\PokerStarsInstallBG.exe ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-10 12:25 - 2017-09-23 17:42 - 000000000 ____D C:\Program Files (x86)\Steam 2019-02-10 12:25 - 2017-09-08 13:03 - 000000000 ____D C:\ProgramData\NVIDIA 2019-02-10 03:18 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-02-10 03:18 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-02-10 01:24 - 2017-09-19 22:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\TS3Client 2019-02-09 17:55 - 2019-01-09 00:51 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Spotify 2019-02-09 17:37 - 2019-01-09 00:50 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Spotify 2019-02-09 10:55 - 2017-12-06 18:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ViberPC 2019-02-07 15:31 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Opera 2019-02-07 01:05 - 2018-04-14 10:49 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Ubisoft Game Launcher 2019-02-07 00:01 - 2017-09-10 00:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\qBittorrent 2019-02-05 14:13 - 2017-09-08 13:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA 2019-02-04 20:50 - 2017-09-08 12:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-02-04 20:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-02-04 20:49 - 2017-09-08 12:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-02-04 20:46 - 2017-09-08 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2019-02-03 18:42 - 2017-09-08 14:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\CrashDumps 2019-02-01 23:36 - 2017-09-08 12:19 - 001682392 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2019-02-01 21:20 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-02-01 21:19 - 2018-12-29 22:14 - 013287800 _____ C:\Windows\system32\Drivers\FACEIT.sys 2019-02-01 03:40 - 2017-09-08 12:22 - 037286456 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2019-02-01 03:39 - 2017-09-08 13:02 - 000506208 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2019-02-01 03:38 - 2017-09-08 13:02 - 004868928 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2019-01-31 22:19 - 2018-12-29 22:14 - 000000000 ____D C:\Program Files\FACEIT AC 2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-01-31 15:01 - 2017-09-08 12:51 - 000000000 ____D C:\Users\GAMEPC\AppData\LocalLow\Mozilla 2019-01-31 08:26 - 2017-09-08 12:21 - 000046936 _____ C:\Windows\system32\nvinfo.pb 2019-01-31 08:26 - 2017-09-08 12:20 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2019-01-30 22:09 - 2017-09-08 13:03 - 005364776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 002624824 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000124968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2019-01-30 15:15 - 2017-09-08 13:03 - 008488852 _____ C:\Windows\system32\nvcoproc.bin 2019-01-29 17:21 - 2017-10-13 15:36 - 000000000 ____D C:\Users\GAMEPC\Documents\ViberDownloads 2019-01-26 16:03 - 2017-09-08 13:03 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2019-01-25 16:58 - 2018-08-04 01:57 - 000000000 ____D C:\ProgramData\TruckersMP 2019-01-21 14:28 - 2017-09-26 23:48 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\ElevatedDiagnostics 2019-01-19 23:47 - 2018-07-27 17:56 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2019-01-19 17:40 - 2017-09-08 13:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Skype 2019-01-19 17:40 - 2017-09-08 12:39 - 000001318 _____ C:\Users\Public\Desktop\Skype.lnk 2019-01-19 17:40 - 2017-09-08 12:39 - 000000000 ____D C:\ProgramData\Skype 2019-01-19 17:39 - 2017-09-08 12:39 - 000000000 ___RD C:\Program Files (x86)\Skype 2019-01-12 02:01 - 2017-09-08 13:02 - 000505696 _____ (NVIDIA Corporation) C:\Windows\system32\SET3358.tmp 2019-01-12 02:01 - 2017-09-08 12:22 - 036884408 _____ (NVIDIA Corporation) C:\Windows\system32\SET39DF.tmp 2019-01-12 01:59 - 2017-09-08 13:02 - 004850072 _____ (NVIDIA Corporation) C:\Windows\system32\SETE88.tmp ==================== Files in the root of some directories ======= 2018-12-17 20:42 - 2018-12-23 18:48 - 000007597 _____ () C:\Users\GAMEPC\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== 2019-01-29 04:11 - 2019-01-29 04:11 - 000000196 _____ () C:\Users\GAMEPC\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll 2019-01-02 23:12 - 2019-01-06 00:10 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\25bac1013fc49581f9f82c556d27f9bb.dll 2019-01-29 04:11 - 2019-02-09 21:58 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\d92b9ce5f9f41a6d518fdcbc62bd3532.dll 2019-01-15 17:01 - 2019-01-11 11:31 - 000397520 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvStInst.exe 2019-01-19 17:38 - 2019-01-19 17:39 - 062928040 _____ (Skype Technologies S.A.) C:\Users\GAMEPC\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-02-02 06:31 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 8.02.2019 Ran by GAMEPC (10-02-2019 12:38:44) Running from C:\Users\GAMEPC\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-09-08 09:32:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2297230751-1021565052-1431566534-500 - Administrator - Disabled) GAMEPC (S-1-5-21-2297230751-1021565052-1431566534-1000 - Administrator - Enabled) => C:\Users\GAMEPC Guest (S-1-5-21-2297230751-1021565052-1431566534-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) ATI Catalyst Install Manager (HKLM\...\{DC9C8BC1-72CE-B5FE-EA4F-6D9127E51746}) (Version: 3.0.736.0 - ATI Technologies, Inc.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP) CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.81 - NVIDIA Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD) FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation) Google Chrome (HKLM\...\{DA081EB6-F64C-358C-9BB0-AF1EA8001F34}) (Version: 71.0.3578.98 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Bulgarian/български (HKLM-x32\...\Office14.OMUI.bg-bg) (Version: 14.0.4763.1021 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Mozilla Firefox 64.0.2 (x64 bg) (HKLM\...\Mozilla Firefox 64.0.2 (x64 bg)) (Version: 64.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 418.81 - NVIDIA Corporation) NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation) NVIDIA Graphics Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 418.81 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation) NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software) PokerStars.bg (HKLM-x32\...\PokerStars.bg) (Version: - PokerStars.bg) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.16291 - Kakao Corp.) PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8556 - Kakao Corp.) qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games) Skype, версия 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Spotify) (Version: 1.0.99.250.g936eab8d - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) Viber (HKLM-x32\...\{0235CB19-2284-4C34-9CF9-04078CF94C32}) (Version: 7.7.0.1126 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{f37aa91a-8669-4ac1-bb40-8cc05c3beca1}) (Version: 7.7.0.1126 - Viber Media Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinRAR 5.50 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1EC5AF9E-5A52-4FE5-A2E8-539165748CC5} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {29CD2B59-F360-4EA0-8046-E993FB989355} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {3216E845-2829-4DBE-AA88-3252ACB814DC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C} - System32\Tasks\{76A40252-E785-4407-9A98-34E12F6F05C9} => C:\Windows\system32\pcalua.exe -a "c:\program files (x86)\hi-rez studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0 Task: {47FB829C-5030-4A81-8AE1-E19E047EF8CF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {593E836D-18E7-4C3A-A10E-E739556F42F1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {64503CA0-D96B-485A-A2ED-32E1ADEC5130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.) Task: {82C47114-5EDD-46D5-95B9-AA03FCB16F9C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {94F3AB4C-229D-4981-8100-F63CF93E0D45} - System32\Tasks\Opera scheduled Autoupdate 1504866897 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software) Task: {96F1B500-22FF-4448-9D51-718DA940360E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9D60B4F8-D682-4540-9CBB-BBA043460DF1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A19D33FF-7FBC-4D6F-B122-FFBC2947D956} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {A95A63BB-59FF-4E60-A4BC-C4AF14655608} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B7BAE40D-B03C-4ABB-BBB5-9C26431B4B11} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {CB523FAF-057C-440F-B17F-8A36BBB5394E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F67C982E-B27B-4B4D-B6F1-B5474BEA2341} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {F77C5DF3-2A9F-4C58-909F-C3F4DFDE4752} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FB761E82-2ABF-4B7D-A0A8-3F00F3533DD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2010-01-09 19:17 - 2010-01-09 19:17 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2018-05-24 21:15 - 2018-12-06 12:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-08-29 01:53 - 2018-12-06 01:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-08-29 01:53 - 2018-11-20 02:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2018-08-29 01:53 - 2018-11-20 02:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-08-29 01:53 - 2018-11-20 02:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2018-12-12 21:53 - 2018-12-12 07:12 - 002682336 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libglesv2.dll 2018-12-12 21:53 - 2018-12-12 07:12 - 000156640 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libegl.dll 2017-09-08 13:04 - 2018-12-06 12:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-09-23 17:44 - 2018-12-06 01:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-09-23 17:44 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-09-23 17:44 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-09-23 17:44 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-09-23 17:44 - 2019-02-02 19:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2017-09-23 17:44 - 2019-02-02 19:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-09-23 17:43 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\hola.org -> hxxp://hola.org ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 94.72.140.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: FACEIT => "C:\Users\GAMEPC\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{11074DEE-7B8C-4DC2-AE4C-93DF0A309913}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D19357FE-92D5-4C15-865D-6BA1144E3141}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{21EB0059-8DA7-4F26-8EBC-947F0C4E2AAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{F8BB1871-4D02-4C5E-A222-4D557710B3E1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{831352BE-7396-43E6-9657-9ED9D8BAB30D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{AB5ACC3F-22CB-469F-9EB3-8D69417E7CD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{43ADA9C0-2E56-45D1-B73D-9C89040C463D}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{06129773-C563-4DFF-8D34-BEA82843A4F0}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [TCP Query User{A7A3205E-5145-4588-981D-700ACBF67C2F}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [UDP Query User{FCB7CF1E-D214-47B7-8337-D288C7BAF41D}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [TCP Query User{0D1FADB8-FCE1-4E0E-B19A-D5490965A994}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [UDP Query User{F6FECCC1-1C2E-45A5-B7AC-EAF4B88229DF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [TCP Query User{DEFA441A-0140-4630-9B49-0F0DB88705EC}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.) FirewallRules: [UDP Query User{2F3AD7BE-C36D-4E24-BFFA-EED5BE5D11F4}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.) FirewallRules: [{3B7D3801-5557-4905-A940-9FFB3D9419C2}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe () FirewallRules: [{B5A843B5-4869-438A-A418-D42BF3EC672D}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe () FirewallRules: [{B5E37EE1-9BE1-4B57-9AD5-EEF981D7F031}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () FirewallRules: [{DC6EA5CC-0B14-4DA5-BA55-E772E5860678}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () FirewallRules: [{C118432B-871D-4268-9C07-248641F7E265}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited) FirewallRules: [{9A5D2120-07BE-4587-9767-DFFC0484207F}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited) FirewallRules: [{CC5A4281-306D-4711-91C7-E00E2ABEBC40}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () FirewallRules: [{8A4DCBEC-E89C-462E-8216-8A9A38C394ED}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () FirewallRules: [{BA413E19-022B-4719-B578-4F0E6C99F5FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FDAF511F-0C5C-4E27-8950-6B78D13412DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{B1B4DF97-831E-413C-A928-4176B7B76801}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [UDP Query User{8691C936-9089-4A6A-9831-A0087C639A9C}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [{FF76D716-DBA6-437A-A34F-847AF6AB88AD}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{13A0D233-1007-4376-A4B4-1DA27C101ECB}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{86D55748-40A6-4288-AEF7-2C0B25BDF778}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [UDP Query User{D8AE6DDF-C0F2-475C-AB9C-B84C11DDC8AB}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [TCP Query User{695C8135-FF2C-4E94-9566-E526643684CA}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [UDP Query User{3091889E-265D-4648-88DF-CEE54431325D}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [{19A95D83-1997-4E1D-B782-E9518C66DFBB}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{A1F359C7-4712-4555-B250-972DC5238157}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{9310E9DD-E024-4761-B062-698FB0E3AB13}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{F2B11A3B-CC53-4DFF-B8AC-3ADDA6F5D794}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{DB2F74E8-C7EB-44B3-81D7-12B84175E2EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E44676E1-030C-4238-B65F-434792B61DE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{0E47D0AA-C664-4226-B706-39D5D9E15552}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{0FE9DEBC-25B9-4A7D-A2B1-D61EE33E7F27}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [TCP Query User{0E86F5BD-F2B3-4EF9-8B0C-48823DA809CB}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [UDP Query User{0C5E839A-52EC-40D4-969E-24F12ED8D2D0}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [TCP Query User{8796E73D-79C0-4D0B-AF34-FB3AF9BCC9BA}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [UDP Query User{EFB29360-AB3A-4A44-9CB4-EF91CEBDB39C}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [{CE4CC83D-33DB-4941-B63E-839395BEF26D}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{62B0C736-3662-4965-ABCF-C095480B3E5E}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{91266298-136D-4BB3-8C13-A850A76C9BF1}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{E3EAEE44-6095-4A5E-BE2F-F3E3F8349E0A}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{12A4A27A-BB67-48E9-9C50-3BFF7FAFB778}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{AEEB531B-9796-4704-ACF2-4D21152475BF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{7F3749E0-59C1-4422-B6F5-FB6E3727295D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{60F8D80B-FA92-4B64-93F5-05A4F7DADF00}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{2D541380-97BF-4291-BDBE-2F2228CAEA60}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{127D37C8-619F-462E-BE1A-E32131065FF4}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{3AE125A7-E2F2-4264-9007-75C3A531B173}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) FirewallRules: [{9CB2E9CF-4CF5-4270-90C8-708DF5C9EA41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5DDB721B-805F-4405-9439-CF48D05CD91D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FBCDCF18-DF9A-480D-8245-D45ACCBABE9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{38AC95F2-BD01-4E8B-9093-31663D8E317A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{458841A3-2771-481D-884C-B7930C379C97}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{235BAD27-D13D-420B-8B97-7A919F070DAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{13789DD3-E1EC-4822-B391-E7109AE3CC48}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [TCP Query User{3DE0592A-8D12-447D-939D-BCA439AFF137}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{33216198-C2C2-482B-9DC9-2D0D13DBB4FA}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BC1B52E7-C2B8-4017-8791-69B710F1CCBB}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{270B0322-3799-457B-960A-455318931953}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{A13AA196-1978-4C67-902B-2460B54A5BBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{EF08AF4C-3154-4DAB-BCE6-F39115FD1EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{DFBF8C13-3341-468F-9043-C61EE1DF2608}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{64832D58-8D2F-49F2-9821-FC19B1E90DA6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{26B327D5-AC62-4B35-9E8A-241677C45E6B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{17F7F489-79F0-4B1E-8C40-2AE2479A4164}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) FirewallRules: [{12452DC3-0184-4D50-9874-AFEDEF2EFAA9}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) FirewallRules: [{59D96386-6E3E-4356-8348-CF3CFA65A81B}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{FFA55DD9-7016-4EC4-A808-1A467A45E95C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{DC649560-4400-4885-84A1-B96EE04BD03C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{962C91EA-9380-4D1D-8A2F-E951089E3F37}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6E404A41-222B-4F61-937B-39B8D0A5BE40}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{394ABFE5-D758-4C24-B451-12FE329ECF53}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{CAB0B3BC-BD97-4B9F-AD34-4EA3FD6A653B}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{D1AE7604-9B6C-4322-8475-D1AC1B29A431}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) ==================== Restore Points ========================= 01-02-2019 16:11:32 Планирана контролна точка 09-02-2019 15:07:59 Планирана контролна точка ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Description: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Service: L1C Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2019 04:45:30 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2019 04:45:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/07/2019 03:15:48 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/07/2019 03:15:48 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (02/09/2019 11:34:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (02/09/2019 02:59:26 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (02/06/2019 08:56:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на отговор за транзакция от услуга eventlog. Error: (02/05/2019 07:09:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (02/04/2019 09:08:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга NVIDIA Telemetry Container прекъсна със следната грешка: Изпълним файл за обща команда върна резултат, показващ грешка. Error: (02/04/2019 08:48:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга NVIDIA LocalSystem Container беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (02/04/2019 08:48:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга NVIDIA LocalSystem Container прекъсна със следната грешка: Изпълним файл за обща команда върна резултат, показващ грешка. Error: (02/03/2019 01:44:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Steam Client Service не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. ==================== Memory info =========================== Processor: AMD FX-8320E Eight-Core Processor Percentage of memory in use: 41% Total physical RAM: 8189.54 MB Available physical RAM: 4811.05 MB Total Virtual: 16377.26 MB Available Virtual: 11050.03 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:150 GB) (Free:70.97 GB) NTFS Drive d: () (Fixed) (Total:781.41 GB) (Free:323.18 GB) NTFS \\?\Volume{2f050b3f-9477-11e7-8c98-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0C59AE75) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=781.4 GB) - (Type=05) ==================== End of Addition.txt ============================
  12. Инсталирах едно нещо, което се оказа, че не трябва и сега ми пъкват реклами постоянно, компа забозва и така нататък. С любов от русия. С какво може да сканирам и да оправя нещата, уиндолс 10.
  13. Здравейте!Допуснах вирус или троянски кон, в резултат на което не мога да отворя нито един файл с разширение doc.,txt,png,jpg,jpeg,mp3,mp4 и т.н.Всичките ми файлове са преименувани като след разширението стоят буквите XQKLBVNMDH.Уиндоуса изписва, че не може да отвори файл с такова разширение.Опитвам се да махна тези букви и да преименувам файла, но след преименуването файла става неизползваем.Инсталирах НОД 32 и ми откри 5065 троянеца, от които успя да почисти 5055, но положението не се промени.Някой може ли да помогне с нещо?
  14. Здравейте! Прикачам лог файла . Непрекъснато ми се отварят страници в браузъра . Моля за съдействие. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.11.2018 Ran by Didista (administrator) on DESKTOP-DSKVSP2 (15-11-2018 22:45:03) Running from C:\Users\Didista\Downloads Loaded Profiles: Didista (Available Profiles: Didista) Platform: Windows 10 Pro N Version 1803 17134.407 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsLdrSrv64.exe (ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsHidSrv64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsMonStartupTask64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (BitTorrent Inc.) C:\Users\Didista\AppData\Roaming\BitTorrent\BitTorrent.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (NODJE) D:\install\Office_2010_Activator_Full_Version_100_Working_Free_PASSWORD_123\Office_2010_Activator_Full_Version_100_Working_Free_34319.exe (TODO: <Company name>) C:\ProgramData\Kolnixo\Kolnixo.exe (ZLGVXB) C:\Program Files (x86)\uhlkclz42dn\MXVO6R4NL5PR3EY.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files\FCUX3N7ZJS\FCUX3N7ZJ.exe () C:\Users\Didista\AppData\Local\Temp\is-TU326.tmp\swr2ab1i3na.tmp (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files (x86)\uhlkclz42dn\GEQY0.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files\C8JKRJNU79\C8JKRJNU7.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files\OWHJ94UXVD\IBYQ18KGP.exe () C:\Users\Didista\AppData\Local\Temp\is-A480T.tmp\jnt3mero1bx.tmp (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files\CGAVT81G4S\CGAVT81G4.exe (Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [692160 2016-01-19] (Autodesk, Inc.) HKLM-x32\...\Run: [Multitimer] => C:\Program Files (x86)\Multitimer\Multitimer.exe [281600 2017-12-12] () HKLM\...\RunOnce: [OMEWPRODUCT_] => C:\Program Files\Microsoft Analysis Services\96RRN6VKDZW3B\WaN6he06SO.exe [324608 2018-11-15] () HKLM\...\RunOnce: [OMEWPRODUCT_G50GE] => C:\Program Files (x86)\uhlkclz42dn\MXVO6R4NL5PR3EY.exe [249856 2018-11-15] (ZLGVXB) <==== ATTENTION HKLM-x32\...\RunOnce: [Malwarebytes' Anti-Malware] => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [399504 2009-02-11] (Malwarebytes Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (Disc Soft Ltd) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [BLTG4CCEG5MMVFU] => C:\Program Files\FCUX3N7ZJS\FCUX3N7ZJ.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [009KOWOANB1R0IT] => C:\Program Files (x86)\uhlkclz42dn\GEQY0.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [C0GNC6JMCEWTQ6O] => C:\Program Files\C8JKRJNU79\C8JKRJNU7.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [F5BMV40IU8I2UUQ] => C:\Program Files\OWHJ94UXVD\IBYQ18KGP.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [5ZJNOL91INGZK96] => C:\Program Files\CGAVT81G4S\CGAVT81G4.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\RunOnce: [Uninstall 18.172.0826.0010\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Didista\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\amd64" HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\RunOnce: [Uninstall 18.172.0826.0010] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Didista\AppData\Local\Microsoft\OneDrive\18.172.0826.0010" HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\MountPoints2: {cf8a0d3e-d136-11e8-a44c-34e12df5e1e5} - "G:\SETUP.EXE" AppInit_DLLs: C:\ProgramData\Kolnixo\Holdzuntip.dll => C:\ProgramData\Kolnixo\Holdzuntip.dll [342528 2018-11-15] () AppInit_DLLs-x32: C:\ProgramData\Kolnixo\Treetamit.dll => C:\ProgramData\Kolnixo\Treetamit.dll [460800 2018-11-15] () GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{18e67df8-ee5e-4dc6-9bb8-bbeaff76c2bc}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{e7c25d7d-cac5-489b-9ac9-1a5057905498}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Internet Explorer: ================== HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g9x1M7zfAerZPy-mzN9zcmDMcvfDkc5u_Ev3swFo2g_SC7H7g_QPX4svLn99oYUBeJSx0M8jBQFUhhKpahz4owLYJuWg,,&q={searchTerms} HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9gxWgPMRIn_JtbnuuUL-tlwFL2wx1pOrQ7EY_hqWtD2w2Umw5nZVaNdKaz8KXE2rb0YvQAfB6h8uy0c32x15ZqFvbPJeA,, SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g9x1M7zfAerZPy-mzN9zcmDMcvfDkc5u_Ev3swFo2g_SC7H7g_QPX4svLn99oYUBeJSx0M8jBQFUhhKpahz4owLYJuWg,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g9x1M7zfAerZPy-mzN9zcmDMcvfDkc5u_Ev3swFo2g_SC7H7g_QPX4svLn99oYUBeJSx0M8jBQFUhhKpahz4owLYJuWg,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g9x1M7zfAerZPy-mzN9zcmDMcvfDkc5u_Ev3swFo2g_SC7H7g_QPX4svLn99oYUBeJSx0M8jBQFUhhKpahz4owLYJuWg,,&q={searchTerms} BHO: YoutubeAdBlock -> {14D0AD49-F627-4E41-93CA-E9A444EE8B22} -> C:\Program Files (x86)\IwTmDCzJJIE\tlyQ30LVS.dll [2018-11-15] () BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: YoutubeAdBlock -> {14D0AD49-F627-4E41-93CA-E9A444EE8B22} -> C:\Program Files (x86)\IwTmDCzJJIE\kYJpSopz.dll [2018-11-15] () BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-06] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-06] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-16] (Google Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g93Ei_kR4QfjE79dxLYrFfWDs_CfJpsT-vaieDY4VnebfjLIlKWsx8On8zU7golcX5d29Elpc50g1Vo18qkwYwDO34vg,, CHR StartupUrls: Profile 1 -> "","hxxp://www.google.com/" CHR DefaultSearchURL: Profile 1 -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g90GCghaQlXbNRvqBsYkQJ-9VCB4gGW7EHDeqFR3qfsiN3COVjumKAa8gi6VFWZsgxgH1TYMldeUVRDgXlzyunSsBkig,,&q={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> feed.sonic-search.com CHR Profile: C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default [2018-11-15] CHR Extension: (Slides) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-16] CHR Extension: (Docs) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-16] CHR Extension: (Google Drive) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-10-16] CHR Extension: (YouTube) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-16] CHR Extension: (Sheets) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-16] CHR Extension: (Google Docs Offline) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-16] CHR Extension: (Adblocker for Youtube™) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmepafhiigbfimndaicdpoeebdgmkfdb [2018-11-15] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION CHR Extension: (Chrome Web Store Payments) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-16] CHR Extension: (Gmail) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-16] CHR Extension: (Chrome Media Router) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-03] CHR Profile: C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-11-15] CHR Extension: (Slides) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-16] CHR Extension: (Docs) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-16] CHR Extension: (Google Drive) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-10-16] CHR Extension: (YouTube) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-16] CHR Extension: (uBlock Origin) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-10-16] CHR Extension: (Sheets) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-16] CHR Extension: (Google Docs Offline) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-16] CHR Extension: (AdBlock) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-16] CHR Extension: (Pinterest Save Button) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-10-19] CHR Extension: (Kaldata.com) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jliaaaomamailheoidfllejljaibbemc [2018-10-16] CHR Extension: (Capital.bg) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lanbncpnnmafpfikemcimkiddbogfnki [2018-10-16] CHR Extension: (#ДАНСwithme) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmcpmmnecclemnhobkplkgpjjddgnkej [2018-10-16] CHR Extension: (hxxp://goo.mx/Az2aea) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mldlblfnplplbhojnognmlaoemiiedje [2018-10-16] CHR Extension: (Bazz Search) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmeinlfojlcegblpogpjbhipmonclejh [2018-11-15] CHR Extension: (Adblocker for Youtube™) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmepafhiigbfimndaicdpoeebdgmkfdb [2018-11-15] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION CHR Extension: (Chrome Web Store Payments) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-16] CHR Extension: (Gmail) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-16] CHR Extension: (Chrome Media Router) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01] CHR Profile: C:\Users\Didista\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-15] CHR Extension: (Adblocker for Youtube™) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmepafhiigbfimndaicdpoeebdgmkfdb [2018-11-15] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1222664 2016-01-19] (Autodesk Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated) R2 AsHidService; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsHidSrv64.exe [171912 2018-01-07] (ASUSTek Computer Inc.) R2 ASLDRService; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsLdrSrv64.exe [202120 2018-01-07] (ASUSTek Computer Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730024 2018-10-04] (Disc Soft Ltd) R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1651792 2017-10-27] (Intel Corporation) R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [541896 2018-04-19] (Intel Corporation) R2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [483816 2018-05-10] (ICEpower a/s) R2 Kolnixo; C:\ProgramData\\Kolnixo\\Kolnixo.exe [1995264 2018-11-15] (TODO: <Company name>) [File not signed] S3 mi-raysat_3dsmax2017_64; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-15] () [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation) S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-25] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-25] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\atkwmiacpi64.sys [30600 2018-01-07] (ASUSTek Computer Inc.) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [70040 2017-10-27] (Intel Corporation) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-10-16] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-10-16] (Disc Soft Ltd) S1 erenopno; C:\Windows\system32\drivers\erenopno.sys [72816 2018-11-15] (Microsoft Corporation) R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [399264 2017-10-27] (Intel Corporation) R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34184 2018-05-02] (ASUS) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136208 2018-04-19] (Intel Corporation) R3 Netwtw06; C:\Windows\system32\DRIVERS\Netwtw06.sys [8752120 2018-05-02] (Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvlddmkm.sys [17213616 2018-10-15] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-05-21] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-05-15] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation) S1 nyutbnzk; C:\Windows\system32\drivers\nyutbnzk.sys [72816 2018-11-15] (Microsoft Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek ) S1 rxhodcdr; C:\Windows\system32\drivers\rxhodcdr.sys [72816 2018-11-15] (Microsoft Corporation) S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46184 2018-10-25] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [328696 2018-10-25] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-25] (Microsoft Corporation) S1 wgbxphjl; C:\Windows\system32\drivers\wgbxphjl.sys [72816 2018-11-15] (Microsoft Corporation) S1 xrsjazsk; C:\Windows\system32\drivers\xrsjazsk.sys [72816 2018-11-15] (Microsoft Corporation) S1 xwhjuavh; C:\Windows\system32\drivers\xwhjuavh.sys [72816 2018-11-15] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-11-15 22:45 - 2018-11-15 22:45 - 000027997 _____ C:\Users\Didista\Downloads\FRST.txt 2018-11-15 22:44 - 2018-11-15 22:45 - 000000000 ____D C:\FRST 2018-11-15 22:44 - 2018-11-15 22:44 - 002416128 _____ (Farbar) C:\Users\Didista\Downloads\FRST64.exe 2018-11-15 22:42 - 2018-11-15 22:42 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\erenopno.sys 2018-11-15 22:27 - 2018-11-15 22:27 - 000001082 _____ C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk 2018-11-15 22:27 - 2018-11-15 22:27 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Malwarebytes 2018-11-15 22:27 - 2018-11-15 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware 2018-11-15 22:27 - 2018-11-15 22:27 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-11-15 22:27 - 2018-11-15 22:27 - 000000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2018-11-15 22:27 - 2009-02-11 10:19 - 000038496 _____ (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys 2018-11-15 22:27 - 2009-02-11 10:19 - 000015504 _____ (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbam.sys 2018-11-15 22:22 - 2018-11-15 22:22 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nyutbnzk.sys 2018-11-15 22:20 - 2018-11-15 22:20 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wgbxphjl.sys 2018-11-15 22:20 - 2018-11-15 22:20 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rxhodcdr.sys 2018-11-15 22:20 - 2018-11-15 22:20 - 000000000 ____D C:\Program Files (x86)\Multitimer 2018-11-15 22:19 - 2018-11-15 22:25 - 000000000 ____D C:\ProgramData\localNETService 2018-11-15 22:19 - 2018-11-15 22:22 - 000000000 ____D C:\Program Files (x86)\Close 2018-11-15 22:19 - 2018-11-15 22:20 - 000000000 ____D C:\Users\Didista\AppData\Roaming\gqz0chuajmt 2018-11-15 22:19 - 2018-11-15 22:20 - 000000000 ____D C:\Users\Didista\AppData\Roaming\0deilzc0shp 2018-11-15 22:19 - 2018-11-15 22:20 - 000000000 ____D C:\Program Files\CGAVT81G4S 2018-11-15 22:19 - 2018-11-15 22:19 - 000003212 _____ C:\Windows\System32\Tasks\OqUgsIhoyVOixP 2018-11-15 22:19 - 2018-11-15 22:19 - 000003052 __RSH C:\ProgramData\ntuser.pol 2018-11-15 22:19 - 2018-11-15 22:19 - 000003044 _____ C:\Windows\System32\Tasks\EGDwIDfrVjLvW2 2018-11-15 22:19 - 2018-11-15 22:19 - 000003034 _____ C:\Windows\System32\Tasks\qdxgajDnKqmDPrtzQ2 2018-11-15 22:19 - 2018-11-15 22:19 - 000003026 _____ C:\Windows\System32\Tasks\yKlRUxrwnsuFpeUeBWz2 2018-11-15 22:19 - 2018-11-15 22:19 - 000003008 _____ C:\Windows\System32\Tasks\niYEcWwYibJfLQX2 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Users\Didista\AppData\Roaming\4bdykg2qirq 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\ProgramData\zTXZmVxyKBKDhdVB 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files\OWHJ94UXVD 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\UmTwpSvRUOfSC 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\pbjpUXEkQjxU2 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\IwTmDCzJJIE 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\hGGLWjvHZZUn 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\eEvEEOxmU 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\BHXQvOBMsgKdEntstUR 2018-11-15 22:18 - 2018-11-15 22:33 - 000000000 ____D C:\ProgramData\Kolnixo 2018-11-15 22:18 - 2018-11-15 22:25 - 000000000 ____D C:\Program Files (x86)\OneSystemCare 2018-11-15 22:18 - 2018-11-15 22:25 - 000000000 ____D C:\Program Files (x86)\foldershare 2018-11-15 22:18 - 2018-11-15 22:20 - 000000000 ____D C:\ProgramData\Logic Cramble 2018-11-15 22:18 - 2018-11-15 22:18 - 025260414 _____ (TigerTrade ) C:\ProgramData\lzxhod.exe 2018-11-15 22:18 - 2018-11-15 22:18 - 007809024 _____ C:\Users\Didista\AppData\Local\agent.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 002024475 _____ C:\Users\Didista\AppData\Local\Doubledax.tst 2018-11-15 22:18 - 2018-11-15 22:18 - 000126464 _____ C:\Users\Didista\AppData\Local\noah.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000070896 _____ C:\Users\Didista\AppData\Local\Config.xml 2018-11-15 22:18 - 2018-11-15 22:18 - 000018432 _____ C:\Users\Didista\AppData\Local\Main.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000015614 _____ C:\Windows\SysWOW64\findit.xml 2018-11-15 22:18 - 2018-11-15 22:18 - 000005568 _____ C:\Users\Didista\AppData\Local\md.xml 2018-11-15 22:18 - 2018-11-15 22:18 - 000000116 _____ C:\ProgramData\lzxhoc.txt 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Users\Didista\AppData\Roaming\xfyg1f23d4k 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Users\Didista\AppData\Roaming\One System Care 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Mozilla 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\Kolnixos 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\72101d1e-3ee9-4f7a-8b3d-44459f18b40b 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\2a1cffdf-4eb1-1 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\2a1cffdf-3d51-0 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files\FCUX3N7ZJS 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files\C8JKRJNU79 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files (x86)\uhlkclz42dn 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files (x86)\TigerTrade 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files (x86)\publicHotsp 2018-11-15 22:18 - 2018-11-15 22:17 - 001995264 _____ (TODO: <Company name>) C:\Users\Didista\AppData\Local\Doubledax.exe 2018-11-15 22:17 - 2018-11-15 22:18 - 000722944 _____ C:\Users\Didista\AppData\Local\sham.db 2018-11-15 22:17 - 2018-11-15 22:18 - 000017664 _____ C:\Users\Didista\AppData\Local\InstallationConfiguration.xml 2018-11-15 22:17 - 2018-11-15 22:17 - 000140800 _____ C:\Users\Didista\AppData\Local\installer.dat 2018-11-15 22:17 - 2018-11-15 22:17 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xwhjuavh.sys 2018-11-15 22:17 - 2018-11-15 22:17 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xrsjazsk.sys 2018-11-15 22:12 - 2018-11-15 22:12 - 000078848 _____ C:\Windows\KMSEmulator.exe 2018-11-13 21:44 - 2018-11-01 13:49 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe 2018-11-13 21:44 - 2018-11-01 13:46 - 002394960 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL 2018-11-13 21:44 - 2018-11-01 13:45 - 004527776 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2018-11-13 21:44 - 2018-11-01 13:45 - 001617320 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2018-11-13 21:44 - 2018-11-01 13:45 - 001376672 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2018-11-13 21:44 - 2018-11-01 13:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll 2018-11-13 21:44 - 2018-11-01 13:31 - 006602240 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2018-11-13 21:44 - 2018-11-01 13:30 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll 2018-11-13 21:44 - 2018-11-01 13:30 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll 2018-11-13 21:44 - 2018-11-01 13:29 - 012710400 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-11-13 21:44 - 2018-11-01 13:29 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll 2018-11-13 21:44 - 2018-11-01 13:28 - 003649024 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2018-11-13 21:44 - 2018-11-01 13:28 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2018-11-13 21:44 - 2018-11-01 13:27 - 001121792 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2018-11-13 21:44 - 2018-11-01 13:27 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2018-11-13 21:44 - 2018-11-01 13:26 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll 2018-11-13 21:44 - 2018-11-01 13:26 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll 2018-11-13 21:44 - 2018-11-01 13:26 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe 2018-11-13 21:44 - 2018-11-01 13:26 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-11-13 21:44 - 2018-11-01 13:26 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe 2018-11-13 21:44 - 2018-11-01 13:25 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe 2018-11-13 21:44 - 2018-11-01 12:09 - 001027000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2018-11-13 21:44 - 2018-11-01 11:59 - 005669888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2018-11-13 21:44 - 2018-11-01 11:56 - 011902464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-11-13 21:44 - 2018-11-01 11:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll 2018-11-13 21:44 - 2018-11-01 11:56 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll 2018-11-13 21:44 - 2018-11-01 11:54 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-11-13 21:44 - 2018-11-01 11:53 - 000908288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2018-11-13 21:44 - 2018-11-01 11:52 - 002892800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2018-11-13 21:44 - 2018-11-01 09:39 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe 2018-11-13 21:44 - 2018-11-01 09:38 - 000269336 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll 2018-11-13 21:44 - 2018-11-01 09:37 - 000272408 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave.dll 2018-11-13 21:44 - 2018-11-01 09:28 - 001221432 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe 2018-11-13 21:44 - 2018-11-01 09:28 - 001062712 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2018-11-13 21:44 - 2018-11-01 09:28 - 001029944 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe 2018-11-13 21:44 - 2018-11-01 09:28 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe 2018-11-13 21:44 - 2018-11-01 09:28 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll 2018-11-13 21:44 - 2018-11-01 09:28 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys 2018-11-13 21:44 - 2018-11-01 09:27 - 001017152 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2018-11-13 21:44 - 2018-11-01 09:27 - 000491200 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2018-11-13 21:44 - 2018-11-01 09:26 - 007432120 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2018-11-13 21:44 - 2018-11-01 09:26 - 003291640 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2018-11-13 21:44 - 2018-11-01 09:26 - 003180080 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2018-11-13 21:44 - 2018-11-01 09:26 - 001363536 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 009089848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-11-13 21:44 - 2018-11-01 09:25 - 007520088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 004404912 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 002822456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2018-11-13 21:44 - 2018-11-01 09:25 - 002571320 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 002371296 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001934808 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001784680 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001456728 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-11-13 21:44 - 2018-11-01 09:25 - 001288920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001257880 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-11-13 21:44 - 2018-11-01 09:25 - 001209888 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001190248 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001140672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-11-13 21:44 - 2018-11-01 09:25 - 000982592 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2018-11-13 21:44 - 2018-11-01 09:25 - 000885968 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000793080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2018-11-13 21:44 - 2018-11-01 09:25 - 000713472 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000594224 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2018-11-13 21:44 - 2018-11-01 09:25 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\coml2.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000413720 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2018-11-13 21:44 - 2018-11-01 09:25 - 000375824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2018-11-13 21:44 - 2018-11-01 09:25 - 000268088 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000261000 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2018-11-13 21:44 - 2018-11-01 09:09 - 025855488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2018-11-13 21:44 - 2018-11-01 09:03 - 003397120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2018-11-13 21:44 - 2018-11-01 09:03 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe 2018-11-13 21:44 - 2018-11-01 09:02 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll 2018-11-13 21:44 - 2018-11-01 09:02 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\CSystemEventsBrokerClient.dll 2018-11-13 21:44 - 2018-11-01 09:01 - 022716416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-11-13 21:44 - 2018-11-01 09:01 - 009084928 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll 2018-11-13 21:44 - 2018-11-01 09:01 - 007057408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll 2018-11-13 21:44 - 2018-11-01 09:00 - 008189440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2018-11-13 21:44 - 2018-11-01 09:00 - 006031360 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2018-11-13 21:44 - 2018-11-01 09:00 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2018-11-13 21:44 - 2018-11-01 09:00 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2018-11-13 21:44 - 2018-11-01 09:00 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll 2018-11-13 21:44 - 2018-11-01 08:59 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe 2018-11-13 21:44 - 2018-11-01 08:59 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll 2018-11-13 21:44 - 2018-11-01 08:59 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2018-11-13 21:44 - 2018-11-01 08:59 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll 2018-11-13 21:44 - 2018-11-01 08:59 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 004867072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 004383744 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 003381248 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 002825728 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 002364928 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 002929664 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 002172928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 001768448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 001395200 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll 2018-11-13 21:44 - 2018-11-01 08:55 - 002738688 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2018-11-13 21:44 - 2018-11-01 08:55 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2018-11-13 21:44 - 2018-11-01 08:55 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001679360 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001551360 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001264640 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001023488 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000895488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000606208 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 002248192 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 001373696 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2018-11-13 21:44 - 2018-11-01 07:39 - 000001310 _____ C:\Windows\system32\tcbres.wim 2018-11-13 21:44 - 2018-11-01 07:08 - 002417952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2018-11-13 21:44 - 2018-11-01 06:50 - 000861712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2018-11-13 21:44 - 2018-11-01 06:50 - 000786288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 006039064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 004790184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 002478872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 000880248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 000384520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\coml2.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 006570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 001980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 001379792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 001020064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 000567256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 000129304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2018-11-13 21:44 - 2018-11-01 06:40 - 022015488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2018-11-13 21:44 - 2018-11-01 06:35 - 019403776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-11-13 21:44 - 2018-11-01 06:34 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2018-11-13 21:44 - 2018-11-01 06:33 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2018-11-13 21:44 - 2018-11-01 06:33 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-11-13 21:44 - 2018-11-01 06:32 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2018-11-13 21:44 - 2018-11-01 06:31 - 005307904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2018-11-13 21:44 - 2018-11-01 06:31 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 005883904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 005775872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 001862656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2018-11-13 21:44 - 2018-11-01 06:28 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll 2018-11-13 21:44 - 2018-11-01 06:28 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2018-11-13 21:44 - 2018-11-01 06:28 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll 2018-11-13 21:44 - 2018-11-01 06:27 - 001627648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-11-13 21:44 - 2018-11-01 06:27 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2018-11-13 21:44 - 2018-11-01 06:27 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll 2018-11-13 21:44 - 2018-11-01 06:27 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-11-13 21:44 - 2018-11-01 06:27 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-11-13 21:44 - 2018-11-01 06:26 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2018-11-13 21:44 - 2018-11-01 06:26 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2018-11-13 21:44 - 2018-11-01 06:26 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2018-11-13 21:44 - 2018-10-21 15:04 - 002267448 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll 2018-11-13 21:44 - 2018-10-21 15:00 - 021386368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2018-11-13 21:44 - 2018-10-21 15:00 - 001639560 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2018-11-13 21:44 - 2018-10-21 15:00 - 001516120 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2018-11-13 21:44 - 2018-10-21 15:00 - 000790416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2018-11-13 21:44 - 2018-10-21 15:00 - 000396304 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2018-11-13 21:44 - 2018-10-21 14:59 - 000766480 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll 2018-11-13 21:44 - 2018-10-21 14:59 - 000236728 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll 2018-11-13 21:44 - 2018-10-21 14:46 - 013572096 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2018-11-13 21:44 - 2018-10-21 14:46 - 004393472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2018-11-13 21:44 - 2018-10-21 14:45 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-11-13 21:44 - 2018-10-21 14:44 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2018-11-13 21:44 - 2018-10-21 14:44 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2018-11-13 21:44 - 2018-10-21 14:43 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll 2018-11-13 21:44 - 2018-10-21 14:43 - 000276992 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll 2018-11-13 21:44 - 2018-10-21 14:43 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll 2018-11-13 21:44 - 2018-10-21 14:42 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll 2018-11-13 21:44 - 2018-10-21 14:42 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2018-11-13 21:44 - 2018-10-21 14:42 - 000592896 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll 2018-11-13 21:44 - 2018-10-21 14:42 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll 2018-11-13 21:44 - 2018-10-21 14:41 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2018-11-13 21:44 - 2018-10-21 13:41 - 001540408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll 2018-11-13 21:44 - 2018-10-21 13:41 - 000023056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hvsicontainerservice.dll 2018-11-13 21:44 - 2018-10-21 13:38 - 001322376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2018-11-13 21:44 - 2018-10-21 13:38 - 000662312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2018-11-13 21:44 - 2018-10-21 13:38 - 000660480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll 2018-11-13 21:44 - 2018-10-21 13:38 - 000221216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll 2018-11-13 21:44 - 2018-10-21 13:37 - 020381808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2018-11-13 21:44 - 2018-10-21 13:37 - 001626656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2018-11-13 21:44 - 2018-10-21 13:28 - 012501504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2018-11-13 21:44 - 2018-10-21 13:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2018-11-13 21:44 - 2018-10-21 13:23 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2018-11-13 21:44 - 2018-10-21 13:23 - 000523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2018-11-13 21:44 - 2018-10-21 13:22 - 002405888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll 2018-11-13 21:44 - 2018-10-21 13:22 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll 2018-11-13 21:44 - 2018-10-21 09:48 - 005602456 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll 2018-11-13 21:44 - 2018-10-21 09:47 - 000368440 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2018-11-13 21:44 - 2018-10-21 09:46 - 000717112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll 2018-11-13 21:44 - 2018-10-21 09:46 - 000709936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2018-11-13 21:44 - 2018-10-21 09:46 - 000611640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2018-11-13 21:44 - 2018-10-21 09:46 - 000560136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2018-11-13 21:44 - 2018-10-21 09:46 - 000497864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll 2018-11-13 21:44 - 2018-10-21 09:46 - 000171024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-11-13 21:44 - 2018-10-21 09:45 - 003283512 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2018-11-13 21:44 - 2018-10-21 09:45 - 001946208 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 001098064 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 000607136 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 000185120 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 000175624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys 2018-11-13 21:44 - 2018-10-21 09:45 - 000139792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-11-13 21:44 - 2018-10-21 09:45 - 000058088 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-11-13 21:44 - 2018-10-21 09:28 - 016592384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2018-11-13 21:44 - 2018-10-21 09:22 - 004710912 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll 2018-11-13 21:44 - 2018-10-21 09:21 - 001589248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2018-11-13 21:44 - 2018-10-21 09:21 - 000123424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-11-13 21:44 - 2018-10-21 09:20 - 000424000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll 2018-11-13 21:44 - 2018-10-21 09:20 - 000295224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2018-11-13 21:44 - 2018-10-21 09:20 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll 2018-11-13 21:44 - 2018-10-21 09:20 - 000141312 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2018-11-13 21:44 - 2018-10-21 09:20 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 002487088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 001620776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 001130768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe 2018-11-13 21:44 - 2018-10-21 09:19 - 000505616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys 2018-11-13 21:44 - 2018-10-21 09:19 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys 2018-11-13 21:44 - 2018-10-21 09:19 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\ofdeploy.exe 2018-11-13 21:44 - 2018-10-21 09:19 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\BthAvrcpAppSvc.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhf.sys 2018-11-13 21:44 - 2018-10-21 09:19 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000761344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Activities.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000395264 _____ (Microsoft Corporation) C:\Windows\system32\BthAvctpSvc.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 001668096 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 000787456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys 2018-11-13 21:44 - 2018-10-21 09:17 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\BthAvrcp.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 002584576 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 001535488 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2018-11-13 21:44 - 2018-10-21 09:15 - 003212800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2018-11-13 21:44 - 2018-10-21 09:15 - 002904064 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2018-11-13 21:44 - 2018-10-21 09:15 - 000743936 _____ (Microsoft Corporation) C:\Windows\system32\PrintRenderAPIHost.DLL 2018-11-13 21:44 - 2018-10-21 09:15 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 002224640 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2018-11-13 21:44 - 2018-10-21 09:14 - 001919488 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 001097216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2018-11-13 21:44 - 2018-10-21 09:14 - 001034752 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 000453632 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll 2018-11-13 21:44 - 2018-10-21 09:09 - 013873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2018-11-13 21:44 - 2018-10-21 09:02 - 002966528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll 2018-11-13 21:44 - 2018-10-21 09:02 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll 2018-11-13 21:44 - 2018-10-21 09:01 - 001189376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2018-11-13 21:44 - 2018-10-21 09:01 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll 2018-11-13 21:44 - 2018-10-21 09:00 - 000214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll 2018-11-13 21:44 - 2018-10-21 08:59 - 000602112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2018-11-13 21:44 - 2018-10-21 08:58 - 001124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll 2018-11-13 21:44 - 2018-10-21 08:58 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-11-13 21:44 - 2018-10-21 08:58 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2018-11-13 21:44 - 2018-10-21 08:57 - 002611200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2018-11-13 21:44 - 2018-10-21 07:59 - 000806320 _____ C:\Windows\SysWOW64\locale.nls 2018-11-13 21:44 - 2018-10-21 07:59 - 000806320 _____ C:\Windows\system32\locale.nls 2018-11-13 21:44 - 2018-09-21 06:14 - 000661056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2018-11-13 21:44 - 2018-09-21 06:11 - 000753056 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2018-11-13 21:44 - 2018-09-20 11:16 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll 2018-11-13 21:44 - 2018-09-20 10:28 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll 2018-11-13 21:44 - 2018-07-14 06:22 - 006813744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2018-11-13 21:44 - 2018-07-14 06:22 - 001144664 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2018-11-13 21:44 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2018-11-13 21:44 - 2018-07-14 06:19 - 001946752 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2018-11-13 21:44 - 2018-07-14 06:18 - 002563984 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2018-11-13 21:44 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2018-11-13 21:44 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2018-11-13 21:44 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2018-11-13 21:44 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2018-11-13 21:44 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll 2018-11-13 21:44 - 2018-07-14 05:56 - 004559872 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2018-11-13 21:44 - 2018-07-14 05:54 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll 2018-11-13 21:44 - 2018-07-06 09:26 - 001148800 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2018-11-13 21:44 - 2018-07-06 09:14 - 000988640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2018-11-13 21:44 - 2018-06-15 19:28 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2018-11-13 21:44 - 2018-06-15 19:28 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2018-11-13 21:44 - 2018-06-15 17:16 - 002206528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL 2018-11-13 21:44 - 2018-06-15 07:09 - 001742272 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2018-11-13 21:44 - 2018-06-15 07:09 - 001112600 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2018-11-13 21:44 - 2018-06-15 07:09 - 000247984 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2018-11-13 21:44 - 2018-06-15 07:08 - 002062488 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2018-11-13 21:44 - 2018-06-15 07:08 - 001150408 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll 2018-11-13 21:44 - 2018-06-15 07:08 - 000500552 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2018-11-13 21:44 - 2018-06-15 07:07 - 001611584 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2018-11-13 21:44 - 2018-06-15 07:05 - 000550608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2018-11-13 21:44 - 2018-06-15 07:04 - 001397192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 002163184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 001710240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 000770152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 000472136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 000232488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2018-11-13 21:44 - 2018-06-15 06:44 - 001342976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll 2018-11-13 21:44 - 2018-06-15 06:44 - 000873472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2018-11-13 21:44 - 2018-06-15 06:38 - 001305088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll 2018-11-13 21:44 - 2018-06-15 06:38 - 001070080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2018-11-13 21:44 - 2018-06-08 11:29 - 002590400 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2018-11-13 21:44 - 2018-06-08 11:29 - 000416144 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll 2018-11-13 21:44 - 2018-06-08 11:10 - 002307336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2018-11-13 21:44 - 2018-06-08 11:10 - 000457152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll 2018-11-13 21:44 - 2018-06-08 10:59 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe 2018-11-13 21:44 - 2018-06-08 10:56 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2018-11-13 21:44 - 2018-06-08 10:55 - 001242112 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll 2018-11-13 21:44 - 2018-06-08 10:54 - 000857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2018-11-13 21:44 - 2018-06-08 10:54 - 000842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll 2018-11-13 21:44 - 2018-06-08 10:54 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL 2018-11-13 21:44 - 2018-05-20 13:53 - 001017088 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll 2018-11-13 21:44 - 2018-05-20 13:53 - 001012408 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2018-11-13 21:44 - 2018-05-20 13:34 - 000861096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll 2018-11-13 21:44 - 2018-05-20 13:32 - 001034096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll 2018-11-13 21:44 - 2018-05-20 13:26 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\MSHEIF.dll 2018-11-13 21:44 - 2018-05-20 13:15 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSHEIF.dll 2018-11-13 21:44 - 2018-04-28 06:02 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2018-11-09 22:05 - 2018-09-06 03:27 - 000132408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2018-10-30 20:44 - 2018-10-30 20:44 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignfee3af2f37ccfaf7 2018-10-30 20:44 - 2018-10-30 20:44 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign649abea5711a27b1 2018-10-29 18:46 - 2018-10-29 18:46 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignfcadd6de6d859c33 2018-10-29 18:46 - 2018-10-29 18:46 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignf829852edb424f0e 2018-10-28 20:06 - 2018-10-28 20:06 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk 2018-10-28 11:41 - 2018-10-28 11:41 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsigna87c65d35d4bbccc 2018-10-28 11:41 - 2018-10-28 11:41 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign352f7c6706beb9b1 2018-10-28 11:12 - 2018-10-28 11:12 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignda012d01317a59f2 2018-10-28 11:12 - 2018-10-28 11:12 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign30ae473d07c84a4d 2018-10-28 10:18 - 2018-10-28 10:18 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignced34b6baaa19d8d 2018-10-28 10:18 - 2018-10-28 10:18 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign7ac55f9599ef9488 2018-10-28 09:52 - 2018-10-28 09:52 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign74faaac5b9362ae8 2018-10-28 09:51 - 2018-10-28 09:51 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign8a4e0cefe6f03c64 2018-10-28 09:41 - 2018-10-28 09:41 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign578166f34347a7ca 2018-10-28 09:41 - 2018-10-28 09:41 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign355bdde2e86340e2 2018-10-25 10:19 - 2018-10-25 10:19 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign9b663c80e1a0a94b 2018-10-25 10:19 - 2018-10-25 10:19 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign2b5dca1c4c5013ee 2018-10-25 09:52 - 2018-10-25 09:52 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign90f40453ec5e16f4 2018-10-25 09:52 - 2018-10-25 09:52 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign27a5531bbf90a046 2018-10-25 09:51 - 2018-10-25 09:51 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign4e850f8465786228 2018-10-25 09:51 - 2018-10-25 09:51 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign182f997f4160a0e3 2018-10-25 09:28 - 2018-10-25 09:28 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign78d3e84575e8c719 2018-10-25 09:28 - 2018-10-25 09:28 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign00a8375e5508502c 2018-10-21 19:36 - 2018-10-21 19:36 - 000000000 ____D C:\adb 2018-10-20 23:23 - 2018-10-20 23:23 - 000000000 ____D C:\Users\Didista\.android 2018-10-20 23:22 - 2018-10-20 23:22 - 000001192 _____ C:\Users\Public\Desktop\Minimal ADB and Fastboot.lnk 2018-10-20 23:22 - 2018-10-20 23:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot 2018-10-20 23:22 - 2018-10-20 23:22 - 000000000 ____D C:\Program Files (x86)\Minimal ADB and Fastboot 2018-10-20 22:31 - 2018-10-20 22:31 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2018-10-20 22:10 - 2018-10-21 14:01 - 000000000 ____D C:\android 2018-10-20 21:52 - 2018-10-20 21:52 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2018-10-20 21:08 - 2018-10-20 21:08 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsigna2089c0b2bb9a5be 2018-10-20 21:08 - 2018-10-20 21:08 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign510d79789619224c 2018-10-20 21:06 - 2018-10-20 21:06 - 000000000 ____D C:\Program Files\Windows Portable Devices 2018-10-20 21:06 - 2018-10-20 21:06 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2018-10-20 21:06 - 2018-10-20 21:06 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2018-10-20 21:06 - 2018-10-20 21:06 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2018-10-20 21:02 - 2018-04-11 06:08 - 000387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2018-10-20 21:02 - 2018-04-11 06:08 - 000032104 _____ (Microsoft Corporation) C:\Windows\system32\CameraSettingsUIHost.exe 2018-10-20 21:02 - 2018-04-11 06:02 - 000277424 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll 2018-10-20 21:02 - 2018-04-11 06:01 - 000336296 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL 2018-10-20 21:02 - 2018-04-11 06:01 - 000030112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUpFltr.sys 2018-10-20 21:02 - 2018-04-11 05:44 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\WmpDui.dll 2018-10-20 21:02 - 2018-04-11 05:40 - 001517568 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2018-10-20 21:02 - 2018-04-11 05:39 - 009137664 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2018-10-20 21:02 - 2018-04-11 05:39 - 001949184 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 001339392 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000906240 _____ (Microsoft Corporation) C:\Windows\system32\sqlceqp40.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000621056 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese40.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000437760 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000263168 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe 2018-10-20 21:02 - 2018-04-11 05:39 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\sqlceoledb40.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000196096 _____ (Microsoft Corporation) C:\Windows\system32\wmidx.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000181760 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm 2018-10-20 21:02 - 2018-04-11 05:39 - 000154624 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWiaCompat.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\sqlcecompact40.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000137216 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Renewal.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe 2018-10-20 21:02 - 2018-04-11 05:39 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wmdmps.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000086016 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm 2018-10-20 21:02 - 2018-04-11 05:39 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\mfvfw.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\wmdmlog.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe 2018-10-20 21:02 - 2018-04-11 05:39 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL 2018-10-20 21:02 - 2018-04-11 05:39 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2018-10-20 21:02 - 2018-04-11 05:39 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\wmerror.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\asferror.dll 2018-10-20 21:02 - 2018-04-11 05:00 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb 2018-10-20 21:02 - 2018-04-11 05:00 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb 2018-10-20 21:02 - 2018-04-11 04:20 - 000254680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL 2018-10-20 21:02 - 2018-04-11 04:20 - 000251096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll 2018-10-20 21:02 - 2018-04-11 04:20 - 000153976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll 2018-10-20 21:02 - 2018-04-11 04:20 - 000029464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraSettingsUIHost.exe 2018-10-20 21:02 - 2018-04-11 04:12 - 000286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WmpDui.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 009137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2018-10-20 21:02 - 2018-04-11 04:08 - 001896960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 001195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000839168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000730624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlceqp40.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000527360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese40.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswmdm.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unregmp2.exe 2018-10-20 21:02 - 2018-04-11 04:08 - 000190464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codecp.acm 2018-10-20 21:02 - 2018-04-11 04:08 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidx.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe 2018-10-20 21:02 - 2018-04-11 04:08 - 000069632 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm 2018-10-20 21:02 - 2018-04-11 04:08 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe 2018-10-20 21:02 - 2018-04-11 04:08 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmerror.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asferror.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlceoledb40.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWiaCompat.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcecompact40.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmps.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvfw.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmlog.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LAPRXY.DLL 2018-10-20 21:02 - 2018-04-11 04:07 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2018-10-20 21:02 - 2018-04-11 04:07 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2018-10-20 21:02 - 2018-04-11 03:31 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.tlb 2018-10-20 21:02 - 2018-04-11 03:31 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amcompat.tlb 2018-10-20 21:02 - 2018-04-10 20:48 - 000095104 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2018-10-20 21:02 - 2018-04-10 20:47 - 002195728 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2018-10-20 21:02 - 2018-04-10 20:47 - 000202064 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2018-10-20 21:02 - 2018-04-10 20:47 - 000111632 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2018-10-20 21:02 - 2018-04-10 20:43 - 000736624 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2018-10-20 21:02 - 2018-04-10 20:43 - 000519128 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll 2018-10-20 21:02 - 2018-04-10 20:42 - 000335824 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2018-10-20 21:02 - 2018-04-10 20:41 - 000049688 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2018-10-20 21:02 - 2018-04-10 20:40 - 002085704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2018-10-20 21:02 - 2018-04-10 20:40 - 000102824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2018-10-20 21:02 - 2018-04-10 20:40 - 000084752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2018-10-20 21:02 - 2018-04-10 20:39 - 000741232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2018-10-20 21:02 - 2018-04-10 20:39 - 000356480 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2018-10-20 21:02 - 2018-04-10 20:39 - 000237160 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2018-10-20 21:02 - 2018-04-10 20:39 - 000236656 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2018-10-20 21:02 - 2018-04-10 20:38 - 000187032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2018-10-20 21:02 - 2018-04-10 20:38 - 000114704 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2018-10-20 21:02 - 2018-04-10 20:37 - 000549112 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll 2018-10-20 21:02 - 2018-04-10 20:37 - 000137416 _____ (Microsoft Corporation) C:\Windows\system32\mfAACEnc.dll 2018-10-20 21:02 - 2018-04-10 20:36 - 000124576 _____ (Microsoft Corporation) C:\Windows\system32\mfaudiocnv.dll 2018-10-20 21:02 - 2018-04-10 20:35 - 001227784 _____ (Microsoft Corporation) C:\Windows\system32\mfperfhelper.dll 2018-10-20 21:02 - 2018-04-10 20:35 - 000472688 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll 2018-10-20 21:02 - 2018-04-10 20:34 - 000041392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2018-10-20 21:02 - 2018-04-10 20:32 - 000691616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2018-10-20 21:02 - 2018-04-10 20:29 - 000267072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2018-10-20 21:02 - 2018-04-10 20:29 - 000266568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2018-10-20 21:02 - 2018-04-10 20:28 - 000272272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2018-10-20 21:02 - 2018-04-10 20:27 - 000389496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll 2018-10-20 21:02 - 2018-04-10 20:27 - 000346096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2018-10-20 21:02 - 2018-04-10 20:26 - 001079000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfperfhelper.dll 2018-10-20 21:02 - 2018-04-10 20:25 - 000682400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2018-10-20 21:02 - 2018-04-10 20:25 - 000114704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfAACEnc.dll 2018-10-20 21:02 - 2018-04-10 20:25 - 000097664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2018-10-20 21:02 - 2018-04-10 20:24 - 000333696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll 2018-10-20 21:02 - 2018-04-10 20:23 - 000096640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfaudiocnv.dll 2018-10-20 21:02 - 2018-04-10 20:12 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMmRes.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfdvdec.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSOpusDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAlacEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAlacDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAMRNBSink.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmcodecdspps.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2018-10-20 21:02 - 2018-04-10 20:10 - 000387072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2018-10-20 21:02 - 2018-04-10 20:10 - 000336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000183808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmvdspa.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.ps.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh263enc.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\CoreMmRes.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 001050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2018-10-20 21:02 - 2018-04-10 20:09 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2018-10-20 21:02 - 2018-04-10 20:09 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAMRNBDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\MSAlacEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\MSAlacDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2018-10-20 21:02 - 2018-04-10 20:09 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\MSAMRNBSink.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\wmcodecdspps.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000633856 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2018-10-20 21:02 - 2018-04-10 20:08 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2018-10-20 21:02 - 2018-04-10 20:08 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\wmvdspa.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAMRNBEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\MSOpusDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\mfdvdec.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAMRNBSource.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\mfh263enc.dll 2018-10-20 21:02 - 2018-04-10 20:07 - 001056256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll 2018-10-20 21:02 - 2018-04-10 20:07 - 000431104 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2018-10-20 21:02 - 2018-04-10 20:07 - 000421888 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:07 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2018-10-20 21:02 - 2018-04-10 20:06 - 001244672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2018-10-20 21:02 - 2018-04-10 20:06 - 000241664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll 2018-10-20 21:02 - 2018-04-10 20:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2018-10-20 21:02 - 2018-04-10 20:05 - 001371648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll 2018-10-20 21:02 - 2018-04-10 20:05 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll 2018-10-20 21:02 - 2018-04-10 20:05 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\MSAMRNBDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:05 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\MSAMRNBSource.dll 2018-10-20 21:02 - 2018-04-10 20:04 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll 2018-10-20 21:02 - 2018-04-10 20:04 - 000207872 _____ (Microsoft Corporation) C:\Windows\system32\MSAMRNBEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:02 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll 2018-10-20 21:02 - 2018-04-10 20:02 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL 2018-10-20 21:02 - 2018-01-22 17:15 - 004171264 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll 2018-10-20 21:02 - 2017-10-29 17:03 - 000316640 _____ C:\Windows\WMSysPr9.prx 2018-10-20 20:54 - 2018-10-20 20:54 - 000003596 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DSKVSP2-Didista 2018-10-17 22:03 - 2018-10-17 22:03 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign972041f8865f69bb 2018-10-17 22:03 - 2018-10-17 22:03 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign7edd8a4c6d97542a 2018-10-17 22:01 - 2018-10-17 22:01 - 000001271 _____ C:\Users\Didista\Desktop\Adobe After Effects CC 2017.lnk 2018-10-17 22:01 - 2018-10-17 22:01 - 000000000 ____D C:\Users\Didista\Documents\Adobe 2018-10-17 22:01 - 2018-10-17 22:01 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignec509007fc6c8e36 2018-10-17 22:01 - 2018-10-17 22:01 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign0cc030757ef39a74 2018-10-17 22:00 - 2018-10-17 22:00 - 000001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2017.lnk 2018-10-17 21:58 - 2018-10-17 22:00 - 000000000 ____D C:\Program Files\Common Files\Adobe 2018-10-17 21:58 - 2018-10-17 22:00 - 000000000 ____D C:\Program Files\Adobe 2018-10-17 21:57 - 2018-10-28 20:06 - 000000000 ____D C:\Program Files (x86)\Adobe 2018-10-17 21:49 - 2018-10-17 21:49 - 000000000 ____D C:\Users\Didista\AppData\Local\PeerDistRepub 2018-10-17 21:36 - 2018-10-28 21:46 - 000000000 ____D C:\Users\Didista\AppData\Local\Adobe 2018-10-17 21:36 - 2018-10-28 20:06 - 000000000 ____D C:\ProgramData\Adobe 2018-10-17 21:36 - 2018-10-17 21:36 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Macromedia 2018-10-17 21:16 - 2018-11-15 21:27 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2018-10-17 21:15 - 2018-10-21 19:36 - 000000000 ____D C:\Program Files\DIFX 2018-10-17 21:15 - 2018-10-17 21:15 - 000003628 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher 2018-10-17 21:15 - 2018-10-17 21:15 - 000000000 ____D C:\Program Files (x86)\ASUS 2018-10-16 22:01 - 2018-10-16 22:01 - 000000000 ____D C:\Users\Didista\AppData\Local\ChaosGroup 2018-10-16 21:56 - 2018-10-16 21:57 - 000000000 ____D C:\Program Files\Common Files\ChaosGroup 2018-10-16 21:56 - 2018-10-16 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group 2018-10-16 21:56 - 2018-10-16 21:56 - 000000000 ____D C:\Program Files\Chaos Group 2018-10-16 21:34 - 2018-10-16 21:34 - 000001116 _____ C:\Users\Didista\Desktop\Lightscreen.lnk 2018-10-16 21:34 - 2018-10-16 21:34 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightscreen 2018-10-16 21:34 - 2018-10-16 21:34 - 000000000 ____D C:\Program Files (x86)\Lightscreen 2018-10-16 21:11 - 2018-10-16 21:11 - 000000000 ____D C:\ProgramData\boost_interprocess 2018-10-16 21:03 - 2018-10-17 22:01 - 000000000 ____D C:\Users\Didista\AppData\Local\NVIDIA 2018-10-16 21:03 - 2018-10-16 21:03 - 000000000 ____D C:\Users\Didista\AppData\Local\CEF 2018-10-16 21:03 - 2018-10-16 21:03 - 000000000 ____D C:\Users\Didista\ansel 2018-10-16 21:02 - 2018-10-16 21:02 - 000007597 _____ C:\Users\Didista\AppData\Local\Resmon.ResmonCfg 2018-10-16 20:47 - 2018-10-16 20:47 - 000001441 _____ C:\Users\Public\Desktop\Autodesk Desktop App.lnk 2018-10-16 20:47 - 2018-10-16 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Backburner 2017.0 2018-10-16 20:45 - 2018-10-16 21:52 - 000002045 _____ C:\Users\Public\Desktop\3ds Max 2017.lnk 2018-10-16 20:42 - 2018-10-16 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2018-10-16 20:42 - 2018-10-16 20:42 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared 2018-10-16 20:14 - 2018-10-16 20:14 - 000000881 _____ C:\Users\Didista\Desktop\CCleaner.lnk 2018-10-16 20:11 - 2018-10-16 20:11 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update 2018-10-16 20:11 - 2018-10-16 20:11 - 000002874 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2018-10-16 20:11 - 2018-10-16 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2018-10-16 20:11 - 2018-10-16 20:11 - 000000000 ____D C:\Program Files\CCleaner 2018-10-16 20:05 - 2018-10-16 20:09 - 000000000 ____D C:\ProgramData\Packages 2018-10-16 19:53 - 2018-10-16 19:53 - 000000000 ____D C:\Windows\Firmware 2018-10-16 19:42 - 2018-11-15 22:42 - 000000000 ____D C:\Users\Didista\AppData\Roaming\BitTorrent 2018-10-16 19:42 - 2018-10-16 19:42 - 000000918 _____ C:\Users\Didista\Desktop\BitTorrent.lnk 2018-10-16 19:22 - 2018-11-13 21:48 - 000000000 ____D C:\Windows\system32\MRT 2018-10-16 19:22 - 2018-11-13 21:47 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-10-16 19:19 - 2018-09-21 11:23 - 000257848 _____ (Microsoft Corporation) C:\Windows\system32\AppVFileSystemMetadata.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 001786168 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 001626936 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 001422648 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 001038136 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000954368 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000830264 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000825144 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000749880 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000670008 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000652288 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000399672 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe 2018-10-16 19:19 - 2018-09-21 11:21 - 000228152 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamMap.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\AppVDllSurrogate.exe 2018-10-16 19:19 - 2018-09-21 11:21 - 000173056 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe 2018-10-16 19:19 - 2018-09-21 11:21 - 000034304 _____ C:\Windows\system32\SyncAppvPublishingServer.exe 2018-10-16 19:19 - 2018-09-21 06:13 - 000480568 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll 2018-10-16 19:19 - 2018-09-21 06:09 - 002253696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-10-16 19:19 - 2018-09-21 06:09 - 001427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll 2018-10-16 19:19 - 2018-09-21 06:08 - 002765344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-10-16 19:19 - 2018-09-21 06:08 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll 2018-10-16 19:19 - 2018-09-21 06:07 - 000604664 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe 2018-10-16 19:19 - 2018-09-21 05:57 - 002900992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2018-10-16 19:19 - 2018-09-21 05:56 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll 2018-10-16 19:19 - 2018-09-21 05:53 - 001006080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2018-10-16 19:19 - 2018-09-21 05:43 - 001627136 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2018-10-16 19:19 - 2018-09-21 05:39 - 003320320 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2018-10-16 19:19 - 2018-09-21 05:37 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll 2018-10-16 19:19 - 2018-09-21 05:36 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll 2018-10-16 19:19 - 2018-09-20 11:37 - 001634944 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll 2018-10-16 19:19 - 2018-09-20 11:17 - 002874368 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2018-10-16 19:19 - 2018-09-20 11:17 - 001856000 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2018-10-16 19:19 - 2018-09-20 10:46 - 001454440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll 2018-10-16 19:19 - 2018-09-20 10:29 - 002824704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2018-10-16 19:19 - 2018-09-20 10:29 - 001586176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2018-10-16 19:19 - 2018-09-20 06:29 - 001989232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2018-10-16 19:19 - 2018-09-20 06:29 - 001513032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2018-10-16 19:19 - 2018-09-20 06:29 - 000357056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2018-10-16 19:19 - 2018-09-20 06:10 - 000500536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-10-16 19:19 - 2018-09-20 06:09 - 002462888 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2018-10-16 19:19 - 2018-09-20 06:09 - 002421248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2018-10-16 19:19 - 2018-09-20 06:09 - 001767096 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2018-10-16 19:19 - 2018-09-20 06:09 - 001540096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll 2018-10-16 19:19 - 2018-09-20 06:08 - 004191232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-10-16 19:19 - 2018-09-20 05:40 - 003090432 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2018-10-16 19:19 - 2018-09-20 05:38 - 001724416 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll 2018-10-16 19:19 - 2018-09-20 05:38 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll 2018-10-16 19:19 - 2018-09-20 05:37 - 004615680 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-10-16 19:19 - 2018-09-08 10:12 - 000452112 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 002868536 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2018-10-16 19:19 - 2018-09-08 10:07 - 001610552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000792376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000689464 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000612360 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000309560 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000144696 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-10-16 19:19 - 2018-09-08 10:07 - 000069944 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll 2018-10-16 19:19 - 2018-09-08 10:02 - 000645112 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-10-16 19:19 - 2018-09-08 10:02 - 000540984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2018-10-16 19:19 - 2018-09-08 09:57 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2018-10-16 19:19 - 2018-09-08 09:42 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2018-10-16 19:19 - 2018-09-08 09:42 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll 2018-10-16 19:19 - 2018-09-08 09:40 - 001724928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2018-10-16 19:19 - 2018-09-08 09:40 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2018-10-16 19:19 - 2018-09-08 09:40 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2018-10-16 19:19 - 2018-09-08 09:40 - 000522240 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2018-10-16 19:19 - 2018-09-08 09:40 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl 2018-10-16 19:19 - 2018-09-08 09:39 - 005505024 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll 2018-10-16 19:19 - 2018-09-08 09:39 - 002052096 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll 2018-10-16 19:19 - 2018-09-08 09:39 - 001787904 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll 2018-10-16 19:19 - 2018-09-08 09:39 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll 2018-10-16 19:19 - 2018-09-08 09:38 - 001288192 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll 2018-10-16 19:19 - 2018-09-08 09:38 - 001004544 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2018-10-16 19:19 - 2018-09-08 09:38 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2018-10-16 19:19 - 2018-09-08 09:38 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2018-10-16 19:19 - 2018-09-08 09:37 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2018-10-16 19:19 - 2018-09-08 09:16 - 000482080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-10-16 19:19 - 2018-09-08 09:13 - 000181288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll 2018-10-16 19:19 - 2018-09-08 09:03 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdBth.dll 2018-10-16 19:19 - 2018-09-08 09:02 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll 2018-10-16 19:19 - 2018-09-08 09:00 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2018-10-16 19:19 - 2018-09-08 08:59 - 001530368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2018-10-16 19:19 - 2018-09-08 08:59 - 001452544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll 2018-10-16 19:19 - 2018-09-08 08:59 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll 2018-10-16 19:19 - 2018-09-08 08:59 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll 2018-10-16 19:19 - 2018-09-08 08:58 - 001308672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll 2018-10-16 19:19 - 2018-09-08 08:58 - 000775680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2018-10-16 19:19 - 2018-09-08 08:57 - 005391360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll 2018-10-16 19:19 - 2018-09-08 08:57 - 000625664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2018-10-16 19:19 - 2018-09-08 08:57 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2018-10-16 19:19 - 2018-09-08 08:57 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl 2018-10-16 19:19 - 2018-09-08 08:56 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe 2018-10-16 19:19 - 2018-09-08 06:08 - 000462880 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2018-10-16 19:19 - 2018-09-08 05:59 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2018-10-16 19:19 - 2018-09-08 05:59 - 000361544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2018-10-16 19:19 - 2018-09-08 05:58 - 000744976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2018-10-16 19:19 - 2018-09-08 05:58 - 000376120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2018-10-16 19:19 - 2018-09-08 05:57 - 001016984 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2018-10-16 19:19 - 2018-09-08 05:57 - 000930616 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2018-10-16 19:19 - 2018-09-08 05:57 - 000482384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll 2018-10-16 19:19 - 2018-09-08 05:57 - 000368448 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2018-10-16 19:19 - 2018-09-08 05:51 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll 2018-10-16 19:19 - 2018-09-08 05:45 - 000286824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2018-10-16 19:19 - 2018-09-08 05:44 - 000829752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2018-10-16 19:19 - 2018-09-08 05:43 - 001174448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2018-10-16 19:19 - 2018-09-08 05:43 - 000269104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2018-10-16 19:19 - 2018-09-08 05:30 - 003601920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll 2018-10-16 19:19 - 2018-09-08 05:30 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll 2018-10-16 19:19 - 2018-09-08 05:29 - 004771840 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll 2018-10-16 19:19 - 2018-09-08 05:29 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2018-10-16 19:19 - 2018-09-08 05:29 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll 2018-10-16 19:19 - 2018-09-08 05:29 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll 2018-10-16 19:19 - 2018-09-08 05:29 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll 2018-10-16 19:19 - 2018-09-08 05:28 - 000481280 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll 2018-10-16 19:19 - 2018-09-08 05:27 - 003348992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2018-10-16 19:19 - 2018-09-08 05:27 - 000983040 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll 2018-10-16 19:19 - 2018-09-08 05:27 - 000596992 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll 2018-10-16 19:19 - 2018-09-08 05:27 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\winipcfile.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 002328064 _____ (Microsoft Corporation) C:\Windows\system32\winmsipc.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000814592 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000784896 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcfile.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll 2018-10-16 19:19 - 2018-09-08 05:25 - 003553792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll 2018-10-16 19:19 - 2018-09-08 05:25 - 002789376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2018-10-16 19:19 - 2018-09-08 05:25 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc.dll 2018-10-16 19:19 - 2018-09-08 05:25 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2018-10-16 19:19 - 2018-09-08 05:24 - 001457664 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2018-10-16 19:19 - 2018-09-08 05:24 - 000899072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-10-16 19:19 - 2018-09-08 05:24 - 000845824 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2018-10-16 19:19 - 2018-09-08 05:24 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\das.dll 2018-10-16 19:19 - 2018-09-08 05:23 - 001655296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmsipc.dll 2018-10-16 19:19 - 2018-09-08 05:23 - 000807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc.dll 2018-10-16 19:19 - 2018-09-08 05:23 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll 2018-10-16 19:19 - 2018-09-08 05:22 - 000778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-10-16 19:19 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2018-10-16 19:19 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2018-10-16 19:19 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll 2018-10-16 19:19 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-10-16 19:19 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2018-10-16 19:19 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-10-16 19:19 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll 2018-10-16 19:19 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2018-10-16 19:19 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2018-10-16 19:19 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll 2018-10-16 19:19 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-10-16 19:19 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2018-10-16 19:19 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll 2018-10-16 19:19 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2018-10-16 19:19 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2018-10-16 19:19 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll 2018-10-16 19:19 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2018-10-16 19:19 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2018-10-16 19:19 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll 2018-10-16 19:19 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll 2018-10-16 19:19 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2018-10-16 19:19 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2018-10-16 19:19 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2018-10-16 19:19 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll 2018-10-16 19:19 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll 2018-10-16 19:19 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe 2018-10-16 19:19 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-10-16 19:19 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-10-16 19:19 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2018-10-16 19:19 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-10-16 19:19 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll 2018-10-16 19:19 - 2018-08-09 11:09 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\PackageInspector.exe 2018-10-16 19:19 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollUI.dll 2018-10-16 19:19 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-10-16 19:19 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certreq.exe 2018-10-16 19:19 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-10-16 19:19 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2018-10-16 19:19 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll 2018-10-16 19:19 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll 2018-10-16 19:19 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys 2018-10-16 19:19 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2018-10-16 19:19 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll 2018-10-16 19:19 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2018-10-16 19:19 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\Windows\system32\cryptxml.dll 2018-10-16 19:19 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll 2018-10-16 19:19 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptxml.dll 2018-10-16 19:19 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\eShims.dll 2018-10-16 19:19 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2018-10-16 19:19 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll 2018-10-16 19:19 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2018-10-16 19:19 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\TtlsAuth.dll 2018-10-16 19:19 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\certca.dll 2018-10-16 19:19 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-10-16 19:19 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll 2018-10-16 19:19 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll 2018-10-16 19:19 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2018-10-16 19:19 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2018-10-16 19:19 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-10-16 19:19 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2018-10-16 19:19 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certca.dll 2018-10-16 19:19 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-10-16 19:19 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TtlsAuth.dll 2018-10-16 19:19 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll 2018-10-16 19:19 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2018-10-16 19:19 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2018-10-16 19:19 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-10-16 19:19 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll 2018-10-16 19:19 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2018-10-16 19:19 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2018-10-16 19:19 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2018-10-16 19:19 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2018-10-16 19:19 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2018-10-16 19:19 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2018-10-16 19:19 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2018-10-16 19:19 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys 2018-10-16 19:19 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll 2018-10-16 19:19 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2018-10-16 19:19 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ucx01000.sys 2018-10-16 19:19 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll 2018-10-16 19:19 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2018-10-16 19:19 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys 2018-10-16 19:19 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys 2018-10-16 19:19 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys 2018-10-16 19:19 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2018-10-16 19:19 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\vertdll.dll 2018-10-16 19:19 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll 2018-10-16 19:19 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll 2018-10-16 19:19 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2018-10-16 19:19 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\WaaSAssessment.dll 2018-10-16 19:19 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2018-10-16 19:19 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\Windows\system32\edgeangle.dll 2018-10-16 19:19 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-10-16 19:19 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-10-16 19:19 - 2018-07-15 03:00 - 000183736 _____ (Microsoft Corporation) C:\Windows\system32\mavinject.exe 2018-10-16 19:19 - 2018-07-15 02:58 - 000094112 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2018-10-16 19:19 - 2018-07-15 02:42 - 008624128 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2018-10-16 19:19 - 2018-07-15 02:42 - 004708864 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll 2018-10-16 19:19 - 2018-07-15 02:41 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll 2018-10-16 19:19 - 2018-07-15 02:39 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2018-10-16 19:19 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2018-10-16 19:19 - 2018-07-14 06:23 - 000760888 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe 2018-10-16 19:19 - 2018-07-14 06:22 - 000510392 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll 2018-10-16 19:19 - 2018-07-14 06:19 - 000981920 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll 2018-10-16 19:19 - 2018-07-14 06:19 - 000636944 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2018-10-16 19:19 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll 2018-10-16 19:19 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll 2018-10-16 19:19 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2018-10-16 19:19 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 002697216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Controls.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Controls.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys 2018-10-16 19:19 - 2018-07-14 05:55 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\datamarketsvc.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe 2018-10-16 19:19 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\PushToInstall.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000681984 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000450560 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreCommonProxyStub.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll 2018-10-16 19:19 - 2018-07-14 05:52 - 000972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2018-10-16 19:19 - 2018-07-14 05:52 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll 2018-10-16 19:19 - 2018-07-14 05:52 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll 2018-10-16 19:19 - 2018-07-14 05:52 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll 2018-10-16 19:19 - 2018-07-14 05:51 - 003376640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll 2018-10-16 19:19 - 2018-07-14 05:51 - 001304064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2018-10-16 19:19 - 2018-07-14 05:51 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 001773056 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 000949760 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 000884224 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll 2018-10-16 19:19 - 2018-07-06 16:17 - 003932672 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2018-10-16 19:19 - 2018-07-06 15:53 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2018-10-16 19:19 - 2018-07-06 15:53 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll 2018-10-16 19:19 - 2018-07-06 15:53 - 000386048 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2018-10-16 19:19 - 2018-07-06 14:06 - 003611368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2018-10-16 19:19 - 2018-07-06 13:53 - 000565248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2018-10-16 19:19 - 2018-07-06 09:27 - 000057440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.ShellCommon.Broker.dll 2018-10-16 19:19 - 2018-07-06 09:26 - 000766608 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2018-10-16 19:19 - 2018-07-06 09:25 - 000335776 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll 2018-10-16 19:19 - 2018-07-06 09:14 - 000573904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2018-10-16 19:19 - 2018-07-06 08:59 - 001153536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2018-10-16 19:19 - 2018-07-06 08:59 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\NmaDirect.dll 2018-10-16 19:19 - 2018-07-06 08:59 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\tokenbinding.dll 2018-10-16 19:19 - 2018-07-06 08:58 - 000670720 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll 2018-10-16 19:19 - 2018-07-06 08:58 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\CredProv2faHelper.dll 2018-10-16 19:19 - 2018-07-06 08:58 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tokenbinding.dll 2018-10-16 19:19 - 2018-07-06 08:57 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2018-10-16 19:19 - 2018-07-06 08:57 - 000676864 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Devices.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 001817600 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 001567744 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProv2faHelper.dll 2018-10-16 19:19 - 2018-07-06 08:54 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll 2018-10-16 19:19 - 2018-07-06 08:54 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll 2018-10-16 19:19 - 2018-07-06 08:54 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll 2018-10-16 19:19 - 2018-06-15 19:55 - 000542888 _____ C:\Windows\system32\FaceProcessorCore.dll 2018-10-16 19:19 - 2018-06-15 19:48 - 000338352 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll 2018-10-16 19:19 - 2018-06-15 19:33 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys 2018-10-16 19:19 - 2018-06-15 19:32 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll 2018-10-16 19:19 - 2018-06-15 19:32 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\AcLayers.dll 2018-10-16 19:19 - 2018-06-15 19:32 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe 2018-10-16 19:19 - 2018-06-15 19:31 - 002193920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll 2018-10-16 19:19 - 2018-06-15 19:31 - 000907776 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe 2018-10-16 19:19 - 2018-06-15 19:30 - 001308672 _____ C:\Windows\system32\FaceProcessor.dll 2018-10-16 19:19 - 2018-06-15 19:30 - 001186816 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll 2018-10-16 19:19 - 2018-06-15 19:30 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe 2018-10-16 19:19 - 2018-06-15 19:30 - 001054720 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2018-10-16 19:19 - 2018-06-15 19:29 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2018-10-16 19:19 - 2018-06-15 19:29 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2018-10-16 19:19 - 2018-06-15 19:29 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSoftwareInstallationClient.dll 2018-10-16 19:19 - 2018-06-15 19:00 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll 2018-10-16 19:19 - 2018-06-15 17:04 - 000851968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe 2018-10-16 19:19 - 2018-06-15 17:04 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcLayers.dll 2018-10-16 19:19 - 2018-06-15 17:03 - 000831488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe 2018-10-16 19:19 - 2018-06-15 17:02 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2018-10-16 19:19 - 2018-06-15 09:03 - 000083360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2018-10-16 19:19 - 2018-06-15 07:21 - 001213368 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe 2018-10-16 19:19 - 2018-06-15 07:19 - 000116632 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe 2018-10-16 19:19 - 2018-06-15 07:19 - 000093600 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll 2018-10-16 19:19 - 2018-06-15 07:18 - 000228768 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll 2018-10-16 19:19 - 2018-06-15 07:13 - 000324000 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-10-16 19:19 - 2018-06-15 07:12 - 000118872 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2018-10-16 19:19 - 2018-06-15 07:10 - 000326024 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll 2018-10-16 19:19 - 2018-06-15 07:09 - 002546592 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll 2018-10-16 19:19 - 2018-06-15 07:09 - 001798552 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2018-10-16 19:19 - 2018-06-15 07:09 - 001659296 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll 2018-10-16 19:19 - 2018-06-15 07:08 - 001921944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys 2018-10-16 19:19 - 2018-06-15 07:08 - 000945568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys 2018-10-16 19:19 - 2018-06-15 07:08 - 000898760 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2018-10-16 19:19 - 2018-06-15 07:08 - 000642088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll 2018-10-16 19:19 - 2018-06-15 07:08 - 000072768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys 2018-10-16 19:19 - 2018-06-15 07:04 - 001462824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2018-10-16 19:19 - 2018-06-15 07:04 - 001251736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll 2018-10-16 19:19 - 2018-06-15 07:04 - 000719552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2018-10-16 19:19 - 2018-06-15 07:04 - 000281080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExecModelClient.dll 2018-10-16 19:19 - 2018-06-15 07:04 - 000105376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2018-10-16 19:19 - 2018-06-15 06:48 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll 2018-10-16 19:19 - 2018-06-15 06:47 - 000515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2018-10-16 19:19 - 2018-06-15 06:46 - 001356800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll 2018-10-16 19:19 - 2018-06-15 06:46 - 000593408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll 2018-10-16 19:19 - 2018-06-15 06:46 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll 2018-10-16 19:19 - 2018-06-15 06:46 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2018-10-16 19:19 - 2018-06-15 06:45 - 002548736 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe 2018-10-16 19:19 - 2018-06-15 06:45 - 000871424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe 2018-10-16 19:19 - 2018-06-15 06:45 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll 2018-10-16 19:19 - 2018-06-15 06:44 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys 2018-10-16 19:19 - 2018-06-15 06:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 001110528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 000675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\VideoHandlers.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe 2018-10-16 19:19 - 2018-06-15 06:42 - 000431104 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll 2018-10-16 19:19 - 2018-06-15 06:42 - 000386048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll 2018-10-16 19:19 - 2018-06-15 06:42 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2018-10-16 19:19 - 2018-06-15 06:42 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2018-10-16 19:19 - 2018-06-15 06:42 - 000102400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2018-10-16 19:19 - 2018-06-15 06:41 - 001724928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll 2018-10-16 19:19 - 2018-06-15 06:41 - 000953856 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe 2018-10-16 19:19 - 2018-06-15 06:41 - 000811520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll 2018-10-16 19:19 - 2018-06-15 06:41 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll 2018-10-16 19:19 - 2018-06-15 06:40 - 001487360 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll 2018-10-16 19:19 - 2018-06-15 06:40 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll 2018-10-16 19:19 - 2018-06-15 06:40 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll 2018-10-16 19:19 - 2018-06-15 06:40 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll 2018-10-16 19:19 - 2018-06-15 06:38 - 001581568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll 2018-10-16 19:19 - 2018-06-15 06:38 - 000910848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll 2018-10-16 19:19 - 2018-06-15 06:37 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2018-10-16 19:19 - 2018-06-15 06:36 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys 2018-10-16 19:19 - 2018-06-08 21:07 - 000506184 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe 2018-10-16 19:19 - 2018-06-08 21:07 - 000040864 _____ (Microsoft Corporation) C:\Windows\system32\AppVClientPS.dll 2018-10-16 19:19 - 2018-06-08 21:07 - 000019872 _____ (Microsoft Corporation) C:\Windows\system32\AppVTerminator.dll 2018-10-16 19:19 - 2018-06-08 21:02 - 000661160 _____ (Microsoft Corporation) C:\Windows\system32\GenValObj.exe 2018-10-16 19:19 - 2018-06-08 21:01 - 001046944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2018-10-16 19:19 - 2018-06-08 20:47 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2018-10-16 19:19 - 2018-06-08 20:45 - 000808960 _____ C:\Windows\system32\MBR2GPT.EXE 2018-10-16 19:19 - 2018-06-08 20:44 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll 2018-10-16 19:19 - 2018-06-08 20:43 - 003640832 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2018-10-16 19:19 - 2018-06-08 20:43 - 002922496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2018-10-16 19:19 - 2018-06-08 20:43 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2018-10-16 19:19 - 2018-06-08 20:43 - 001659904 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2018-10-16 19:19 - 2018-06-08 20:43 - 001543680 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2018-10-16 19:19 - 2018-06-08 20:42 - 003999232 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2018-10-16 19:19 - 2018-06-08 20:42 - 000800256 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe 2018-10-16 19:19 - 2018-06-08 20:41 - 002019840 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll 2018-10-16 19:19 - 2018-06-08 20:41 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2018-10-16 19:19 - 2018-06-08 20:41 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll 2018-10-16 19:19 - 2018-06-08 20:40 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll 2018-10-16 19:19 - 2018-06-08 18:58 - 000917408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2018-10-16 19:19 - 2018-06-08 18:47 - 003492864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll 2018-10-16 19:19 - 2018-06-08 18:47 - 001462784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll 2018-10-16 19:19 - 2018-06-08 18:47 - 001032704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2018-10-16 19:19 - 2018-06-08 18:47 - 000231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll 2018-10-16 19:19 - 2018-06-08 18:46 - 003444224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2018-10-16 19:19 - 2018-06-08 18:06 - 000976384 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe 2018-10-16 19:19 - 2018-06-08 18:05 - 000944640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll 2018-10-16 19:19 - 2018-06-08 16:00 - 000658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll 2018-10-16 19:19 - 2018-06-08 12:38 - 005821544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2018-10-16 19:19 - 2018-06-08 12:35 - 001613200 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll 2018-10-16 19:19 - 2018-06-08 12:35 - 000613144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2018-10-16 19:19 - 2018-06-08 12:34 - 001299056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll 2018-10-16 19:19 - 2018-06-08 12:34 - 000748512 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2018-10-16 19:19 - 2018-06-08 12:31 - 007900984 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2018-10-16 19:19 - 2018-06-08 12:31 - 000029600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys 2018-10-16 19:19 - 2018-06-08 12:30 - 000705440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2018-10-16 19:19 - 2018-06-08 11:30 - 000723360 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll 2018-10-16 19:19 - 2018-06-08 11:30 - 000527264 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe 2018-10-16 19:19 - 2018-06-08 11:30 - 000194456 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll 2018-10-16 19:19 - 2018-06-08 11:30 - 000137568 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 004970360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 001792808 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 001364184 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000678840 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000659096 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000313592 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000164768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2018-10-16 19:19 - 2018-06-08 11:29 - 000084288 _____ (Microsoft Corporation) C:\Windows\system32\LanguageOverlayUtil.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000057960 _____ (Microsoft Corporation) C:\Windows\system32\kernel.appcore.dll 2018-10-16 19:19 - 2018-06-08 11:10 - 000097176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 004469832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 001584128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 001077504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000607648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000568720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000553248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000064648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LanguageOverlayUtil.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000050208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel.appcore.dll 2018-10-16 19:19 - 2018-06-08 11:03 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys 2018-10-16 19:19 - 2018-06-08 11:01 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll 2018-10-16 19:19 - 2018-06-08 11:01 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll 2018-10-16 19:19 - 2018-06-08 11:00 - 001285120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll 2018-10-16 19:19 - 2018-06-08 11:00 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll 2018-10-16 19:19 - 2018-06-08 10:59 - 001318400 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll 2018-10-16 19:19 - 2018-06-08 10:59 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll 2018-10-16 19:19 - 2018-06-08 10:58 - 001676800 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll 2018-10-16 19:19 - 2018-06-08 10:58 - 000239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll 2018-10-16 19:19 - 2018-06-08 10:57 - 000483328 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 003293696 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000871424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000869376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000715776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000264704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 002061824 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 001192448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 001171968 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 000849408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 000652800 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 000630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 001128448 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000950272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000593408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll 2018-10-16 19:19 - 2018-06-08 10:53 - 001675264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2018-10-16 19:19 - 2018-06-08 10:53 - 000648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2018-10-16 19:19 - 2018-06-08 10:53 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll 2018-10-16 19:19 - 2018-06-06 20:57 - 003733320 _____ C:\Windows\system32\Windows.Mirage.dll 2018-10-16 19:19 - 2018-06-06 06:20 - 002841312 _____ C:\Windows\SysWOW64\Windows.Mirage.dll 2018-10-16 19:19 - 2018-05-20 21:42 - 001649760 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2018-10-16 19:19 - 2018-05-20 21:26 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll 2018-10-16 19:19 - 2018-05-20 21:23 - 000947712 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2018-10-16 19:19 - 2018-05-20 21:23 - 000899072 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2018-10-16 19:19 - 2018-05-20 21:22 - 001665024 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2018-10-16 19:19 - 2018-05-20 21:22 - 000804352 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll 2018-10-16 19:19 - 2018-05-20 20:14 - 001490144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll 2018-10-16 19:19 - 2018-05-20 20:02 - 000461312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll 2018-10-16 19:19 - 2018-05-20 20:00 - 000864768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl 2018-10-16 19:19 - 2018-05-20 19:59 - 000863232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll 2018-10-16 19:19 - 2018-05-20 19:59 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll 2018-10-16 19:19 - 2018-05-20 14:33 - 000105368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys 2018-10-16 19:19 - 2018-05-20 13:53 - 002178136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2018-10-16 19:19 - 2018-05-20 13:53 - 000131232 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll 2018-10-16 19:19 - 2018-05-20 13:53 - 000088472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys 2018-10-16 19:19 - 2018-05-20 13:52 - 000735560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2018-10-16 19:19 - 2018-05-20 13:52 - 000347704 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2018-10-16 19:19 - 2018-05-20 13:52 - 000130456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys 2018-10-16 19:19 - 2018-05-20 13:52 - 000089984 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll 2018-10-16 19:19 - 2018-05-20 13:33 - 001665920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2018-10-16 19:19 - 2018-05-20 13:33 - 000101288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll 2018-10-16 19:19 - 2018-05-20 13:32 - 000560488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2018-10-16 19:19 - 2018-05-20 13:32 - 000286200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2018-10-16 19:19 - 2018-05-20 13:31 - 001456640 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll 2018-10-16 19:19 - 2018-05-20 13:28 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\AppHostRegistrationVerifier.exe 2018-10-16 19:19 - 2018-05-20 13:26 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll 2018-10-16 19:19 - 2018-05-20 13:26 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe 2018-10-16 19:19 - 2018-05-20 13:26 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUser.dll 2018-10-16 19:19 - 2018-05-20 13:25 - 000384000 _____ (Microsoft Corporation) C:\Windows\system32\Phoneutil.dll 2018-10-16 19:19 - 2018-05-20 13:24 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll 2018-10-16 19:19 - 2018-05-20 13:23 - 000933376 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2018-10-16 19:19 - 2018-05-20 13:21 - 000960512 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll 2018-10-16 19:19 - 2018-05-20 13:21 - 000783360 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll 2018-10-16 19:19 - 2018-05-20 13:14 - 000167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtutil.exe 2018-10-16 19:19 - 2018-05-20 13:13 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll 2018-10-16 19:19 - 2018-05-20 13:12 - 000860160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll 2018-10-16 19:19 - 2018-04-28 16:23 - 000826776 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe 2018-10-16 19:19 - 2018-04-28 16:03 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\SharedPCCSP.dll 2018-10-16 19:19 - 2018-04-28 16:00 - 000695296 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2018-10-16 19:19 - 2018-04-28 15:14 - 000581120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2018-10-16 19:19 - 2018-04-28 15:12 - 001380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2018-10-16 19:19 - 2018-04-28 06:29 - 000788216 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2018-10-16 19:19 - 2018-04-28 06:29 - 000776880 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2018-10-16 19:19 - 2018-04-28 06:29 - 000494488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2018-10-16 19:19 - 2018-04-28 06:29 - 000382872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2018-10-16 19:19 - 2018-04-28 06:14 - 000434584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2018-10-16 19:19 - 2018-04-28 06:13 - 000665320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2018-10-16 19:19 - 2018-04-28 06:12 - 000606448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2018-10-16 19:19 - 2018-04-28 05:59 - 000553984 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationExtensions.dll 2018-10-16 19:19 - 2018-04-28 04:43 - 001953280 _____ C:\Windows\system32\rdpnano.dll 2018-10-16 19:18 - 2018-09-21 11:01 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2018-10-16 19:18 - 2018-09-21 10:12 - 000150016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2018-10-16 19:18 - 2018-09-21 05:54 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll 2018-10-16 19:18 - 2018-09-20 06:11 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe 2018-10-16 19:18 - 2018-09-20 06:10 - 000355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll 2018-10-16 19:18 - 2018-09-20 05:43 - 000052736 _____ C:\Windows\system32\runexehelper.exe 2018-10-16 19:18 - 2018-09-20 05:42 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll 2018-10-16 19:18 - 2018-09-20 03:28 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2018-10-16 19:18 - 2018-09-08 09:44 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll 2018-10-16 19:18 - 2018-09-08 09:43 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\SCardBi.dll 2018-10-16 19:18 - 2018-09-08 09:42 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2018-10-16 19:18 - 2018-09-08 09:42 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll 2018-10-16 19:18 - 2018-09-08 09:41 - 000258560 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll 2018-10-16 19:18 - 2018-09-08 09:40 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll 2018-10-16 19:18 - 2018-09-08 09:38 - 000986112 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2018-10-16 19:18 - 2018-09-08 08:58 - 000897536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2018-10-16 19:18 - 2018-09-08 05:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpstorport.sys 2018-10-16 19:18 - 2018-09-08 05:31 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe 2018-10-16 19:18 - 2018-09-08 05:31 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Proxy.dll 2018-10-16 19:18 - 2018-09-08 05:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys 2018-10-16 19:18 - 2018-09-08 05:30 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll 2018-10-16 19:18 - 2018-09-08 05:28 - 000153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Proxy.dll 2018-10-16 19:18 - 2018-09-08 05:27 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll 2018-10-16 19:18 - 2018-09-08 05:25 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Proximity.dll 2018-10-16 19:18 - 2018-09-08 05:23 - 000314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Proximity.dll 2018-10-16 19:18 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2018-10-16 19:18 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-10-16 19:18 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2018-10-16 19:18 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2018-10-16 19:18 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll 2018-10-16 19:18 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll 2018-10-16 19:18 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll 2018-10-16 19:18 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\TtlsExt.dll 2018-10-16 19:18 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll 2018-10-16 19:18 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll 2018-10-16 19:18 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll 2018-10-16 19:18 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe 2018-10-16 19:18 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\TtlsCfg.dll 2018-10-16 19:18 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollCtrl.exe 2018-10-16 19:18 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TtlsCfg.dll 2018-10-16 19:18 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2018-10-16 19:18 - 2018-08-03 10:21 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys 2018-10-16 19:18 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys 2018-10-16 19:18 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll 2018-10-16 19:18 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys 2018-10-16 19:18 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll 2018-10-16 19:18 - 2018-07-15 01:31 - 000148888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mavinject.exe 2018-10-16 19:18 - 2018-07-14 06:21 - 000192920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-10-16 19:18 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll 2018-10-16 19:18 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2018-10-16 19:18 - 2018-07-14 05:56 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreCommonProxyStub.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2018-10-16 19:18 - 2018-07-14 05:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\EasPolicyManagerBrokerPS.dll 2018-10-16 19:18 - 2018-07-06 13:53 - 000347136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll 2018-10-16 19:18 - 2018-07-06 09:01 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll 2018-10-16 19:18 - 2018-07-06 09:01 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvcProxy.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\mapstoasttask.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\MapsTelemetry.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nativemap.dll 2018-10-16 19:18 - 2018-07-06 08:59 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Geolocation.dll 2018-10-16 19:18 - 2018-07-06 08:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll 2018-10-16 19:18 - 2018-07-06 08:59 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll 2018-10-16 19:18 - 2018-07-06 08:58 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll 2018-10-16 19:18 - 2018-07-06 08:58 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Cortana.dll 2018-10-16 19:18 - 2018-07-06 08:58 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll 2018-10-16 19:18 - 2018-07-06 08:57 - 000262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NmaDirect.dll 2018-10-16 19:18 - 2018-07-06 08:56 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll 2018-10-16 19:18 - 2018-07-06 08:56 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll 2018-10-16 19:18 - 2018-06-15 19:34 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\DsmUserTask.exe 2018-10-16 19:18 - 2018-06-15 19:34 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll 2018-10-16 19:18 - 2018-06-15 19:33 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManagerAPI.dll 2018-10-16 19:18 - 2018-06-15 19:33 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll 2018-10-16 19:18 - 2018-06-15 19:32 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CscUnpinTool.exe 2018-10-16 19:18 - 2018-06-15 19:29 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2018-10-16 19:18 - 2018-06-15 19:03 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe 2018-10-16 19:18 - 2018-06-15 17:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll 2018-10-16 19:18 - 2018-06-15 17:01 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2018-10-16 19:18 - 2018-06-15 09:10 - 000048544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys 2018-10-16 19:18 - 2018-06-15 06:47 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll 2018-10-16 19:18 - 2018-06-15 06:47 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll 2018-10-16 19:18 - 2018-06-15 06:46 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll 2018-10-16 19:18 - 2018-06-15 06:45 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2018-10-16 19:18 - 2018-06-15 06:45 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll 2018-10-16 19:18 - 2018-06-15 06:45 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandlerPS.dll 2018-10-16 19:18 - 2018-06-15 06:44 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll 2018-10-16 19:18 - 2018-06-15 06:44 - 000135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll 2018-10-16 19:18 - 2018-06-15 06:44 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll 2018-10-16 19:18 - 2018-06-15 06:44 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll 2018-10-16 19:18 - 2018-06-15 06:43 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll 2018-10-16 19:18 - 2018-06-15 06:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll 2018-10-16 19:18 - 2018-06-15 06:42 - 000978432 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll 2018-10-16 19:18 - 2018-06-15 06:42 - 000558592 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2018-10-16 19:18 - 2018-06-15 06:42 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll 2018-10-16 19:18 - 2018-06-15 06:41 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll 2018-10-16 19:18 - 2018-06-15 06:41 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll 2018-10-16 19:18 - 2018-06-08 20:46 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2018-10-16 19:18 - 2018-06-08 20:45 - 001560576 _____ (Microsoft Corporation) C:\Windows\system32\msdt.exe 2018-10-16 19:18 - 2018-06-08 20:44 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll 2018-10-16 19:18 - 2018-06-08 18:50 - 001508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdt.exe 2018-10-16 19:18 - 2018-06-08 11:03 - 000906752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.PhoneNumberFormatting.dll 2018-10-16 19:18 - 2018-06-08 11:03 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll 2018-10-16 19:18 - 2018-06-08 11:02 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll 2018-10-16 19:18 - 2018-06-08 11:02 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\edpnotify.exe 2018-10-16 19:18 - 2018-06-08 11:02 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe 2018-10-16 19:18 - 2018-06-08 11:01 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll 2018-10-16 19:18 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll 2018-10-16 19:18 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2018-10-16 19:18 - 2018-06-08 11:00 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe 2018-10-16 19:18 - 2018-06-08 11:00 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManagerClient.dll 2018-10-16 19:18 - 2018-06-08 10:59 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll 2018-10-16 19:18 - 2018-06-08 10:58 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe 2018-10-16 19:18 - 2018-06-08 10:57 - 000150016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll 2018-10-16 19:18 - 2018-06-08 10:57 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll 2018-10-16 19:18 - 2018-06-08 10:55 - 000778752 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2018-10-16 19:18 - 2018-06-01 07:18 - 000058524 _____ C:\Windows\system32\srms.dat 2018-10-16 19:18 - 2018-05-20 21:22 - 001292288 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe 2018-10-16 19:18 - 2018-05-20 21:22 - 000941056 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll 2018-10-16 19:18 - 2018-05-20 13:32 - 000077040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll 2018-10-16 19:18 - 2018-05-20 13:27 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\ApiSetHost.AppExecutionAlias.dll 2018-10-16 19:18 - 2018-05-20 13:23 - 005951488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2018-10-16 19:18 - 2018-05-20 13:21 - 001371136 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2018-10-16 19:18 - 2018-05-20 13:16 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ApiSetHost.AppExecutionAlias.dll 2018-10-16 19:18 - 2018-05-20 13:15 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll 2018-10-16 19:18 - 2018-05-20 13:13 - 004929024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2018-10-16 19:18 - 2018-05-20 13:11 - 001036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll 2018-10-16 19:18 - 2018-05-20 10:26 - 000018716 _____ C:\Windows\system32\srms-apr.dat 2018-10-16 19:18 - 2018-05-18 19:08 - 000018716 _____ C:\Windows\SysWOW64\srms-apr.dat 2018-10-16 19:18 - 2018-04-28 06:03 - 000585728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.rs3.dll 2018-10-16 19:18 - 2018-04-28 06:03 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.rs1.dll 2018-10-16 19:18 - 2018-04-28 06:03 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.th.dll 2018-10-16 19:18 - 2018-04-28 06:03 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.win81.dll 2018-10-16 19:18 - 2018-04-28 06:02 - 000613376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.rs4.dll 2018-10-16 19:18 - 2018-04-28 06:02 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.rs2.dll 2018-10-16 19:18 - 2018-04-28 06:02 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.win8rtm.dll 2018-10-16 19:18 - 2018-04-28 06:01 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-10-16 19:18 - 2018-04-28 06:00 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-10-16 19:18 - 2018-04-28 05:57 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-10-16 19:18 - 2018-04-28 05:55 - 001421312 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll 2018-10-16 19:18 - 2018-04-28 05:53 - 001235968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll 2018-10-16 19:18 - 2018-04-28 05:53 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-10-16 19:12 - 2018-10-16 19:11 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2018-10-16 18:04 - 2018-10-16 18:04 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2018-10-16 18:04 - 2018-10-16 18:04 - 000000000 ____D C:\Windows\PCHEALTH 2018-10-16 18:04 - 2018-10-16 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2018-10-16 18:04 - 2018-10-16 18:04 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2018-10-16 18:03 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2018-10-16 18:03 - 2018-10-16 18:04 - 000000000 ____D C:\Program Files\Microsoft Office 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 __RHD C:\MSOCache 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 ____D C:\Windows\SHELLNEW 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 ____D C:\Users\Didista\AppData\Local\Microsoft Help 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2018-10-16 18:01 - 2018-10-16 18:02 - 000000000 ____D C:\Users\Didista\AppData\Roaming\DAEMON Tools Lite 2018-10-16 18:01 - 2018-10-16 18:01 - 000047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2018-10-16 18:01 - 2018-10-16 18:01 - 000030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2018-10-16 18:01 - 2018-10-16 18:01 - 000001814 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2018-10-16 18:01 - 2018-10-16 18:01 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2018-10-16 18:01 - 2018-10-16 18:01 - 000000000 ____D C:\Users\Public\Documents\Catch! 2018-10-16 18:01 - 2018-10-16 18:01 - 000000000 ____D C:\Users\Didista\AppData\Local\Disc_Soft_Ltd 2018-10-16 18:01 - 2018-10-16 18:01 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2018-10-16 18:00 - 2018-10-16 18:01 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2018-10-16 17:59 - 2018-10-16 21:04 - 000000000 ____D C:\Users\Didista\AppData\Local\NVIDIA Corporation 2018-10-16 15:46 - 2018-10-16 12:47 - 000000000 ____D C:\Windows\Panther 2018-10-16 14:25 - 2018-10-19 18:31 - 000000000 ____D C:\Users\Didista\AppData\Local\CrashDumps 2018-10-16 14:25 - 2018-10-17 21:49 - 000000000 ____D C:\Users\Didista\AppData\Local\D3DSCache 2018-10-16 14:25 - 2018-10-16 14:25 - 000000000 ____D C:\Users\Didista\AppData\Local\DBG 2018-10-16 14:12 - 2018-10-16 20:59 - 000000000 ____D C:\Users\Didista\Autodesk 2018-10-16 14:12 - 2018-10-16 14:12 - 000000000 ____D C:\Users\Didista\AppData\Roaming\NVIDIA 2018-10-16 14:08 - 2018-10-16 14:08 - 000000000 ____D C:\ProgramData\FLEXnet 2018-10-16 13:55 - 2018-10-16 20:48 - 000000000 ____D C:\Users\Didista\AppData\Local\Autodesk 2018-10-16 13:55 - 2018-10-16 14:10 - 000000000 ____D C:\Users\Didista\Documents\Autodesk Application Manager 2018-10-16 13:53 - 2018-10-16 20:47 - 000000000 ____D C:\Program Files (x86)\Autodesk 2018-10-16 13:50 - 2018-10-16 20:58 - 000000000 ____D C:\Users\Didista\Documents\3dsMax 2018-10-16 13:50 - 2018-10-16 20:44 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared 2018-10-16 13:50 - 2018-10-16 20:44 - 000000000 ____D C:\Program Files\Autodesk 2018-10-16 13:47 - 2018-10-16 13:47 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-10-16 13:47 - 2018-10-16 13:47 - 000000000 ____D C:\Program Files\MSBuild 2018-10-16 13:47 - 2018-10-16 13:47 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2018-10-16 13:47 - 2018-10-16 13:47 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-10-16 13:47 - 2018-03-05 15:07 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2018-10-16 13:47 - 2018-03-05 15:07 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2018-10-16 13:47 - 2018-03-05 15:07 - 000035456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2018-10-16 13:47 - 2018-02-14 15:21 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2018-10-16 13:47 - 2018-02-14 15:21 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2018-10-16 13:47 - 2018-02-14 15:21 - 000035456 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2018-10-16 13:47 - 2010-06-02 03:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2018-10-16 13:47 - 2010-05-26 10:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2018-10-16 13:47 - 2010-05-26 10:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2018-10-16 13:47 - 2010-05-26 10:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2018-10-16 13:47 - 2010-05-26 10:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2018-10-16 13:45 - 2018-10-16 20:48 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Autodesk 2018-10-16 13:45 - 2018-10-16 20:47 - 000000000 ____D C:\ProgramData\Autodesk 2018-10-16 13:44 - 2018-04-10 20:11 - 004164608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0002.dll 2018-10-16 13:44 - 2018-04-10 20:11 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0002.dll 2018-10-16 13:44 - 2018-04-10 20:10 - 004164608 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0002.dll 2018-10-16 13:44 - 2018-04-10 20:08 - 001866752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MLS2.dll 2018-10-16 13:44 - 2018-04-10 20:08 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll 2018-10-16 13:44 - 2018-04-10 20:02 - 001914880 _____ (Microsoft Corporation) C:\Windows\system32\MLS2.dll 2018-10-16 13:40 - 2018-10-16 20:36 - 000000000 ____D C:\Autodesk 2018-10-16 13:35 - 2018-10-16 13:35 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-10-16 13:35 - 2018-05-21 00:35 - 002495936 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2018-10-16 13:35 - 2018-05-21 00:35 - 002163648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2018-10-16 13:35 - 2018-05-21 00:35 - 001311680 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2018-10-16 13:34 - 2018-05-20 22:30 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2018-10-16 13:34 - 2018-05-15 03:59 - 000217960 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2018-10-16 13:34 - 2018-05-15 03:59 - 000178024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2018-10-16 13:33 - 2018-10-17 21:57 - 000000000 ____D C:\ProgramData\Package Cache 2018-10-16 13:33 - 2018-05-15 03:59 - 000067432 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2018-10-16 13:33 - 2018-04-28 07:25 - 000068112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2018-10-16 13:29 - 2018-10-16 13:29 - 000000000 ____D C:\Program Files (x86)\Realtek 2018-10-16 13:29 - 2018-10-16 13:29 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information 2018-10-16 13:28 - 2018-11-09 22:04 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-10-16 13:28 - 2018-10-16 13:28 - 000000000 ____D C:\Users\Didista\AppData\Roaming\WinRAR 2018-10-16 13:28 - 2018-09-06 03:18 - 005947704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2018-10-16 13:28 - 2018-09-06 03:18 - 002612616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 008330242 _____ C:\Windows\system32\nvcoproc.bin 2018-10-16 13:28 - 2018-09-06 03:17 - 001767280 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 000634248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 000450416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 000124112 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2018-10-16 13:27 - 2018-11-15 21:30 - 000000000 ____D C:\ProgramData\NVIDIA 2018-10-16 13:27 - 2018-11-09 22:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-10-16 13:27 - 2018-10-16 13:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-10-16 13:27 - 2018-10-16 13:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-10-16 13:27 - 2018-10-16 13:27 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2018-10-16 13:27 - 2018-09-05 20:12 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2018-10-16 13:27 - 2018-08-03 11:22 - 000552480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2018-10-16 13:22 - 2018-10-16 13:22 - 000003260 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice 2018-10-16 13:22 - 2018-10-16 13:22 - 000003216 _____ C:\Windows\System32\Tasks\RTKCPL 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\Windows\system32\DAX3 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\Windows\system32\DAX2 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\Program Files\Realtek 2018-10-16 13:21 - 2018-11-15 22:19 - 000002484 _____ C:\Users\Didista\Desktop\Zlatin - Chrome.lnk 2018-10-16 13:21 - 2018-10-16 13:21 - 000002440 _____ C:\Users\Didista\Desktop\Дияна - Chrome.lnk 2018-10-16 13:20 - 2018-10-16 13:20 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Google 2018-10-16 13:18 - 2018-11-15 22:18 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-10-16 13:18 - 2018-11-15 21:34 - 000838560 _____ C:\Windows\system32\PerfStringBackup.INI 2018-10-16 13:18 - 2018-10-16 13:26 - 000000000 ____D C:\Users\Didista\AppData\Local\Google 2018-10-16 13:18 - 2018-10-16 13:18 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-10-16 13:18 - 2018-10-16 13:18 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-10-16 13:18 - 2018-10-16 13:18 - 000000000 ____D C:\Program Files (x86)\Google 2018-10-16 13:16 - 2018-11-15 21:32 - 000003382 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2793308117-3191825222-1732375903-1001 2018-10-16 13:16 - 2018-10-16 13:16 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-10-16 13:16 - 2018-10-16 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-10-16 13:16 - 2018-10-16 13:16 - 000000000 ____D C:\Program Files\WinRAR 2018-10-16 13:15 - 2018-10-20 20:49 - 000000000 ____D C:\Users\Didista\AppData\Local\PlaceholderTileLogoFolder 2018-10-16 13:15 - 2018-10-16 13:15 - 000000000 ___HD C:\Users\Didista\MicrosoftEdgeBackups 2018-10-16 13:15 - 2018-10-16 13:15 - 000000000 ____D C:\Windows\system32\Intel 2018-10-16 13:07 - 2018-10-16 13:07 - 000000000 ____D C:\Users\Didista\AppData\Local\Comms 2018-10-16 12:52 - 2018-11-15 21:32 - 000000000 ___RD C:\Users\Didista\OneDrive 2018-10-16 12:52 - 2018-10-16 12:52 - 000000000 ____D C:\ProgramData\USOShared 2018-10-16 12:52 - 2018-10-16 12:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2018-10-16 12:51 - 2018-10-16 13:17 - 000000000 ____D C:\Users\Didista\AppData\Local\MicrosoftEdge 2018-10-16 12:51 - 2018-10-16 12:51 - 000001417 _____ C:\Users\Didista\Desktop\Microsoft Edge.lnk 2018-10-16 12:51 - 2018-10-16 12:51 - 000000000 ____D C:\Windows\CSC 2018-10-16 12:51 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2018-10-16 12:50 - 2018-11-15 21:32 - 000002373 _____ C:\Users\Didista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-16 12:50 - 2018-11-15 21:27 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-10-16 12:50 - 2018-11-15 21:27 - 000000000 ___RD C:\Users\Didista\3D Objects 2018-10-16 12:50 - 2018-10-28 20:06 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Adobe 2018-10-16 12:50 - 2018-10-20 23:23 - 000000000 ____D C:\Users\Didista 2018-10-16 12:50 - 2018-10-19 13:04 - 000000000 ____D C:\Users\Didista\AppData\Local\Packages 2018-10-16 12:50 - 2018-10-16 17:56 - 000000000 ____D C:\Users\Didista\AppData\Local\ConnectedDevicesPlatform 2018-10-16 12:50 - 2018-10-16 12:50 - 000000020 ___SH C:\Users\Didista\ntuser.ini 2018-10-16 12:50 - 2018-10-16 12:50 - 000000000 ____D C:\Users\Didista\AppData\Local\VirtualStore 2018-10-16 12:50 - 2018-10-16 12:50 - 000000000 ____D C:\Users\Didista\AppData\Local\Publishers 2018-10-16 12:47 - 2018-11-15 21:27 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-10-16 12:47 - 2018-10-25 09:28 - 000000000 ____D C:\Windows\system32\Drivers\wd 2018-10-16 12:46 - 2018-11-15 21:27 - 004968528 _____ C:\Windows\system32\FNTCACHE.DAT 2018-10-16 12:46 - 2018-11-11 21:14 - 000000000 ____D C:\Windows\system32\SleepStudy 2018-10-16 12:46 - 2018-10-16 12:46 - 000000000 ____D C:\Windows\ServiceProfiles ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-11-15 22:39 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-11-15 22:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\GroupPolicy 2018-11-15 21:34 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF 2018-11-15 21:33 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-11-15 21:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness 2018-11-15 21:27 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\ShellExperiences 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr 2018-11-13 22:27 - 2018-04-11 23:04 - 000262144 _____ C:\Windows\system32\config\BBI 2018-11-05 19:34 - 2018-04-12 01:40 - 000835168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-11-05 19:34 - 2018-04-12 01:40 - 000179808 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-10-29 18:13 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports 2018-10-25 11:13 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2018-10-20 22:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2018-10-20 21:06 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\PolicyDefinitions 2018-10-17 21:22 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\appcompat 2018-10-16 20:47 - 2018-04-12 01:38 - 000017742 _____ C:\Windows\system32\Drivers\etc\services 2018-10-16 19:57 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender 2018-10-16 19:46 - 2018-04-12 18:35 - 000000000 ____D C:\Windows\Containers 2018-10-16 19:46 - 2018-04-12 18:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\vi-VN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ur-PK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ug-CN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\tt-RU 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\tk-TM 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\te-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ta-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\sw-KE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\sq-AL 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\si-LK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\quz-PE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\prs-AF 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\pa-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\or-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\nn-NO 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ne-NP 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mt-MT 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mr-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mn-MN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ml-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mk-MK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\lo-LA 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\lb-LU 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ky-KG 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\kok-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\kn-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\km-KH 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ka-GE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\is-IS 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\id-ID 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\hy-AM 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\gu-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\gd-GB 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ga-IE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\fil-PH 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\fa-IR 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\cy-GB 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\bn-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\bn-BD 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\be-BY 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\as-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\am-ET 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\af-ZA 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\vi-VN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ur-PK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ug-CN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\tt-RU 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\tk-TM 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\te-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\sw-KE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\sq-AL 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\quz-PE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\prs-AF 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\pa-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\or-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\nn-NO 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ne-NP 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mt-MT 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mr-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mn-MN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ml-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mk-MK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mi-NZ 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\lo-LA 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\lb-LU 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ky-KG 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\kok-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\kn-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\km-KH 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\kk-KZ 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ka-GE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\is-IS 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\id-ID 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\hy-AM 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\gu-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\gd-GB 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ga-IE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\fil-PH 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\fa-IR 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\cy-GB 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\bn-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\bn-BD 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\be-BY 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\as-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\af-ZA 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\PrintDialog 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\setup 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\oobe 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Dism 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\ta-in 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\si-lk 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\setup 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\am-et 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Provisioning 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2018-10-16 19:46 - 2018-04-11 23:04 - 000000000 ____D C:\Windows\system32\Dism 2018-10-16 18:04 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-10-16 15:46 - 2018-04-12 01:38 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2018-10-16 13:44 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\OCR 2018-10-16 13:28 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Help 2018-10-16 12:52 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate 2018-10-16 12:51 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\spool 2018-10-16 12:51 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\FxsTmp 2018-10-16 12:47 - 2018-04-11 23:04 - 000032768 _____ C:\Windows\system32\config\ELAM ==================== Files in the root of some directories ======= 2018-11-15 22:18 - 2018-11-15 22:18 - 025260414 _____ (TigerTrade ) C:\ProgramData\lzxhod.exe 2018-11-15 22:18 - 2018-11-15 22:18 - 007809024 _____ () C:\Users\Didista\AppData\Local\agent.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000070896 _____ () C:\Users\Didista\AppData\Local\Config.xml 2018-11-15 22:18 - 2018-11-15 22:17 - 001995264 _____ (TODO: <Company name>) C:\Users\Didista\AppData\Local\Doubledax.exe 2018-11-15 22:18 - 2018-11-15 22:18 - 002024475 _____ () C:\Users\Didista\AppData\Local\Doubledax.tst 2018-11-15 22:17 - 2018-11-15 22:18 - 000017664 _____ () C:\Users\Didista\AppData\Local\InstallationConfiguration.xml 2018-11-15 22:17 - 2018-11-15 22:17 - 000140800 _____ () C:\Users\Didista\AppData\Local\installer.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000018432 _____ () C:\Users\Didista\AppData\Local\Main.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000005568 _____ () C:\Users\Didista\AppData\Local\md.xml 2018-11-15 22:18 - 2018-11-15 22:18 - 000126464 _____ () C:\Users\Didista\AppData\Local\noah.dat 2018-10-22 15:04 - 2018-10-22 15:04 - 000000000 _____ () C:\Users\Didista\AppData\Local\oobelibMkey.log 2018-10-16 21:02 - 2018-10-16 21:02 - 000007597 _____ () C:\Users\Didista\AppData\Local\Resmon.ResmonCfg 2018-11-15 22:17 - 2018-11-15 22:18 - 000722944 _____ () C:\Users\Didista\AppData\Local\sham.db 2018-11-15 22:18 - 2018-11-15 22:18 - 000032038 _____ () C:\Users\Didista\AppData\Local\uninstall_temp.ico Files to move or delete: ==================== C:\Program Files (x86)\uhlkclz42dn\MXVO6R4NL5PR3EY.exe Some files in TEMP: ==================== 2018-11-15 22:20 - 2018-11-15 22:20 - 000375522 _____ ( ) C:\Users\Didista\AppData\Local\Temp\10yja3o40a5.exe 2018-11-15 22:17 - 2018-11-15 22:18 - 002741576 _____ (BitTorrent Inc.) C:\Users\Didista\AppData\Local\Temp\Office_2010_Activator_Full_Version_100_Working_Free.exe 2018-11-15 22:18 - 2018-11-15 22:18 - 000460353 _____ (ZRFXRD ) C:\Users\Didista\AppData\Local\Temp\pixel.exe 2018-11-15 22:17 - 2018-11-15 22:17 - 001995264 _____ (TODO: <Company name>) C:\Users\Didista\AppData\Local\Temp\setup.exe 2018-11-15 22:19 - 2018-11-15 22:19 - 003737869 _____ () C:\Users\Didista\AppData\Local\Temp\ybiaq.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-10-16 12:46 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.11.2018 Ran by Didista (15-11-2018 22:45:45) Running from C:\Users\Didista\Downloads Windows 10 Pro N Version 1803 17134.407 (X64) (2018-10-16 10:48:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2793308117-3191825222-1732375903-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2793308117-3191825222-1732375903-503 - Limited - Disabled) Didista (S-1-5-21-2793308117-3191825222-1732375903-1001 - Administrator - Enabled) => C:\Users\Didista Guest (S-1-5-21-2793308117-3191825222-1732375903-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2793308117-3191825222-1732375903-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated) Adobe Reader 9.4.0 Lite (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS) Autodesk 3ds Max 2017 (HKLM\...\{52B37EC7-D836-0410-0664-3C24BCED2010}) (Version: 19.1.129.0 - Autodesk) Hidden Autodesk 3ds Max 2017 (HKLM\...\Autodesk 3ds Max 2017) (Version: 19.1.129.0 - Autodesk) Autodesk 3ds Max 2017 Populate Data (HKLM\...\{2B07E17E-A072-43BD-9DCC-369B56C16698}) (Version: 19.0.0.0 - Autodesk) Autodesk 3ds Max 2017 SP1 (HKLM\...\Autodesk 3ds Max 2017 SP1) (Version: 19.1.129.0 - Autodesk) Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk) Autodesk Backburner 2017.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D780}) (Version: 17.0.0.0 - Autodesk) Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.0.45.5 - Autodesk) Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk) Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk) BitTorrent (HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\BitTorrent) (Version: 7.8.1.29813 - BitTorrent Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0637 - Disc Soft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Lightscreen (HKLM-x32\...\Lightscreen) (Version: - ) Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation) Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARDR) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg) Multitimer version 1.0 (HKLM-x32\...\Multitimer_is1) (Version: 1.0 - ) NVIDIA 3D Vision Driver 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.24 - NVIDIA Corporation) NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation) NVIDIA Graphics Driver 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.24 - NVIDIA Corporation) NVIDIA mental ray and IRay feature plugins for 3ds Max 2017 (HKLM\...\{6ABEC32F-B90F-4499-B3A3-FF8A00948178}) (Version: 19.0.0.0 - Autodesk) NVIDIA mental ray and IRay rendering plugins for 3ds Max 2017 (HKLM\...\{4B889650-52DC-49E0-AB9C-F501B91002E3}) (Version: 19.0.0.0 - Autodesk) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) publicHotsp version 1.0 (HKLM-x32\...\publicHotsp_is1) (Version: 1.0 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8443 - Realtek Semiconductor Corp.) Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0027 - REALTEK Semiconductor Corp.) SafeFinder (HKLM-x32\...\{6BD702B4-7463-400B-A7BC-6FBF8CB5FA0A}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION TigerTrade Setup 4.3.1 (HKLM-x32\...\TigerTrade Setup 4.3.1) (Version: 4.3.1 - TigerTrade) V-Ray for 3dsmax 2017 for x64 (HKLM\...\V-Ray for 3dsmax 2017 for x64) (Version: 3.60.03 - Chaos Software Ltd) Windows Driver Package - ASUS (AsusSGDrv) Mouse (06/18/2015 8.0.0.16) (HKLM\...\545B999BD5E2E239335F95C2AF9BED5D511CEC95) (Version: 06/18/2015 8.0.0.16 - ASUS) Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.) WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) YoutubeAdBlock (HKLM-x32\...\1655C0CA-7AE7-4012-8502-970C8675E5F8) (Version: 2.0.0.688 - Company Inc.) <==== ATTENTION ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc Soft Ltd) ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2009-02-11] (Malwarebytes Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation) ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2009-02-11] (Malwarebytes Corporation) ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {022D78E0-ACA5-471C-8750-036F3A42753E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-10] (Realtek Semiconductor) Task: {05C34D65-68EF-4BCD-956A-13FA91FEAF32} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation) Task: {0A046499-167D-4F23-8F7D-ED1557CBC609} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-25] (Microsoft Corporation) Task: {0FBE6B1D-5FAB-446A-8256-C18FE7503D2F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {14D99739-2EF1-48A3-A198-73390886E5E6} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation) Task: {23C125B4-BBB3-4953-9F39-FF74994D04BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-25] (Microsoft Corporation) Task: {282ADA53-EB2B-40CF-8D1D-F16F82201825} - System32\Tasks\qdxgajDnKqmDPrtzQ2 => rundll32 "C:\Program Files (x86)\BHXQvOBMsgKdEntstUR\NRTwhNj.dll",#1 Task: {29333DA4-2BA9-467E-84EE-5D79593A7628} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-25] (Microsoft Corporation) Task: {3519E043-A696-44A1-B8A0-7CCAC0079B7D} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation) Task: {3FD079B2-02AA-45A0-9DA0-2AAF512DE504} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd) Task: {41AC1F7B-7DD9-4457-8D5E-FD47536F7B5F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-21] (NVIDIA Corporation) Task: {4D3D49AB-C227-40C3-9D2F-A5D1CFE0B012} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-16] (Google Inc.) Task: {5B3A8611-55E9-4F67-AB5C-74CB80C2BB62} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd) Task: {5E2AB3A6-F256-4C88-91DD-FB9732411C1E} - System32\Tasks\EGDwIDfrVjLvW2 => C:\Windows\system32\wscript.exe "C:\ProgramData\zTXZmVxyKBKDhdVB\RSpcqfM.wsf" Task: {5ED84C8E-8E7E-41A5-BB13-66905DF9CA8F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-25] (Microsoft Corporation) Task: {7B75339B-1C00-4FBD-88E1-C0853FFC298A} - System32\Tasks\OqUgsIhoyVOixP => rundll32 "C:\Program Files (x86)\pbjpUXEkQjxU2\AaKgGYwAgBBEZ.dll",#1 Task: {8081BD9F-5D6F-4473-99AD-96617B894B58} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DSKVSP2-Didista => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated) Task: {845E1F90-16DD-4093-B0D6-A639629D1FAE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-21] (NVIDIA Corporation) Task: {8D69B77B-213B-49D2-B1F5-9878FBF7877A} - System32\Tasks\yKlRUxrwnsuFpeUeBWz2 => rundll32 "C:\Program Files (x86)\UmTwpSvRUOfSC\XvUbOZe.dll",#1 Task: {922768A4-0CF1-4287-9AC4-06C013781642} - System32\Tasks\niYEcWwYibJfLQX2 => rundll32 "C:\Program Files (x86)\eEvEEOxmU\agYABE.dll",#1 Task: {934E7795-D33C-409F-86A3-07A8115DDA2D} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation) Task: {9D4AE2A5-8373-4E8A-BD41-5BB09F844B7D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-21] (NVIDIA Corporation) Task: {A4DECBF0-0B25-4E65-8F0D-321DD4927AA8} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-06-30] (AsusTek) Task: {B06872CE-7513-4DFD-8816-696C6DC8D18C} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-10] (Realtek Semiconductor) Task: {BA82538D-0C34-41DA-BD7F-35A585A50031} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-21] (NVIDIA Corporation) Task: {BED3F8C3-DCF5-4335-8B0C-311AE63020CA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-21] (NVIDIA Corporation) Task: {CE4A136C-0D00-4CC1-B274-50E38CE429D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-16] (Google Inc.) Task: {EF3F23F6-763C-474E-991E-5F2CD1DE999C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-21] (NVIDIA Corporation) Task: {FC83D3C7-9F48-42BC-B8A6-799FF01D8511} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-21] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Didista\Desktop\Zlatin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Didista\Desktop\Дияна - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default" ShortcutWithArgument: C:\Users\Didista\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ==================== Loaded Modules (Whitelisted) ============== 2018-10-16 13:35 - 2018-05-21 00:35 - 001314752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-05-02 23:44 - 2018-05-02 23:44 - 000174248 _____ () C:\Windows\system32\IntelWifiIhv06.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll 2018-04-12 01:33 - 2018-04-12 01:33 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-11-13 21:44 - 2018-11-01 08:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-11-15 21:31 - 2018-11-15 21:32 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-11-15 21:31 - 2018-11-15 21:31 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-11-15 22:18 - 2018-11-15 22:18 - 000745472 _____ () C:\Users\Didista\AppData\Local\Temp\is-TU326.tmp\swr2ab1i3na.tmp 2018-11-15 22:19 - 2018-11-15 22:19 - 000745472 _____ () C:\Users\Didista\AppData\Local\Temp\is-A480T.tmp\jnt3mero1bx.tmp 2018-11-15 22:18 - 2018-11-15 22:18 - 000342528 _____ () C:\ProgramData\Kolnixo\Holdzuntip.dll 2018-11-15 21:31 - 2018-11-09 00:14 - 002669400 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\swiftshader\libglesv2.dll 2018-11-15 21:31 - 2018-11-09 00:14 - 000151384 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\swiftshader\libegl.dll 2018-10-16 20:47 - 2016-01-19 07:15 - 000055304 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll 2018-10-16 20:47 - 2016-01-19 07:15 - 000103944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll 2018-10-16 13:35 - 2018-05-21 00:35 - 001032640 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-10-16 20:47 - 2013-09-23 19:52 - 000043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll 2018-10-16 20:47 - 2013-09-23 19:52 - 000052616 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll 2018-10-16 20:47 - 2013-09-23 19:52 - 000195976 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll 2018-10-16 20:47 - 2013-09-23 19:51 - 000742792 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll 2018-10-16 20:47 - 2016-01-19 06:12 - 000277440 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\en-US\AdWingManRes.dll 2018-10-16 20:47 - 2015-09-08 08:31 - 040640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll 2018-10-16 20:47 - 2014-09-03 02:29 - 000950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll 2018-11-15 22:18 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\Didista\AppData\Local\Temp\is-UH1QD.tmp\itdownload.dll 2018-11-15 22:19 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\Didista\AppData\Local\Temp\is-N5IK8.tmp\itdownload.dll 2018-11-15 22:27 - 2009-02-11 10:19 - 000077968 _____ () C:\Program Files (x86)\Malwarebytes' Anti-Malware\zlib.DLL ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\Drivers\erenopno.sys:changelist [1318] AlternateDataStreams: C:\Windows\system32\Drivers\nyutbnzk.sys:changelist [1538] AlternateDataStreams: C:\Windows\system32\Drivers\rxhodcdr.sys:changelist [1482] AlternateDataStreams: C:\Windows\system32\Drivers\wgbxphjl.sys:changelist [2566] AlternateDataStreams: C:\Windows\system32\Drivers\xrsjazsk.sys:changelist [986] AlternateDataStreams: C:\Windows\system32\Drivers\xwhjuavh.sys:changelist [986] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-04-12 01:38 - 2018-11-15 22:18 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{3F40B8D4-763C-4561-8755-C854590746D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{61F35CD4-3069-4699-A5E2-BAABFC403FA1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{30A98317-CB3B-4306-A6D8-DECCEFE6FCDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{682D7720-0D49-4C21-B75C-BAF04383BC8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{717541FD-03D6-4F1F-97D9-71C196B5F192}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F92CD008-85AC-4F3A-AB36-9F4CBFA3DCFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4CEA6664-1E44-4A2D-9C79-B26B9A73E669}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe FirewallRules: [{42B002DA-47D4-4AE8-B2FC-FA21E0DE9011}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe FirewallRules: [{9AE2A895-A4D9-4D86-A710-0A2EBF42E05A}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe FirewallRules: [{62CD37B0-CC4A-43A6-832D-0C8C1B9647A8}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe FirewallRules: [{5D449BFA-5C54-47DE-889B-4C59CD90582D}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe FirewallRules: [{79B1A32E-78B4-4CBA-A01A-80AA15EA59AF}] => (Allow) C:\Users\Didista\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{097820C3-6056-456D-82FD-2D2991BB887A}] => (Allow) C:\Users\Didista\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{987E6063-3710-4172-AFDF-0DB03FB13C70}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{8D6BA1D2-B642-4ADC-84A3-F32652303713}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{4937C1A7-36A3-4BA9-B9CF-DF988E242023}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= Name: High Definition Audio Device Description: High Definition Audio Device Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HdAudAddService Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/15/2018 10:29:13 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code. Error: (11/15/2018 10:29:12 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (11/15/2018 10:19:24 PM) (Source: MsiInstaller) (EventID: 11321) (User: DESKTOP-DSKVSP2) Description: Product: WhiteClick -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Users\Didista\AppData\Local\WhiteClick\WhiteClick.dll. System Error 225. Error: (11/15/2018 10:18:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Engn7e-Reu.exe, version: 0.0.0.0, time stamp: 0x5bed8c43 Faulting module name: KERNELBASE.dll, version: 6.2.17134.407, time stamp: 0x99042cc0 Exception code: 0xe0434f4d Fault offset: 0x000000000003a388 Faulting process ID: 0x%9 Faulting application start time: 0xEngn7e-Reu.exe0 Faulting application path: Engn7e-Reu.exe1 Faulting module path: Engn7e-Reu.exe2 Report ID: Engn7e-Reu.exe3 Faulting package full name: Engn7e-Reu.exe4 Faulting package-relative application ID: Engn7e-Reu.exe5 Error: (11/15/2018 09:27:45 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY) Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-DSKVSP2$ via https://INTC-KeyId-17a00575d05e58e3881210bb98b1045bb4c30639.microsoftaik.azure.net/templates/Aik/scep failed: GetCACaps GetCACaps: Not Found {"Message":"The authority \"intc-keyid-17a00575d05e58e3881210bb98b1045bb4c30639.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Cache-Control: no-cache Date: Thu, 15 Nov 2018 19:27:49 GMT Pragma: no-cache Content-Length: 122 Content-Type: application/json; charset=utf-8 Expires: -1 x-ms-request-id: bbe776f3-cbe5-45bb-bbe2-3022d9b09deb Strict-Transport-Security: max-age=31536000;includeSubDomains X-Content-Type-Options: nosniff Method: GET(1031ms) Stage: GetCACaps Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (11/11/2018 09:14:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Microsoft.Photos.exe version 2018.18081.14710.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1ce0 Start Time: 01d479e2d6a33f73 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Report Id: 66159361-19f4-4583-9285-0991719628cf Faulting package full name: Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: App Error: (10/20/2018 09:07:37 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY) Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-DSKVSP2$ via https://INTC-KeyId-17a00575d05e58e3881210bb98b1045bb4c30639.microsoftaik.azure.net/templates/Aik/scep failed: GetCACaps GetCACaps: Not Found {"Message":"The authority \"intc-keyid-17a00575d05e58e3881210bb98b1045bb4c30639.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Cache-Control: no-cache Date: Sat, 20 Oct 2018 19:07:39 GMT Pragma: no-cache Content-Length: 122 Content-Type: application/json; charset=utf-8 Expires: -1 x-ms-request-id: 4f9f49f8-9436-48c0-916f-82028887fb32 Strict-Transport-Security: max-age=31536000;includeSubDomains X-Content-Type-Options: nosniff Method: GET(1016ms) Stage: GetCACaps Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (10/19/2018 06:31:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: 3dsmax.exe, version: 19.1.129.0, time stamp: 0x5748e7d7 Faulting module name: ucrtbase.dll, version: 10.0.17134.319, time stamp: 0x40b70dec Exception code: 0xc0000409 Fault offset: 0x000000000006e57e Faulting process ID: 0x1f04 Faulting application start time: 0x01d467ae28df1185 Faulting application path: C:\Program Files\Autodesk\3ds Max 2017\3dsmax.exe Faulting module path: C:\Windows\System32\ucrtbase.dll Report ID: 4e028d16-86c8-4b74-afdf-13ce5dbc45e8 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (11/15/2018 10:29:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:28:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:27:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:26:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:26:13 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:24:51 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:21:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:20:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Background Logic Handler service terminated unexpectedly. It has done this 1 time(s). Windows Defender: =================================== Date: 2018-11-15 22:41:50.604 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Azden.A!cl&threatid=2147718745&enterprise=0 Name: Trojan:Win32/Azden.A!cl ID: 2147718745 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\is-CKJOO.tmp\SeacherMapp.exe; file:_C:\Users\Didista\AppData\Roaming\4bdykg2qirq\jnt3mero1bx.exe; file:_C:\Users\Didista\AppData\Roaming\xfyg1f23d4k\swr2ab1i3na.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-15 22:41:31.014 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Azden.A!cl&threatid=2147718745&enterprise=0 Name: Trojan:Win32/Azden.A!cl ID: 2147718745 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\is-CKJOO.tmp\SeacherMapp.exe; file:_C:\Users\Didista\AppData\Roaming\4bdykg2qirq\jnt3mero1bx.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-15 22:41:30.331 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.C!cl&threatid=2147723654&enterprise=0 Name: Trojan:Win32/Fuerboos.C!cl ID: 2147723654 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\IfZQtMFkz\IfZQtMFkz.exe; file:_C:\Users\Didista\AppData\Local\Temp\is-NVF6R.tmp\ins.exe; file:_C:\Users\Didista\AppData\Local\Temp\lnt0HDKR9\lnt0HDKR9.exe; file:_C:\Users\Didista\AppData\Local\Temp\setupGI.exe; file:_C:\Users\Didista\AppData\Local\Temp\ZHY3HFYUF3\SecondL.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-15 22:41:30.303 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!ac&threatid=2147684005&enterprise=0 Name: Trojan:Win32/Dynamer!ac ID: 2147684005 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\ZHY3HFYUF3\OneTwo.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-15 22:41:30.152 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.C!cl&threatid=2147723654&enterprise=0 Name: Trojan:Win32/Fuerboos.C!cl ID: 2147723654 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\IfZQtMFkz\IfZQtMFkz.exe; file:_C:\Users\Didista\AppData\Local\Temp\is-NVF6R.tmp\ins.exe; file:_C:\Users\Didista\AppData\Local\Temp\lnt0HDKR9\lnt0HDKR9.exe; file:_C:\Users\Didista\AppData\Local\Temp\setupGI.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz Percentage of memory in use: 62% Total physical RAM: 8046.7 MB Available physical RAM: 3022.72 MB Total Virtual: 15982.7 MB Available Virtual: 9181.43 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.64 GB) (Free:54.17 GB) NTFS Drive d: (300GB) (Fixed) (Total:289.31 GB) (Free:255.32 GB) NTFS Drive e: (630GB) (Fixed) (Total:641.6 GB) (Free:638.78 GB) NTFS \\?\Volume{d39ec11a-e6d6-4c10-9403-6f3d96f25732}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS \\?\Volume{ce416a5b-003f-48f5-93e1-3baaa16354c1}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS \\?\Volume{b9836aae-f3e4-4d6f-a7e8-ba60d5f47130}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{03531399-baad-4d81-9748-ed722137ba4d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================
  15. Здравейте, повече от година изполвам емuлатора за Android под Windows MEmu Play. Седмица след автоматичното му обновяване до версия 6.2.3 антивируса ми - Avira започна почти постоянно да ми изкарва прозорец за засечен Malwarе. Почти година не съм инсталирал нищо ново и за това мисля че гадините са се промъкнали с ъпдейта. Моля за помощ. Предварително Ви благодаря.
  16. Здравейте! След като вчера и онзи ден инсталирах две различни версии на програмата CIMCO, компютъра ми май се зарази с разни "боклуци". Предполагам, че се случи, вследствие на използван крак, за програмата. На своя глава използвах Malwarebytes и изтрих това, което засече, но ако кажете, ще сканирам отново и ще пусна лог. Надявам се да получа помощ от вас, за което ще бъда много благодарен! По-долу копирам съдържанието на FRST.txt и прикачвам файла Addition.txt. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15.09.2018 Ran by user (administrator) on USER-PC (19-09-2018 21:03:57) Running from C:\Users\user\Desktop Loaded Profiles: user (Available Profiles: user & UpdatusUser & DefaultAppPool) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Български (България) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Dassault Systèmes SolidWorks Corp.) E:\Install\SolidWorks 2013\SolidWorks\sldworks_fs.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Autodata Limited) C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe (Mentor Graphics Corporation) E:\Install\SolidWorks 2013\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe (Mentor Graphics Corporation) E:\Install\SolidWorks 2013\SolidWorks Flow Simulation\binCFW\dispatcher.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2890759512-461326267-1525351829-1000\...\Policies\Explorer: [] HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk [2014-05-16] ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B85DDD77-4A6A-4811-B241-EDADBF996BD0}\NewShortcut2_F1630D75496847DD999177A077E0CA0F.exe (Flexera Software, Inc.) GroupPolicy: Restriction - Windows Defender <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog9 01 C:\Windows\system32\sslsp105.dll [73984 2015-07-13] (SumRando) Winsock: Catalog9 02 C:\Windows\system32\sslsp105.dll [73984 2015-07-13] (SumRando) Winsock: Catalog9 09 C:\Windows\system32\sslsp105.dll [73984 2015-07-13] (SumRando) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.11.2.1 Tcpip\..\Interfaces\{6D7A384E-CF67-4AC2-983B-FEE7D2A85FA9}: [DhcpNameServer] 10.11.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2890759512-461326267-1525351829-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2890759512-461326267-1525351829-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-23] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-23] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 35llrj8x.default-1417880167796 FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796 [2018-09-19] FF Homepage: Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796 -> hxxps://www.google.bg/ FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796\Extensions\[email protected] [2016-04-27] [Legacy] FF Extension: (Firefox Monitor) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796\features\{05b8e13e-849c-420a-9d82-d3552b5fd4c5}\[email protected] [2018-09-18] FF Extension: (Telemetry coverage) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796\features\{05b8e13e-849c-420a-9d82-d3552b5fd4c5}\[email protected] [2018-09-18] [Legacy] FF HKU\S-1-5-21-2890759512-461326267-1525351829-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\user\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Script) - C:\Users\user\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2017-10-10] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-16] () FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-23] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File] FF Plugin: @t.garena.com/garenatalk -> E:\Games\Стратегии\Warcraft III 1.26\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2890759512-461326267-1525351829-1000: @acestream.net/acestreamplugin,version=3.1.20.1 -> C:\Users\user\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.bg/" CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2018-09-17] CHR Extension: (Презентации) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17] CHR Extension: (Документи) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17] CHR Extension: (Google Диск) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31] CHR Extension: (Google Търсене) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31] CHR Extension: (Adobe Acrobat) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04] CHR Extension: (Avira Browser Safety) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-27] CHR Extension: (Google Документи офлайн) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-30] CHR Extension: (Ace Script) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2017-10-25] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-31] CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-14] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2890759512-461326267-1525351829-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [895056 2018-09-04] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1148568 2018-09-04] (Avira Operations GmbH & Co. KG) R2 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2017-09-13] (Autodata Limited) [File not signed] R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed] R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG) S3 CoordinatorServiceHost; E:\Install\SolidWorks 2013\SolidWorks\swScheduler\DTSCoordinatorService.exe [76904 2012-09-28] (Dassault Systèmes SolidWorks Corp.) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2015-10-30] (Flexera Software LLC) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation) R2 RemoteSolverDispatcher; E:\Install\SolidWorks 2013\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [46728 2012-09-13] (Mentor Graphics Corporation) [File not signed] S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-05-16] (SolidWorks) [File not signed] S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) S4 WinGateEngine; E:\Install\VPN\WinGate.exe [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] () S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38984 2014-09-05] (The OpenVPN Project) S3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-14] (Atheros Communications, Inc.) S0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [46440 2017-06-17] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [132448 2018-07-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [147880 2018-07-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35840 2017-03-02] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [59000 2017-03-02] (Avira Operations GmbH & Co. KG) R2 cpuz132; C:\Windows\system32\drivers\cpuz132_x32.sys [12672 2009-03-27] (Windows (R) Codename Longhorn DDK provider) [File not signed] R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] () S1 QbikHkVista; C:\Windows\System32\DRIVERS\QbikHkVista32.sys [303264 2015-10-13] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2012-04-06] () S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) U3 a0i415en; C:\Windows\system32\Drivers\a0i415en.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder) S3 GGSAFERDriver; \??\E:\Games\Стратегии\Warcraft III 1.26\Garena Plus\Room\safedrv.sys [X] S3 gkernel; \??\C:\Users\user\AppData\Local\Temp\gkernel.sys [X] <==== ATTENTION S3 taphss6; system32\DRIVERS\taphss6.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-19 21:03 - 2018-09-19 21:04 - 000015877 _____ C:\Users\user\Desktop\FRST.txt 2018-09-19 19:54 - 2018-09-19 19:54 - 001774080 _____ (Farbar) C:\Users\user\Desktop\FRST.exe 2018-09-19 18:59 - 2018-09-19 18:59 - 000000000 ____D C:\Users\user\AppData\Local\mbam 2018-09-19 18:55 - 2018-09-19 18:55 - 000000000 ____D C:\Program Files\Malwarebytes 2018-09-18 23:01 - 2018-09-19 18:35 - 000000000 ____D C:\Windows\{F3C70089-653A-40EE-A681-9499F3097E6A} 2018-09-18 22:32 - 2018-09-18 22:32 - 000000290 __RSH C:\Users\user\ntuser.pol 2018-09-18 21:28 - 2018-09-18 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CIMCO V8 2018-09-18 21:12 - 2018-09-18 21:19 - 000000000 ____D C:\Users\user\AppData\Local\WhiteClick 2018-09-18 21:11 - 2018-09-19 18:35 - 000000000 ____D C:\Users\user\AppData\Roaming\dnlgxlauhck 2018-09-18 21:11 - 2018-09-18 21:11 - 000003676 __RSH C:\ProgramData\ntuser.pol 2018-09-18 21:11 - 2018-09-18 21:11 - 000000003 _____ C:\Users\user\AppData\Local\wbem.ini 2018-09-16 19:12 - 2018-09-16 19:13 - 000000000 ____D C:\Users\user\Desktop\Sicario_Day_Of_The_Soldado.(subs.sab.bz) 2018-09-16 19:12 - 2018-09-16 19:13 - 000000000 ____D C:\Users\user\Desktop\SC 2018-09-16 18:39 - 2018-09-16 18:39 - 000023220 _____ C:\Users\user\Desktop\Sicario_Day_Of_The_Soldado.(subs.sab.bz).zip 2018-09-16 12:50 - 2018-09-17 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CIMCO 7 2018-09-16 12:37 - 2018-09-16 12:44 - 000000000 ____D C:\ProgramData\btscService 2018-09-16 12:24 - 2018-09-16 12:24 - 000030375 _____ C:\Users\user\AppData\Local\3C6F3B2ED1664B0EC90A 2018-09-16 12:24 - 2018-09-16 12:24 - 000017012 _____ C:\Users\user\AppData\Roaming\C53563B5E2C653F11250 2018-09-16 12:20 - 2018-09-16 12:40 - 000000000 ____D C:\ProgramData\CIMCO AS 2018-09-10 21:23 - 2018-09-10 21:23 - 000000000 ____D C:\Users\user\Desktop\Seal.Team.S01E02.(subs.sab.bz) 2018-09-10 21:22 - 2018-09-10 21:23 - 000000000 ____D C:\Users\user\Desktop\ST 2018-09-10 21:20 - 2018-09-10 21:20 - 000107506 _____ C:\Users\user\Desktop\Seal.Team.S01E02.(subs.sab.bz).zip 2018-08-20 22:09 - 2018-08-20 23:37 - 000000000 ___HD C:\_acestream_cache_ 2018-08-20 22:08 - 2018-09-17 19:55 - 000000000 ____D C:\Users\user\AppData\Roaming\.ACEStream 2018-08-20 22:06 - 2018-08-20 22:07 - 000000000 ____D C:\Users\user\AppData\Roaming\ACEStream ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-19 21:03 - 2015-10-10 14:23 - 000000000 ____D C:\FRST 2018-09-19 21:02 - 2012-02-27 16:40 - 000000000 ____D C:\ProgramData\NVIDIA 2018-09-19 21:02 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-09-19 20:59 - 2009-07-14 07:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-09-19 20:59 - 2009-07-14 07:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-09-19 20:50 - 2012-02-27 20:22 - 000000000 ____D C:\Users\user\Desktop\Games 2018-09-19 20:09 - 2016-11-15 23:11 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla 2018-09-19 18:55 - 2012-08-05 12:18 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-09-18 21:22 - 2018-05-25 14:43 - 000000000 ____D C:\Users\user\AppData\LocalLow\uTorrent 2018-09-18 21:22 - 2014-09-16 12:33 - 000000000 ____D C:\Users\user\AppData\Roaming\uTorrent 2018-09-18 21:11 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\GroupPolicy 2018-09-18 18:26 - 2015-10-31 13:13 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-09-18 18:26 - 2015-10-31 13:13 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-09-16 19:13 - 2017-09-09 13:04 - 000000000 ____D C:\Users\user\AppData\Local\SmartView2 2018-09-16 12:50 - 2014-02-21 13:34 - 000000000 ____D C:\ProgramData\Package Cache 2018-09-16 11:51 - 2014-12-21 01:21 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2018-09-16 11:51 - 2014-12-21 01:21 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2018-09-16 11:51 - 2014-08-20 15:57 - 000000000 ____D C:\Users\user\AppData\Local\Adobe 2018-09-16 11:51 - 2012-02-27 16:33 - 000000000 ____D C:\Windows\system32\Macromed 2018-09-06 18:05 - 2017-04-20 19:14 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-09-06 18:05 - 2014-12-06 18:32 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2018-09-04 20:32 - 2016-07-26 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2018-08-31 22:34 - 2014-08-15 23:06 - 000000000 ____D C:\Users\user\AppData\Roaming\Skype 2018-08-28 18:04 - 2014-05-31 14:34 - 000000000 ____D C:\Users\user\Documents\Outlook Files ==================== Files in the root of some directories ======= 2018-09-16 12:24 - 2018-09-16 12:24 - 000017012 _____ () C:\Users\user\AppData\Roaming\C53563B5E2C653F11250 2012-08-05 14:53 - 2015-12-29 20:28 - 000045270 _____ () C:\Users\user\AppData\Roaming\room_v3.dat 2018-09-16 12:24 - 2018-09-16 12:24 - 000030375 _____ () C:\Users\user\AppData\Local\3C6F3B2ED1664B0EC90A 2013-06-22 12:26 - 2013-06-22 12:43 - 000001456 _____ () C:\Users\user\AppData\Local\Adobe Save for Web 12.0 Prefs 1601-01-03 21:33 - 1601-01-03 21:33 - 000073216 ____N (Microsoft Corporation) C:\Users\user\AppData\Local\kxaPASjRAC.exe 2016-08-07 13:37 - 2016-08-07 13:40 - 000000156 _____ () C:\Users\user\AppData\Local\prepatch.log 2014-10-12 12:30 - 2018-07-30 09:49 - 000007592 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg 2018-09-18 21:11 - 2018-09-18 21:11 - 000000003 _____ () C:\Users\user\AppData\Local\wbem.ini 2016-05-27 18:39 - 2016-05-27 18:39 - 000000000 _____ () C:\Users\user\AppData\Local\{1646A5E3-C87D-4217-9458-D830E5C491DF} 2012-02-27 18:27 - 2012-02-27 18:27 - 000000000 _____ () C:\Users\user\AppData\Local\{1722D3AE-A621-4943-B344-E181F8BD6C9D} ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-09-15 19:46 ==================== End of FRST.txt ============================ Addition.txt
  17. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02 Ran by Lenovo (administrator) on LENOVO (25-10-2015 19:09:56) Running from D:\ Loaded Profiles: Lenovo (Available Profiles: Lenovo) Platform: Windows 10 Pro (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (LogMeIn Inc.) D:\hamachi\hamachi-2.exe (LogMeIn, Inc.) D:\hamachi\LMIGuardianSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Spotify Ltd) C:\Users\Lenovo\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Spotify Ltd) C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.exe (Българска асоциация за компютърна лингвистика) D:\SpeechLab\TTSProfileDlg.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (LogMeIn Inc.) D:\hamachi\hamachi-2-ui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Take-Two Interactive Software, Inc.) D:\GTAIV\Rockstar Games Social Club\1_0_0_0\RGSC.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (LogMeIn, Inc.) D:\hamachi\LMIGuardianSvc.exe (Spotify Ltd) C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe () D:\hasanandreas\GTA San Andreas\samp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems, Incorporated) D:\New folder (6)\Adobe\Adobe Photoshop CC 2014\Photoshop.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\hamachi\hamachi-2-ui.exe [5579624 2015-08-06] (LogMeIn Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKU\S-1-5-21-1575859030-328305844-2887797700-1000\...\Run: [Spotify Web Helper] => C:\Users\Lenovo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-19] (Spotify Ltd) HKU\S-1-5-21-1575859030-328305844-2887797700-1000\...\Run: [LightShot] => C:\Users\Lenovo\AppData\Local\Skillbrains\lightshot\Lightshot.exe HKU\S-1-5-21-1575859030-328305844-2887797700-1000\...\Run: [Steam] => D:\parasteam\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation) HKU\S-1-5-21-1575859030-328305844-2887797700-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google) HKU\S-1-5-21-1575859030-328305844-2887797700-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.) HKU\S-1-5-21-1575859030-328305844-2887797700-1000\...\Run: [RGSC] => D:\GTAIV\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.) HKU\S-1-5-21-1575859030-328305844-2887797700-1000\...\Run: [Spotify] => C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.exe [7736128 2015-10-19] (Spotify Ltd) HKU\S-1-5-21-1575859030-328305844-2887797700-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google) Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Configure Bulgarian Speech.lnk [2015-10-18] ShortcutTarget: Configure Bulgarian Speech.lnk -> C:\Users\Lenovo\AppData\Roaming\Microsoft\Installer\{319A3CA9-DA63-4D65-8B25-403CF9CBF087}\_5af141bb.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{3a0bad21-34a7-4cc6-9924-f37dcfa20c49}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{a207bb1a-e1bf-4202-90ff-71bbb40b4af4}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560&q={searchTerms} HKU\S-1-5-21-1575859030-328305844-2887797700-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560 HKU\S-1-5-21-1575859030-328305844-2887797700-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560&q={searchTerms} SearchScopes: HKU\S-1-5-21-1575859030-328305844-2887797700-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-11] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-11] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-25] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-25] (Oracle Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560 Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-1575859030-328305844-2887797700-1000 -> hxxp://www.istartsurf.com/?type=hp&ts=1439623534&z=01d64f8d2898788937cea72g1z1cbteq6o1c7z4c9e&from=obw&uid=WDCXWD10EZEX-08M2NA0_WD-WCC3F451756017560 FireFox: ======== FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\1qujvrrr.default FF NewTab: chrome://quick_start/content/index.html FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems) FF Extension: Default SearchProtected - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\1qujvrrr.default\Extensions\[email protected] [2015-08-15] [not signed] FF Extension: deskCut - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\1qujvrrr.default\Extensions\[email protected] [2015-08-15] [not signed] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\1qujvrrr.default\extensions\[email protected] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\1qujvrrr.default\extensions\[email protected] Chrome: ======= CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Презентации) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-21] CHR Extension: (Google Документи) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-21] CHR Extension: (Google Диск) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21] CHR Extension: (Google Търсене) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-24] CHR Extension: (Tampermonkey) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-10-21] CHR Extension: (Електронни таблици от Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-21] CHR Extension: (Google Документи офлайн) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-21] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-21] CHR Extension: (AgarioMods Evergreen Script) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2015-10-21] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-21] CHR Extension: (Facebook GIF Button) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdfmeimafcmmefpiebpeodknddagimg [2015-10-21] CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21] CHR HKU\S-1-5-21-1575859030-328305844-2887797700-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Lenovo\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-14] CHR HKU\S-1-5-21-1575859030-328305844-2887797700-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-04] (NVIDIA Corporation) R2 Hamachi2Svc; D:\hamachi\hamachi-2.exe [2545512 2015-08-06] (LogMeIn Inc.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-04] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-04] (NVIDIA Corporation) S3 Origin Client Service; D:\EAGAMES\Origin\OriginClientService.exe [2078216 2015-10-10] (Electronic Arts) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5611280 2015-08-07] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [231520 2015-07-13] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-13] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-13] (ESET) S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [65808 2015-09-24] (Multi Theft Auto) R3 h643331; C:\Windows\System32\drivers\h643331.sys [63552 2008-05-19] ( ) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-06] (LogMeIn Inc.) S3 hid3331; C:\Windows\SysWOW64\drivers\hid3331.sys [41336 2008-05-19] ( ) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-04] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3453144 2015-07-10] (Realtek Semiconductor Corporation ) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2015-08-10] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-07-09] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-25 19:09 - 2015-10-25 19:09 - 00000000 ____D C:\FRST 2015-10-25 17:56 - 2015-10-25 17:56 - 00016148 _____ C:\WINDOWS\system32\LENOVO_Lenovo_HistoryPrediction.bin 2015-10-25 16:01 - 2015-10-25 16:01 - 00001188 _____ C:\Users\Lenovo\Desktop\eurotrucks2 - Shortcut.lnk 2015-10-25 16:00 - 2015-10-25 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4 2015-10-25 16:00 - 2015-10-25 16:00 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4 2015-10-24 15:09 - 2015-10-25 17:09 - 00000000 ____D C:\Users\Lenovo\Documents\Euro Truck Simulator 2 2015-10-24 10:32 - 2015-10-24 10:37 - 00000264 _____ C:\Users\Lenovo\Desktop\wma.exe.txt 2015-10-24 10:29 - 2015-10-24 10:31 - 00000086 _____ C:\Users\Lenovo\Desktop\debug_13509.exe.txt 2015-10-24 10:25 - 2015-10-24 10:25 - 00000859 _____ C:\Users\Lenovo\Desktop\Euro Truck Simulator 2 (x64).lnk 2015-10-24 10:25 - 2015-10-24 10:25 - 00000859 _____ C:\Users\Lenovo\Desktop\Euro Truck Simulator 2 (x32).lnk 2015-10-24 10:25 - 2015-10-24 10:25 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Euro Truck Simulator 2 2015-10-22 12:09 - 2015-10-22 12:10 - 00000212 _____ C:\Users\Lenovo\Desktop\Песни BGSAMP.NET.url 2015-10-22 12:06 - 2015-10-22 12:07 - 00000186 _____ C:\Users\Lenovo\Desktop\BGSAMP.NET.url 2015-10-21 18:00 - 2015-10-23 13:47 - 00002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-10-21 18:00 - 2015-10-21 18:00 - 00929872 _____ (Google Inc.) C:\Users\Lenovo\Downloads\ChromeSetup (2).exe 2015-10-21 18:00 - 2015-10-21 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-21 17:55 - 2015-10-21 17:55 - 00929872 _____ (Google Inc.) C:\Users\Lenovo\Downloads\ChromeSetup (1).exe 2015-10-21 12:02 - 2015-10-21 12:02 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2015-10-21 12:02 - 2015-10-21 12:02 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2015-10-18 15:05 - 2015-10-18 15:05 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BACL SpeechLab 2.0 2015-10-17 13:39 - 2015-10-24 14:19 - 00000978 _____ C:\Users\Lenovo\Desktop\BGSAMP.NET Stuff.txt 2015-10-16 17:42 - 2015-10-16 17:42 - 00002854 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-10-16 17:42 - 2015-10-16 17:42 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-10-16 17:42 - 2015-10-16 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-10-16 17:42 - 2015-10-16 17:42 - 00000000 ____D C:\Program Files\CCleaner 2015-10-16 12:28 - 2015-10-16 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2015-10-13 17:46 - 2015-10-10 18:12 - 00000791 _____ C:\Users\Lenovo\Desktop\1YOUTUBEDESIGN - Shortcut.lnk 2015-10-11 16:50 - 2015-10-11 16:50 - 00023687 _____ C:\Users\Lenovo\Desktop\2c8ee2ed4e2f8d7e2193e4479d19dc85_400x400.jpeg 2015-10-10 17:41 - 2015-10-16 05:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-10-10 17:41 - 2015-10-16 05:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-10 12:45 - 2015-10-10 12:45 - 00000815 _____ C:\Users\Lenovo\Downloads\PhotoViewer.reg 2015-10-10 12:45 - 2015-10-10 12:45 - 00000815 _____ C:\Users\Lenovo\Downloads\PhotoViewer (2).reg 2015-10-10 12:45 - 2015-10-10 12:45 - 00000815 _____ C:\Users\Lenovo\Downloads\PhotoViewer (1).reg 2015-10-10 11:53 - 2015-10-10 11:53 - 00002210 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-10-10 11:52 - 2015-10-03 06:58 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-10-10 11:52 - 2015-10-03 06:58 - 00105264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-10-10 11:52 - 2015-10-03 04:28 - 00102520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-10-10 11:51 - 2015-10-03 06:58 - 42914096 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 37882488 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 22342264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 18387064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 16548768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 15837152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 14841232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 13525200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 12038368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 02313336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 01994360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435850.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435850.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00877176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00689968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00445216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00414000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00388048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00376112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00339064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00315936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-10-10 11:51 - 2015-10-03 06:58 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2015-10-10 10:56 - 2015-10-10 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-10-10 10:56 - 2015-10-10 10:57 - 00000000 ____D C:\Users\Lenovo\AppData\Local\NVIDIA Corporation 2015-10-10 10:56 - 2015-10-10 10:57 - 00000000 ____D C:\Users\Lenovo\AppData\Local\NVIDIA 2015-10-10 10:56 - 2015-10-10 10:56 - 00001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-10-10 10:56 - 2015-10-04 10:23 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2015-10-10 10:56 - 2015-10-04 10:23 - 01317192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2015-10-10 10:56 - 2015-10-04 10:22 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2015-10-10 10:56 - 2015-10-04 10:22 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2015-10-10 10:56 - 2015-08-11 06:52 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2015-10-10 10:56 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-10-10 10:56 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2015-10-10 10:55 - 2015-10-10 12:03 - 00000000 ____D C:\Users\Lenovo\Documents\STAR WARS Battlefront Beta 2015-10-10 10:54 - 2015-10-10 10:54 - 00001016 _____ C:\Users\Public\Desktop\STAR WARS Battlefront Beta.lnk 2015-10-10 10:54 - 2015-10-10 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront Beta 2015-10-10 09:12 - 2015-10-10 09:17 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Origin 2015-10-10 09:12 - 2015-10-10 09:17 - 00000000 ____D C:\Users\Lenovo\AppData\Local\Origin 2015-10-10 09:11 - 2015-10-10 17:34 - 00000000 ____D C:\ProgramData\Origin 2015-10-10 09:11 - 2015-10-10 10:55 - 00000000 ____D C:\ProgramData\Electronic Arts 2015-10-10 09:11 - 2015-10-10 09:11 - 00000674 _____ C:\Users\Public\Desktop\Origin.lnk 2015-10-10 09:11 - 2015-10-10 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-10-10 09:10 - 2015-10-10 09:10 - 00000000 ____D C:\Users\Lenovo\New folder (2) 2015-10-03 18:01 - 2015-10-03 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-25 19:04 - 2015-08-07 11:04 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Skype 2015-10-25 19:03 - 2015-08-07 18:37 - 00000420 _____ C:\WINDOWS\Tasks\update-S-1-5-21-1575859030-328305844-2887797700-1000.job 2015-10-25 19:02 - 2015-08-25 18:45 - 00001020 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-25 19:00 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\system32\sru 2015-10-25 18:40 - 2015-08-06 20:23 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-10-25 18:31 - 2015-08-07 10:30 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Spotify 2015-10-25 16:10 - 2015-08-07 18:36 - 00000420 _____ C:\WINDOWS\Tasks\update-sys.job 2015-10-25 16:00 - 2015-06-17 18:38 - 00001158 _____ C:\Users\Lenovo\Desktop\Cheat Engine.lnk 2015-10-25 15:44 - 2015-08-22 11:35 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{91F14B8C-584B-44D6-B10D-520A87499A60} 2015-10-25 15:42 - 2015-08-30 16:58 - 00000000 ___RD C:\Users\Lenovo\Google Диск 2015-10-25 15:42 - 2015-08-22 11:34 - 00000000 ____D C:\Users\Lenovo\AppData\Local\LogMeIn Hamachi 2015-10-25 15:42 - 2015-08-07 10:31 - 00000000 ____D C:\Users\Lenovo\AppData\Local\Spotify 2015-10-25 15:41 - 2015-08-25 18:45 - 00001016 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-25 15:39 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-10-24 15:29 - 2015-08-07 11:28 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\uTorrent 2015-10-24 15:03 - 2015-08-07 06:43 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-24 14:44 - 2015-09-22 12:07 - 00000000 ____D C:\Users\Lenovo\AppData\LocalLow\uTorrent 2015-10-24 13:33 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\rescache 2015-10-23 15:07 - 2015-09-14 09:10 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\www.gtavicecity.ru 2015-10-21 19:26 - 2015-08-06 20:27 - 00000000 ____D C:\Users\Lenovo 2015-10-21 19:17 - 2015-08-25 17:44 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\.minecraft 2015-10-21 18:00 - 2015-08-25 18:45 - 00000000 ____D C:\Users\Lenovo\AppData\Local\Google 2015-10-21 18:00 - 2015-08-25 18:45 - 00000000 ____D C:\Program Files (x86)\Google 2015-10-21 17:21 - 2015-08-07 11:04 - 00000000 ____D C:\ProgramData\Skype 2015-10-21 17:18 - 2015-08-06 20:23 - 00000000 ____D C:\ProgramData\NVIDIA 2015-10-21 17:18 - 2015-08-06 20:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-10-21 14:51 - 2015-08-10 19:12 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc 2015-10-21 12:02 - 2015-08-30 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-10-16 12:28 - 2015-08-17 11:03 - 00000552 _____ C:\Users\Public\Desktop\Fraps.lnk 2015-10-12 14:32 - 2015-08-06 20:11 - 00353392 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\system32\sl-SI 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\system32\he-IL 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\system32\Dism 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\system32\ar-SA 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\Provisioning 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\WINDOWS\L2Schemas 2015-10-12 14:29 - 2015-08-07 06:48 - 00000000 ____D C:\Program Files\Windows Journal 2015-10-12 14:26 - 2015-08-07 06:29 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-10-12 14:23 - 2015-08-07 18:49 - 08679350 _____ C:\WINDOWS\PFRO.log 2015-10-10 19:44 - 2015-08-15 09:25 - 00000000 ____D C:\Program Files (x86)\KMSPico 2015-10-10 18:06 - 2015-09-22 18:02 - 00000000 ____D C:\Users\Lenovo\Desktop\1desktopfiles 2015-10-10 18:00 - 2015-08-06 23:06 - 00000000 ____D C:\found.000 2015-10-10 15:35 - 2015-08-07 14:23 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\NVIDIA 2015-10-10 12:46 - 2015-09-11 19:00 - 00001634 _____ C:\Users\Lenovo\Desktop\GTA San Andreas User Files - Shortcut.lnk 2015-10-10 12:46 - 2015-08-07 14:15 - 00001066 _____ C:\Users\Lenovo\Desktop\Viber.lnk 2015-10-10 11:53 - 2015-08-06 20:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-10-10 11:52 - 2015-08-06 20:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-10-10 10:56 - 2015-08-06 20:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-10-10 09:12 - 2015-08-10 17:45 - 00000000 ____D C:\ProgramData\Package Cache 2015-10-08 12:40 - 2015-08-10 17:23 - 00000000 ____D C:\Users\Lenovo\AppData\Local\Steam 2015-10-06 20:45 - 2015-07-23 03:02 - 11210056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2015-10-03 18:01 - 2015-08-07 18:37 - 00003488 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-1575859030-328305844-2887797700-1000 2015-10-03 18:01 - 2015-08-07 18:37 - 00000424 _____ C:\Users\Lenovo\AppData\Local\UserProducts.xml 2015-10-03 06:58 - 2015-07-23 03:02 - 18354984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2015-10-03 06:58 - 2015-07-23 03:02 - 15803800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2015-10-03 06:58 - 2015-07-23 03:02 - 12868120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2015-10-03 06:58 - 2015-07-23 03:02 - 03534888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2015-10-03 06:58 - 2015-07-23 03:02 - 03121144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2015-10-03 06:58 - 2015-07-23 03:02 - 00034392 _____ C:\WINDOWS\system32\nvinfo.pb 2015-10-03 06:58 - 2015-04-16 18:03 - 00204648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2015-10-03 06:58 - 2015-04-16 06:19 - 01567576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2015-10-03 04:38 - 2015-08-06 20:23 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-10-03 04:38 - 2015-08-06 20:23 - 02982704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-10-03 04:38 - 2015-08-06 20:23 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-10-03 04:38 - 2015-08-06 20:23 - 00938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-10-03 04:38 - 2015-08-06 20:23 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-10-03 04:38 - 2015-08-06 20:23 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-10-01 11:30 - 2015-08-06 20:23 - 05284082 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-09-30 17:48 - 2015-08-13 12:00 - 00419446 _____ C:\WINDOWS\system32\perfh001.dat 2015-09-30 17:48 - 2015-08-13 12:00 - 00406144 _____ C:\WINDOWS\system32\perfh00D.dat 2015-09-30 17:48 - 2015-08-13 12:00 - 00063912 _____ C:\WINDOWS\system32\perfc00D.dat 2015-09-30 17:48 - 2015-08-13 12:00 - 00063912 _____ C:\WINDOWS\system32\perfc001.dat 2015-09-30 17:48 - 2015-08-06 20:32 - 01821872 _____ C:\WINDOWS\system32\PerfStringBackup.INI ==================== Files in the root of some directories ======= 2015-08-20 07:33 - 2015-08-20 07:33 - 0000000 _____ () C:\Users\Lenovo\AppData\Roaming\g78rfdsafhi 2015-09-18 18:57 - 2015-09-18 18:57 - 0001456 _____ () C:\Users\Lenovo\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-08-07 18:36 - 2015-08-07 18:36 - 0000003 _____ () C:\Users\Lenovo\AppData\Local\updater.log 2015-08-07 18:37 - 2015-10-03 18:01 - 0000424 _____ () C:\Users\Lenovo\AppData\Local\UserProducts.xml 2015-08-06 20:22 - 2015-08-06 20:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Lenovo\AppData\Local\Temp\drm_dyndata_7370014.dll C:\Users\Lenovo\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Lenovo\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Lenovo\AppData\Local\Temp\InstHelper.exe C:\Users\Lenovo\AppData\Local\Temp\Opera_NI_stable.exe C:\Users\Lenovo\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Lenovo\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Lenovo\AppData\Local\Temp\vcredist12_x86.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-10-24 13:08 ==================== End of FRST.txt ============================ Addition.txt
  18. Здравейте, реших да си дръпна някои игричка да разцъкам и си избрах този торент Стартирах setup.exe и преди още да съм инсталирал нещо, различни програми започнаха да се самоинсталират, включително и Opera и други известни и неизвестни. Почнах да ги деинсталирвам от control panel-a, но нови и нови продължаваха да се появяват. От Task Manager - Startup зададох каквото не ми е познато на disabled и рестартирах компютъра и продължих да трия, но отново се появавяха и Defender започна да гърми за различни файлове и ги remove-вах, след което разбрах, че няма да се справя сам и влязох в safe mode, за да мога да пиша тук. Ето FRST.txt (като част от мнение ми даде, че post заявката е твърде голяма) и Addition.txt Благодаря предварително! Addition.txt FRST.txt
  19. Здравейте, Попаднах на компютър, заразен с crypto вирус. По форума виждам, че не съм единствения, борещ се с този проблем. Криптираните файлове, които забелязах са с разширения (вероятно е да има и други): .cer , .xls , .doc , .docx , .zip , .rar , .pdf , .txt , .dbf , .mdb , .ppt . Съдейки по датите на променените файлове, процесът на криптиране е започнал около 22:40 на 01.10. За разлика от други crypto вируси, на които съм попадал, при този няма никаква информация за обратна връзка за декриптиране. За съжаление, Shadow Explorer не сработи. Прилагам FRST log, като според мен, предупреждения от рода на "HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION" се дължат на CryptoPrevent, инсталиран март месец тази година: ================================================================= Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-09-2015 Ran by User (administrator) on DIANA (02-10-2015 16:05:34) Running from C:\Documents and Settings\User\My Documents\Downloads Loaded Profiles: User (Available Profiles: User) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (TODO: <Company name>) C:\Genius\ioCentre\gTaskBar.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (TODO: <Company name>) C:\Genius\ioCentre\gMouseTask.exe (TODO: <Company name>) C:\Genius\ioCentre\gKbdTask.exe (TODO: <Company name>) C:\Genius\ioCentre\gAutoPan.exe () C:\Genius\ioCentre\gAutoScroll.exe (TODO: <Company name>) C:\Genius\ioCentre\gZoom.exe (TODO: <Company name>) C:\Genius\ioCentre\gMGlass.exe (TODO: <Company name>) C:\Genius\ioCentre\gIMMgm.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (TODO: <Company name>) C:\Genius\ioCentre\gDeskMgm.exe (TODO: <Company name>) C:\Genius\ioCentre\gTaskSwitch.exe (CANON INC.) C:\WINDOWS\system32\CNAB4RPK.EXE (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17887232 2009-06-12] (Realtek Semiconductor Corp.) HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [ioCentre] => C:\Genius\ioCentre\gTaskBar.exe [241664 2006-12-08] (TODO: <Company name>) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION HKLM Group Policy restriction on software: ** <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION HKLM Group Policy restriction on software: *:\RECYCLER <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\open source software bundle installer.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\open source software bundle installer.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\open source software bundle installer.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\open source software bundle installer.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\open source software bundle installer.exe <====== ATTENTION HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\...\Run: [Google Update] => C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.) HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\...\Run: [iLivid] => "C:\Documents and Settings\User\Local Settings\Application Data\iLivid\iLivid.exe" -autorun HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53737488 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\...\MountPoints2: {0318e233-a93b-11df-ae4f-00265538f7e0} - POZLATIO\\javio.exe HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\...\MountPoints2: {53ba268e-193c-11e3-9a63-00265538f7e0} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL start.exe HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\...\MountPoints2: {9b59d334-3a34-11e3-9a7d-00265538f7e0} - H:\USBAutoRun.exe HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\MICROI~1.SCR [784041 2015-04-21] (Microinvest ) AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL => No File IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTION HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-01-07] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 10.10.1.1 Tcpip\..\Interfaces\{BC25206F-471F-448A-9E8D-607140714507}: [DhcpNameServer] 10.10.1.1 Internet Explorer: ================== HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page = www.microinvest.net HKU\S-1-5-21-1078081533-1303643608-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=725&systemid=406&v=n9602-132&apn_uid=5471591332344133&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKLM -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm174^YYA^bg&si=CD9418&ptb=7BF3EA8C-DA6D-4824-ADC4-2CE00E22141D&ind=2013101112&n=77fd7c38&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKU\S-1-5-21-1078081533-1303643608-1801674531-1003 -> {1059ba16-437d-4e6f-8d1e-abb4fa565e2c} URL = hxxp://www.searchsave.com/index.php?req=search&term={searchTerms} SearchScopes: HKU\S-1-5-21-1078081533-1303643608-1801674531-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=725&systemid=406&v=n9602-132&apn_uid=5471591332344133&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKU\S-1-5-21-1078081533-1303643608-1801674531-1003 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm174^YYA^bg&si=CD9418&ptb=7BF3EA8C-DA6D-4824-ADC4-2CE00E22141D&ind=2013101112&n=77fd7c38&psa=&st=sb&searchfor={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-07] (AVAST Software) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File Toolbar: HKLM - EFOToolbar - {AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - C:\DOCUME~1\User\APPLIC~1\OSI\dlls\EFOTOO~1.DLL No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.) Toolbar: HKU\S-1-5-21-1078081533-1303643608-1801674531-1003 -> EFOToolbar - {AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - C:\DOCUME~1\User\APPLIC~1\OSI\dlls\EFOTOO~1.DLL No File Toolbar: HKU\S-1-5-21-1078081533-1303643608-1801674531-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.) DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://mwb.municipalbank.bg/CSWebBankASP/capicom.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p9t1dyhs.default FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Ask.com FF Homepage: hxxp://www.google.bg/ FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=7BF3EA8C-DA6D-4824-ADC4-2CE00E22141D&n=77fd7c3f&ind=2013101119&p2=^HJ^xdm174^YYA^bg&si=CD9418&searchfor= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] () FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin: @VideoDownloadConverter_ScriptHelper.com/Plugin -> C:\Program Files\VideoDownloadConverter\npVDCPlugin.dll [No File] FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1078081533-1303643608-1801674531-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-1078081533-1303643608-1801674531-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2013-01-02] (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF SearchPlugin: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p9t1dyhs.default\searchplugins\bingp.xml [2013-07-11] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2013-10-11] FF Extension: B-Trust Tool - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p9t1dyhs.default\Extensions\[email protected] [2015-05-29] FF Extension: New tab - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p9t1dyhs.default\Extensions\{12EA0B34-CD10-0574-EA58-62B2AED1FE75} [2013-12-11] FF Extension: Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p9t1dyhs.default\Extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} [2013-10-11] FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\p9t1dyhs.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-02-02] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-10-01] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-10-01] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-04-14] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-08-05] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071113" CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll => No File CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.101\gcswf32.dll => No File CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll => No File CHR Plugin: (Native Client) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll => No File CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.101\pdf.dll => No File CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Google Update) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Profile: C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (avast! WebRep) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2011-10-06] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-07] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16] StartMenuInternet: chrome.exe - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-07] (AVAST Software) R2 nvsvc; C:\WINDOWS\system32\nvsvc32.exe [168004 2009-05-01] (NVIDIA Corporation) [File not signed] R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-07] () R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [20624 2012-10-31] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-07] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-07] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-07] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-07] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-07] (AVAST Software) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-07] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-07] () S2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [41984 2004-05-17] (DeviceGuys, Inc.) [File not signed] S3 gHidPnp; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [14848 2006-07-14] () S3 gMouUsb; C:\WINDOWS\System32\DRIVERS\gMouUsb.sys [9984 2006-07-14] () R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [8055584 2009-05-01] (NVIDIA Corporation) [File not signed] R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54784 2008-08-01] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2008-08-01] (NVIDIA Corporation) S3 usbbus; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [13056 2008-11-19] (LG Electronics Inc.) S3 UsbDiag; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-19] (LG Electronics Inc.) S3 USBModem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-19] (LG Electronics Inc.) S4 IntelIde; no ImagePath S3 StarOpen; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-02 16:02 - 2015-10-02 16:05 - 00000000 ____D C:\FRST 2015-10-01 13:09 - 2015-10-01 14:03 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-09-23 09:07 - 2015-09-23 09:07 - 00000000 ____D C:\Program Files\Common Files\Skype 2015-09-23 09:07 - 2015-09-23 09:07 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype 2015-09-12 10:36 - 2015-09-12 10:36 - 00019306 _____ C:\Documents and Settings\User\Desktop\PROTOKOL.xlsx ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-02 16:05 - 2010-04-14 11:29 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Temp 2015-10-02 16:03 - 2010-04-30 09:42 - 00000420 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{9B58B9BC-CCE5-4BE8-864A-C05B141F56C4}.job 2015-10-02 15:57 - 2012-06-04 16:18 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Axialis 2015-10-02 14:41 - 2014-06-27 16:29 - 00000446 _____ C:\WINDOWS\Tasks\SyncBackFree PlN.job 2015-10-02 14:34 - 2010-04-14 11:22 - 00000000 ____D C:\WINDOWS\Registration 2015-10-02 13:29 - 2010-04-14 11:24 - 01437563 _____ C:\WINDOWS\WindowsUpdate.log 2015-10-02 13:28 - 2013-01-02 14:36 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-10-02 13:28 - 2010-04-14 14:20 - 00000159 _____ C:\WINDOWS\wiadebug.log 2015-10-02 13:28 - 2010-04-14 14:20 - 00000053 _____ C:\WINDOWS\wiaservc.log 2015-10-02 13:28 - 2010-04-14 11:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-10-02 13:28 - 2009-05-01 00:30 - 00229488 _____ C:\WINDOWS\system32\NvApps.xml 2015-10-02 13:27 - 2010-04-14 11:29 - 00000278 ___SH C:\Documents and Settings\User\ntuser.ini 2015-10-02 13:27 - 2010-04-14 11:27 - 00032628 _____ C:\WINDOWS\SchedLgU.Txt 2015-10-02 10:52 - 2010-04-15 15:54 - 00184123 _____ C:\WINDOWS\mcmaster.ini 2015-10-02 10:27 - 2013-06-17 19:11 - 00000000 ____D C:\Documents and Settings\User\Application Data\Skype 2015-10-02 10:26 - 2012-05-11 14:52 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-10-02 10:26 - 2008-04-14 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2015-10-01 22:58 - 2010-04-15 14:36 - 00000000 ____D C:\Package 2015-10-01 22:58 - 2010-04-15 14:21 - 00000000 ____D C:\McMaster 2015-10-01 22:52 - 2014-09-18 16:32 - 00707874 _____ C:\dok [email protected] 2015-10-01 22:52 - 2014-09-18 16:31 - 00863016 _____ C:\dok [email protected] 2015-10-01 22:52 - 2012-01-12 12:07 - 01408703 _____ C:\[email protected] 2015-10-01 22:51 - 2014-09-18 16:40 - 00928311 _____ C:\Document [email protected] 2015-10-01 22:51 - 2014-08-22 14:22 - 00001588 _____ C:\[email protected] 2015-10-01 22:51 - 2010-04-15 14:19 - 00000000 ____D C:\dcdownload 2015-10-01 22:49 - 2014-04-28 16:08 - 01040038 _____ C:\Documents and Settings\User\My Documents\МАРИЯ[email protected] 2015-10-01 22:43 - 2014-08-12 18:24 - 00020484 _____ C:\Documents and Settings\User\My Documents\[email protected] 2015-10-01 22:34 - 2013-04-29 12:43 - 00020996 _____ C:\Documents and Settings\User\My Documents\PERSONAL [email protected] 2015-10-01 22:33 - 2015-04-15 11:49 - 00000000 ____D C:\Documents and Settings\User\My Documents\MICRO 2015-10-01 22:33 - 2015-03-31 18:42 - 00000000 ____D C:\Documents and Settings\User\My Documents\MIKRO 2015-10-01 22:33 - 2014-11-28 14:09 - 00000000 ____D C:\Documents and Settings\User\My Documents\OKLASSSSSSSSSSSSSSS 2015-10-01 22:33 - 2014-04-28 14:50 - 00267780 _____ C:\Documents and Settings\User\My Documents\[email protected] 2015-10-01 22:33 - 2013-07-24 18:44 - 00028676 _____ C:\Documents and Settings\User\My Documents\[email protected] 2015-10-01 22:23 - 2015-02-27 17:11 - 00018948 _____ C:\Documents and Settings\User\My Documents\[email protected] 2015-10-01 22:23 - 2013-05-27 19:56 - 00020996 _____ C:\Documents and Settings\User\My Documents\[email protected] 2015-10-01 22:23 - 2012-05-04 10:43 - 00195588 _____ C:\Documents and Settings\User\My Documents\Copy of GRAFIK-Д[email protected] 2015-10-01 22:23 - 2011-04-29 19:01 - 03428111 _____ C:\Documents and Settings\User\My Documents\[email protected] 2015-10-01 18:21 - 2010-04-16 10:42 - 00000148 _____ C:\WINDOWS\McMaster2007.INI 2015-09-25 15:29 - 2011-04-26 18:34 - 00000000 ____D C:\Documents and Settings\User\Local Settings\Application Data\Google 2015-09-23 09:36 - 2012-06-19 16:20 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-09-23 09:36 - 2011-10-06 14:45 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-09-23 09:07 - 2014-02-28 11:22 - 00001878 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk 2015-09-23 09:07 - 2013-06-17 19:10 - 00000000 ___RD C:\Program Files\Skype 2015-09-23 09:07 - 2013-06-17 19:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype 2015-09-04 11:39 - 2010-04-29 14:31 - 00002497 _____ C:\Documents and Settings\User\Desktop\Microsoft Office Word 2003.lnk ==================== Files in the root of some directories ======= 2010-04-15 16:04 - 2010-04-15 16:04 - 0278752 _____ () C:\Documents and Settings\User\Local Settings\Application Data\Open Source Software Bundle Installer.exe Some files in TEMP: ==================== C:\Documents and Settings\User\Local Settings\Temp\BlackBerryDeviceManager.exe C:\Documents and Settings\User\Local Settings\Temp\BlackBerryLauncher.exe C:\Documents and Settings\User\Local Settings\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================
  20. За съжаление и аз бях поразен от този криптиращ вирус преди 2 дни. Получих съобщение за плащане- писах но отговор няма. За съжаление засега помощ от никъде. Съобщението е това: единият мейл адрес дори не е активен recovery.BMP
  21. Ето това ми излиза през 20 секунди, че антивирусната го блокирала... Сканирвам с FRST и не ми излизат лог файловете, FRST е на десктопа.
  22. Имам един вирус, който му забарви името. Появяват се изщачащи прозорци при ползване на google chrome. Почистих комюпътра последователно със adwcleaner, htiman pro, malwarebytes... Не успява да го изчисти за съжаление Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018 Ran by yanka (administrator) on DESKTOP-CPJ8TFE (30-06-2018 22:09:28) Running from C:\Users\yanka\Downloads Loaded Profiles: yanka & (Available Profiles: yanka) Platform: Windows 10 Pro Version 1803 17134.112 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Performix LLC) C:\Program Files (x86)\Adguard\AdguardSvc.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe (Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Performix LLC) C:\Program Files (x86)\Adguard\Adguard.exe () C:\Program Files (x86)\BoricaAD\BISS\BISS.exe (Oracle Corporation) C:\Program Files (x86)\BoricaAD\BISS\jre1.8.0_144\bin\javaw.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-20] (AVAST Software) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4514304 2014-08-26] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [709416 2018-03-10] (Autodesk, Inc.) HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2018-05-11] (ABBYY Production LLC.) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06302018220720016\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06302018220720050\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-3081403711-1452664787-965955870-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5716752 2018-03-06] (Performix LLC) HKU\S-1-5-21-3081403711-1452664787-965955870-1001\...\Policies\Explorer: [] HKU\S-1-5-21-3081403711-1452664787-965955870-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-3081403711-1452664787-965955870-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06302018220720081\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5716752 2018-03-06] (Performix LLC) HKU\S-1-5-21-3081403711-1452664787-965955870-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06302018220720081\...\Policies\Explorer: [] HKU\S-1-5-21-3081403711-1452664787-965955870-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06302018220720081\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2018-04-12] (Microsoft Corporation) Startup: C:\Users\yanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BISS.lnk [2018-04-17] ShortcutTarget: BISS.lnk -> C:\Program Files (x86)\BoricaAD\BISS\BISS.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 94.26.50.7 94.26.50.8 Tcpip\..\Interfaces\{8fb52371-846f-4f09-8a26-cc1246842a61}: [DhcpNameServer] 94.26.50.7 94.26.50.8 Internet Explorer: ================== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-03-18] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: wzwpem97.default FF ProfilePath: C:\Users\yanka\AppData\Roaming\Mozilla\Firefox\Profiles\wzwpem97.default [2018-06-29] FF Extension: (Avast SafePrice) - C:\Users\yanka\AppData\Roaming\Mozilla\Firefox\Profiles\wzwpem97.default\Extensions\[email protected] [2018-04-12] FF Extension: (Avast Online Security) - C:\Users\yanka\AppData\Roaming\Mozilla\Firefox\Profiles\wzwpem97.default\Extensions\[email protected] [2018-06-20] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2015-05-06] (Nitro PDF) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.) Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/docs/spreadsheets/favicon_jfk2.png CHR Profile: C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default [2018-06-30] CHR Extension: (Презентации) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-11] CHR Extension: (Документи) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-11] CHR Extension: (Google Диск) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-11] CHR Extension: (YouTube) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-11] CHR Extension: (Avast SafePrice) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-20] CHR Extension: (Таблици) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-11] CHR Extension: (КАСА - Google Таблици) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjagmccglmmkiaepnjekpdffjbeaehoc [2018-05-11] CHR Extension: (Google Документи офлайн) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-04-12] CHR Extension: (Avast Online Security) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-13] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11] CHR Extension: (Scrummos) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaapbceemikiebmdofdbfoflpfnnepf [2018-06-07] CHR Extension: (Gmail) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-11] CHR Extension: (Chrome Media Router) - C:\Users\yanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-11] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1374072 2018-03-10] (Autodesk Inc.) R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [129296 2018-03-06] (Performix LLC) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-20] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-20] (AVAST Software) S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed] R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed] R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes) R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-05-06] (Nitro PDF Software) R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-05-06] () R2 osrss; C:\WINDOWS\system32\osrss.dll [131288 2018-06-27] (Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [81000 2017-03-27] () R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-06-20] (AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-06-20] (AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-06-20] (AVAST Software) R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-06-20] (AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-06-20] (AVAST Software) S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-20] (AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-06-20] (AVAST Software) S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-06-20] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-06-20] (AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-06-20] (AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-06-20] (AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-06-20] (AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [463080 2018-06-20] (AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-06-20] (AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-06-20] (AVAST Software) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-06-29] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-06-30] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-06-30] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-06-30] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-06-30] (Malwarebytes) R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek ) S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-30 22:09 - 2018-06-30 22:09 - 000018683 _____ C:\Users\yanka\Downloads\FRST.txt 2018-06-30 22:09 - 2018-06-30 22:09 - 000000000 ____D C:\FRST 2018-06-30 22:08 - 2018-06-30 22:08 - 002412544 _____ (Farbar) C:\Users\yanka\Downloads\FRST64.exe 2018-06-30 21:55 - 2018-06-30 21:55 - 000000000 ___HD C:\OneDriveTemp 2018-06-29 21:10 - 2018-06-29 21:10 - 043520264 _____ (Microsoft Corporation) C:\Users\yanka\Downloads\Windows-KB890830-x64-V5.61.exe 2018-06-29 10:59 - 2018-06-29 10:59 - 000000567 _____ C:\Users\yanka\Desktop\JRT.txt 2018-06-29 10:54 - 2018-06-29 10:54 - 001790024 _____ (Malwarebytes) C:\Users\yanka\Downloads\JRT.exe 2018-06-26 13:52 - 2018-06-26 13:52 - 000287149 _____ C:\Users\yanka\Downloads\AccountStatementDocuments_NID01_180626_134436_BFA0D4AB-2985-4CEF-B3BC-DED1D1692DBC.pdf 2018-06-25 16:28 - 2018-06-25 16:28 - 000064524 _____ C:\Users\yanka\Downloads\pog_plan_PDK0320180625162424.pdf 2018-06-22 14:41 - 2018-06-22 14:41 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump 2018-06-22 14:40 - 2018-06-29 10:54 - 000000000 ____D C:\Users\yanka\AppData\LocalLow\Mozilla 2018-06-22 14:40 - 2018-06-22 14:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-06-22 14:40 - 2018-06-22 14:40 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk 2018-06-22 14:40 - 2018-06-22 14:40 - 000000000 ____D C:\Users\yanka\AppData\Roaming\Mozilla 2018-06-22 14:40 - 2018-06-22 14:40 - 000000000 ____D C:\Users\yanka\AppData\Local\Mozilla 2018-06-22 14:40 - 2018-06-22 14:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-06-22 14:39 - 2018-06-22 14:40 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-06-22 14:39 - 2018-06-22 14:39 - 000313656 _____ (Mozilla) C:\Users\yanka\Downloads\Firefox Installer.exe 2018-06-22 14:38 - 2018-06-30 22:09 - 000000000 ____D C:\ProgramData\Adguard 2018-06-22 14:38 - 2018-06-30 21:34 - 000000000 ____D C:\Program Files (x86)\Adguard 2018-06-22 14:38 - 2018-06-22 14:38 - 000173328 _____ C:\Users\yanka\Downloads\adguardInstaller.exe 2018-06-22 14:38 - 2018-06-22 14:38 - 000000998 _____ C:\Users\Public\Desktop\Adguard.lnk 2018-06-22 14:38 - 2018-06-22 14:38 - 000000260 _____ C:\WINDOWS\SysWOW64\Drivers\vwifikerneldrv.sys 2018-06-22 14:38 - 2018-06-22 14:38 - 000000260 _____ C:\WINDOWS\SysWOW64\d3dx9_11.dll.tmp 2018-06-22 14:38 - 2018-06-22 14:38 - 000000260 _____ C:\ProgramData\fontcacheev1.dat 2018-06-22 14:38 - 2018-06-22 14:38 - 000000000 ____D C:\Users\yanka\AppData\Roaming\Performix LLC 2018-06-22 14:38 - 2018-06-22 14:38 - 000000000 ____D C:\Users\yanka\AppData\Local\Performix_LLC 2018-06-22 14:38 - 2018-06-22 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard 2018-06-22 14:38 - 2017-03-27 08:01 - 000081000 _____ () C:\WINDOWS\system32\Drivers\adgnetworkwfpdrv.sys 2018-06-22 14:37 - 2018-06-30 22:10 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2018-06-22 14:37 - 2018-06-30 22:06 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2018-06-22 14:37 - 2018-06-30 22:05 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2018-06-22 14:37 - 2018-06-29 10:02 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2018-06-22 14:36 - 2018-06-30 22:05 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-06-22 12:21 - 2018-06-22 12:21 - 000327839 _____ C:\Users\yanka\Downloads\Дневник за покупките-12.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000227871 _____ C:\Users\yanka\Downloads\Дневник за покупките-10.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000203267 _____ C:\Users\yanka\Downloads\Дневник за покупките-11.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000159818 _____ C:\Users\yanka\Downloads\Дневник за покупките-03.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000146997 _____ C:\Users\yanka\Downloads\Дневник за покупките-05.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000143804 _____ C:\Users\yanka\Downloads\Дневник за покупките-09.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000137572 _____ C:\Users\yanka\Downloads\Дневник за покупките-06.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000130622 _____ C:\Users\yanka\Downloads\Дневник за покупките-07.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000130494 _____ C:\Users\yanka\Downloads\Дневник за покупките-04.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000130406 _____ C:\Users\yanka\Downloads\Дневник за покупките-01.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000129562 _____ C:\Users\yanka\Downloads\Дневник за покупките-10.2016.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000124790 _____ C:\Users\yanka\Downloads\Дневник за покупките-11.2016.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000120244 _____ C:\Users\yanka\Downloads\Дневник за покупките-09.2016.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000116948 _____ C:\Users\yanka\Downloads\Дневник за покупките-12.2016.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000115595 _____ C:\Users\yanka\Downloads\Дневник за покупките-08.2017.pdf 2018-06-22 12:21 - 2018-06-22 12:21 - 000115549 _____ C:\Users\yanka\Downloads\Дневник за покупките-02.2017.pdf 2018-06-22 12:16 - 2018-06-22 12:16 - 000102400 _____ C:\Users\yanka\Downloads\Платежно вещо лице.pdf 2018-06-21 12:56 - 2018-06-21 12:56 - 000111064 _____ C:\Users\yanka\Downloads\Интертайм континентал (1).pdf 2018-06-21 10:37 - 2018-06-21 10:37 - 000000000 ____D C:\Users\yanka\AppData\Local\CrashDumps 2018-06-21 10:19 - 2018-06-21 10:19 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-06-21 10:19 - 2018-06-21 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-06-21 10:19 - 2018-06-21 10:19 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-06-21 10:19 - 2018-06-21 10:19 - 000000000 ____D C:\Program Files\Malwarebytes 2018-06-21 10:19 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-06-21 10:14 - 2018-06-21 10:14 - 000000000 ____D C:\Users\yanka\AppData\Roaming\Obsidium 2018-06-21 09:45 - 2018-06-27 03:55 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-06-21 09:45 - 2018-06-27 03:55 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-06-21 09:44 - 2018-06-21 09:49 - 000003518 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-06-21 09:44 - 2018-06-21 09:49 - 000003394 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-06-21 09:42 - 2018-06-29 09:44 - 000000000 ____D C:\Users\yanka\AppData\Local\AVAST Software 2018-06-20 17:35 - 2018-06-20 17:35 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2018-06-20 17:35 - 2018-06-20 17:35 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys 2018-06-20 10:13 - 2018-06-20 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit) 2018-06-20 09:50 - 2018-06-20 09:51 - 000000000 ____D C:\AdwCleaner 2018-06-20 09:50 - 2018-06-20 09:50 - 007372496 _____ (Malwarebytes) C:\Users\yanka\Downloads\adwcleaner_7.2.0.exe 2018-06-20 09:46 - 2018-06-20 09:46 - 000012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe 2018-06-20 09:43 - 2018-06-20 09:47 - 000000000 ____D C:\ProgramData\HitmanPro 2018-06-20 09:43 - 2018-06-20 09:43 - 011609024 _____ (SurfRight B.V.) C:\Users\yanka\Downloads\hitmanpro_x64.exe 2018-06-15 14:55 - 2018-06-15 14:55 - 000112090 _____ C:\Users\yanka\Downloads\Интертайм континентал.pdf 2018-06-15 02:35 - 2018-06-08 22:07 - 002266520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2018-06-15 02:35 - 2018-06-08 22:07 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2018-06-15 02:35 - 2018-06-08 22:07 - 000183712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe 2018-06-15 02:35 - 2018-06-08 22:07 - 000040864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll 2018-06-15 02:35 - 2018-06-08 22:07 - 000019872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVTerminator.dll 2018-06-15 02:35 - 2018-06-08 22:05 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2018-06-15 02:35 - 2018-06-08 22:02 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2018-06-15 02:35 - 2018-06-08 22:02 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2018-06-15 02:35 - 2018-06-08 22:02 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe 2018-06-15 02:35 - 2018-06-08 22:01 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2018-06-15 02:35 - 2018-06-08 22:01 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2018-06-15 02:35 - 2018-06-08 21:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2018-06-15 02:35 - 2018-06-08 21:47 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2018-06-15 02:35 - 2018-06-08 21:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2018-06-15 02:35 - 2018-06-08 21:45 - 012712448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-06-15 02:35 - 2018-06-08 21:45 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2018-06-15 02:35 - 2018-06-08 21:45 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe 2018-06-15 02:35 - 2018-06-08 21:45 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2018-06-15 02:35 - 2018-06-08 21:44 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2018-06-15 02:35 - 2018-06-08 21:44 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2018-06-15 02:35 - 2018-06-08 21:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2018-06-15 02:35 - 2018-06-08 21:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll 2018-06-15 02:35 - 2018-06-08 21:43 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2018-06-15 02:35 - 2018-06-08 21:43 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2018-06-15 02:35 - 2018-06-08 21:43 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll 2018-06-15 02:35 - 2018-06-08 21:43 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2018-06-15 02:35 - 2018-06-08 21:43 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2018-06-15 02:35 - 2018-06-08 21:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2018-06-15 02:35 - 2018-06-08 21:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-06-15 02:35 - 2018-06-08 21:42 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2018-06-15 02:35 - 2018-06-08 21:42 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-06-15 02:35 - 2018-06-08 21:42 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2018-06-15 02:35 - 2018-06-08 21:42 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2018-06-15 02:35 - 2018-06-08 21:42 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe 2018-06-15 02:35 - 2018-06-08 21:42 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2018-06-15 02:35 - 2018-06-08 21:42 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe 2018-06-15 02:35 - 2018-06-08 21:42 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe 2018-06-15 02:35 - 2018-06-08 21:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2018-06-15 02:35 - 2018-06-08 21:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2018-06-15 02:35 - 2018-06-08 21:41 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2018-06-15 02:35 - 2018-06-08 21:41 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-06-15 02:35 - 2018-06-08 21:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2018-06-15 02:35 - 2018-06-08 21:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2018-06-15 02:35 - 2018-06-08 21:40 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll 2018-06-15 02:35 - 2018-06-08 20:07 - 000148896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe 2018-06-15 02:35 - 2018-06-08 20:06 - 001539488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2018-06-15 02:35 - 2018-06-08 20:04 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2018-06-15 02:35 - 2018-06-08 19:58 - 002206544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL 2018-06-15 02:35 - 2018-06-08 19:58 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2018-06-15 02:35 - 2018-06-08 19:51 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-06-15 02:35 - 2018-06-08 19:50 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe 2018-06-15 02:35 - 2018-06-08 19:48 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2018-06-15 02:35 - 2018-06-08 19:48 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-06-15 02:35 - 2018-06-08 19:47 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2018-06-15 02:35 - 2018-06-08 19:47 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-06-15 02:35 - 2018-06-08 19:47 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll 2018-06-15 02:35 - 2018-06-08 19:47 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2018-06-15 02:35 - 2018-06-08 19:47 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2018-06-15 02:35 - 2018-06-08 19:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll 2018-06-15 02:35 - 2018-06-08 19:46 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2018-06-15 02:35 - 2018-06-08 19:46 - 002016256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2018-06-15 02:35 - 2018-06-08 19:46 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2018-06-15 02:35 - 2018-06-08 19:45 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2018-06-15 02:35 - 2018-06-08 19:06 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2018-06-15 02:35 - 2018-06-08 19:05 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2018-06-15 02:35 - 2018-06-08 19:05 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2018-06-15 02:35 - 2018-06-08 17:00 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2018-06-15 02:35 - 2018-06-08 17:00 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2018-06-15 02:35 - 2018-06-08 13:38 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2018-06-15 02:35 - 2018-06-08 13:37 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2018-06-15 02:35 - 2018-06-08 13:35 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2018-06-15 02:35 - 2018-06-08 13:35 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2018-06-15 02:35 - 2018-06-08 13:34 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2018-06-15 02:35 - 2018-06-08 13:34 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2018-06-15 02:35 - 2018-06-08 13:31 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2018-06-15 02:35 - 2018-06-08 13:31 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2018-06-15 02:35 - 2018-06-08 13:31 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys 2018-06-15 02:35 - 2018-06-08 13:30 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2018-06-15 02:35 - 2018-06-08 12:34 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-06-15 02:35 - 2018-06-08 12:34 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-06-15 02:35 - 2018-06-08 12:33 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2018-06-15 02:35 - 2018-06-08 12:33 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2018-06-15 02:35 - 2018-06-08 12:33 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll 2018-06-15 02:35 - 2018-06-08 12:33 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll 2018-06-15 02:35 - 2018-06-08 12:31 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2018-06-15 02:35 - 2018-06-08 12:31 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2018-06-15 02:35 - 2018-06-08 12:31 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys 2018-06-15 02:35 - 2018-06-08 12:30 - 009148320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-06-15 02:35 - 2018-06-08 12:30 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2018-06-15 02:35 - 2018-06-08 12:30 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2018-06-15 02:35 - 2018-06-08 12:30 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2018-06-15 02:35 - 2018-06-08 12:30 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2018-06-15 02:35 - 2018-06-08 12:30 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2018-06-15 02:35 - 2018-06-08 12:30 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2018-06-15 02:35 - 2018-06-08 12:30 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2018-06-15 02:35 - 2018-06-08 12:30 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2018-06-15 02:35 - 2018-06-08 12:30 - 000567184 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2018-06-15 02:35 - 2018-06-08 12:30 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2018-06-15 02:35 - 2018-06-08 12:30 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2018-06-15 02:35 - 2018-06-08 12:30 - 000491328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2018-06-15 02:35 - 2018-06-08 12:30 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2018-06-15 02:35 - 2018-06-08 12:30 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2018-06-15 02:35 - 2018-06-08 12:30 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2018-06-15 02:35 - 2018-06-08 12:30 - 000134584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 007520000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 006817384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 004403280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 002836384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2018-06-15 02:35 - 2018-06-08 12:29 - 002753048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2018-06-15 02:35 - 2018-06-08 12:29 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 002564984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2018-06-15 02:35 - 2018-06-08 12:29 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001946328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001921952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2018-06-15 02:35 - 2018-06-08 12:29 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001611592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-06-15 02:35 - 2018-06-08 12:29 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001288816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-06-15 02:35 - 2018-06-08 12:29 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001150416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001148808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001112608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2018-06-15 02:35 - 2018-06-08 12:29 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys 2018-06-15 02:35 - 2018-06-08 12:29 - 000885880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000792992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2018-06-15 02:35 - 2018-06-08 12:29 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2018-06-15 02:35 - 2018-06-08 12:29 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000413824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000413088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2018-06-15 02:35 - 2018-06-08 12:29 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2018-06-15 02:35 - 2018-06-08 12:29 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2018-06-15 02:35 - 2018-06-08 12:29 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll 2018-06-15 02:35 - 2018-06-08 12:29 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll 2018-06-15 02:35 - 2018-06-08 12:13 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-06-15 02:35 - 2018-06-08 12:12 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2018-06-15 02:35 - 2018-06-08 12:12 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2018-06-15 02:35 - 2018-06-08 12:11 - 001461744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2018-06-15 02:35 - 2018-06-08 12:11 - 000550616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2018-06-15 02:35 - 2018-06-08 12:10 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2018-06-15 02:35 - 2018-06-08 12:10 - 002331584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2018-06-15 02:35 - 2018-06-08 12:10 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2018-06-15 02:35 - 2018-06-08 12:10 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2018-06-15 02:35 - 2018-06-08 12:10 - 001397200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2018-06-15 02:35 - 2018-06-08 12:10 - 001011992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2018-06-15 02:35 - 2018-06-08 12:10 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2018-06-15 02:35 - 2018-06-08 12:10 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll 2018-06-15 02:35 - 2018-06-08 12:10 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 006569960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 006527064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 004788512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 002535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 002242216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 001980872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 001805776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 001709720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 001380200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 001129648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 001020168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 000988136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 000770160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll 2018-06-15 02:35 - 2018-06-08 12:09 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll 2018-06-15 02:35 - 2018-06-08 12:04 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2018-06-15 02:35 - 2018-06-08 12:03 - 022005760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2018-06-15 02:35 - 2018-06-08 12:03 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll 2018-06-15 02:35 - 2018-06-08 12:03 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2018-06-15 02:35 - 2018-06-08 12:03 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll 2018-06-15 02:35 - 2018-06-08 12:03 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2018-06-15 02:35 - 2018-06-08 12:02 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-06-15 02:35 - 2018-06-08 12:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2018-06-15 02:35 - 2018-06-08 12:02 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe 2018-06-15 02:35 - 2018-06-08 12:02 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2018-06-15 02:35 - 2018-06-08 12:01 - 004563456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2018-06-15 02:35 - 2018-06-08 12:01 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2018-06-15 02:35 - 2018-06-08 12:01 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2018-06-15 02:35 - 2018-06-08 12:01 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2018-06-15 02:35 - 2018-06-08 12:01 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2018-06-15 02:35 - 2018-06-08 12:01 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2018-06-15 02:35 - 2018-06-08 12:01 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2018-06-15 02:35 - 2018-06-08 12:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2018-06-15 02:35 - 2018-06-08 12:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2018-06-15 02:35 - 2018-06-08 12:00 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-06-15 02:35 - 2018-06-08 12:00 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2018-06-15 02:35 - 2018-06-08 12:00 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2018-06-15 02:35 - 2018-06-08 12:00 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2018-06-15 02:35 - 2018-06-08 12:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll 2018-06-15 02:35 - 2018-06-08 12:00 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2018-06-15 02:35 - 2018-06-08 12:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2018-06-15 02:35 - 2018-06-08 12:00 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll 2018-06-15 02:35 - 2018-06-08 12:00 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys 2018-06-15 02:35 - 2018-06-08 11:59 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2018-06-15 02:35 - 2018-06-08 11:59 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-06-15 02:35 - 2018-06-08 11:59 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-06-15 02:35 - 2018-06-08 11:59 - 001767936 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2018-06-15 02:35 - 2018-06-08 11:59 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2018-06-15 02:35 - 2018-06-08 11:59 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2018-06-15 02:35 - 2018-06-08 11:59 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2018-06-15 02:35 - 2018-06-08 11:59 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2018-06-15 02:35 - 2018-06-08 11:59 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2018-06-15 02:35 - 2018-06-08 11:59 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2018-06-15 02:35 - 2018-06-08 11:59 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2018-06-15 02:35 - 2018-06-08 11:58 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-06-15 02:35 - 2018-06-08 11:58 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-06-15 02:35 - 2018-06-08 11:58 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll 2018-06-15 02:35 - 2018-06-08 11:58 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2018-06-15 02:35 - 2018-06-08 11:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2018-06-15 02:35 - 2018-06-08 11:58 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2018-06-15 02:35 - 2018-06-08 11:58 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2018-06-15 02:35 - 2018-06-08 11:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll 2018-06-15 02:35 - 2018-06-08 11:58 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2018-06-15 02:35 - 2018-06-08 11:58 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2018-06-15 02:35 - 2018-06-08 11:57 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2018-06-15 02:35 - 2018-06-08 11:57 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-06-15 02:35 - 2018-06-08 11:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2018-06-15 02:35 - 2018-06-08 11:57 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2018-06-15 02:35 - 2018-06-08 11:57 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2018-06-15 02:35 - 2018-06-08 11:57 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2018-06-15 02:35 - 2018-06-08 11:57 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2018-06-15 02:35 - 2018-06-08 11:57 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2018-06-15 02:35 - 2018-06-08 11:57 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 004336128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 002902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL 2018-06-15 02:35 - 2018-06-08 11:56 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2018-06-15 02:35 - 2018-06-08 11:56 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2018-06-15 02:35 - 2018-06-08 11:55 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 001371648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 001033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2018-06-15 02:35 - 2018-06-08 11:55 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2018-06-15 02:35 - 2018-06-08 11:55 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2018-06-15 02:35 - 2018-06-08 11:54 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2018-06-15 02:35 - 2018-06-08 11:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL 2018-06-15 02:35 - 2018-06-08 11:53 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2018-06-15 02:35 - 2018-06-08 11:53 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2018-06-15 02:35 - 2018-06-08 11:53 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2018-06-15 02:35 - 2018-06-08 11:53 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2018-06-15 02:35 - 2018-06-08 11:53 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-06-15 02:35 - 2018-06-08 11:53 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-06-15 02:35 - 2018-06-08 11:53 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2018-06-15 02:35 - 2018-06-08 11:53 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2018-06-15 02:35 - 2018-06-08 10:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim 2018-06-15 02:35 - 2018-06-06 21:57 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll 2018-06-15 02:35 - 2018-06-06 07:20 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2018-06-15 02:35 - 2018-06-02 02:24 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2018-06-15 02:35 - 2018-06-02 01:54 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2018-06-15 02:35 - 2018-05-25 06:24 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2018-06-12 17:17 - 2018-06-12 17:17 - 000118694 _____ C:\Users\yanka\Downloads\vedomost-05.2018.pdf 2018-06-12 17:17 - 2018-06-12 17:17 - 000118094 _____ C:\Users\yanka\Downloads\vedomost - 04.2018.pdf 2018-06-12 17:17 - 2018-06-12 17:17 - 000117855 _____ C:\Users\yanka\Downloads\vedomost - 01.2018.pdf 2018-06-12 17:17 - 2018-06-12 17:17 - 000117300 _____ C:\Users\yanka\Downloads\vedomost - 12.2017.pdf 2018-06-12 17:17 - 2018-06-12 17:17 - 000117219 _____ C:\Users\yanka\Downloads\vedomost-01.2017 (2).pdf 2018-06-12 16:46 - 2018-06-12 16:46 - 000126684 _____ C:\Users\yanka\Downloads\vedomost - 07.2017 (1).pdf 2018-06-12 16:46 - 2018-06-12 16:46 - 000123495 _____ C:\Users\yanka\Downloads\vedomost-08.2017 (1).pdf 2018-06-12 14:55 - 2018-06-12 14:55 - 000094834 _____ C:\Users\yanka\Downloads\фактура Смарт систем.pdf 2018-06-12 14:32 - 2018-06-12 14:32 - 003037451 _____ C:\Users\yanka\Downloads\ITC-geo-milev-vedomosti.rar 2018-06-12 14:32 - 2018-06-12 14:32 - 000000000 ____D C:\Users\yanka\Downloads\ITC-geo-milev-vedomosti 2018-06-12 14:29 - 2018-06-12 14:29 - 000119145 _____ C:\Users\yanka\Downloads\vedomost-11.2016.pdf 2018-06-12 14:29 - 2018-06-12 14:29 - 000118098 _____ C:\Users\yanka\Downloads\vedomost - 12.2016.pdf 2018-06-12 14:25 - 2018-06-12 14:25 - 000127307 _____ C:\Users\yanka\Downloads\vedomost-06.2017.pdf 2018-06-12 14:25 - 2018-06-12 14:25 - 000126524 _____ C:\Users\yanka\Downloads\vedomost-09.2017 (1).pdf 2018-06-12 14:25 - 2018-06-12 14:25 - 000124049 _____ C:\Users\yanka\Downloads\vedomost-03.2017 (1).pdf 2018-06-12 14:25 - 2018-06-12 14:25 - 000123740 _____ C:\Users\yanka\Downloads\vedomost-04.2017 (1).pdf 2018-06-12 14:25 - 2018-06-12 14:25 - 000123574 _____ C:\Users\yanka\Downloads\vedomost-01.2017 (1).pdf 2018-06-12 14:25 - 2018-06-12 14:25 - 000123528 _____ C:\Users\yanka\Downloads\vedomost-05.2017 (1).pdf 2018-06-12 14:25 - 2018-06-12 14:25 - 000123307 _____ C:\Users\yanka\Downloads\vedomost-02.2017 (1).pdf 2018-06-12 14:23 - 2018-06-12 14:23 - 000117693 _____ C:\Users\yanka\Downloads\vedomost - 06.2017.pdf 2018-06-12 14:23 - 2018-06-12 14:23 - 000117590 _____ C:\Users\yanka\Downloads\vedomost-08.2017.pdf 2018-06-12 14:23 - 2018-06-12 14:23 - 000117571 _____ C:\Users\yanka\Downloads\vedomost-05.2017.pdf 2018-06-12 14:23 - 2018-06-12 14:23 - 000117532 _____ C:\Users\yanka\Downloads\vedomost-03.2017.pdf 2018-06-12 14:23 - 2018-06-12 14:23 - 000117526 _____ C:\Users\yanka\Downloads\vedomost-09.2017.pdf 2018-06-12 14:23 - 2018-06-12 14:23 - 000117488 _____ C:\Users\yanka\Downloads\vedomost-04.2017.pdf 2018-06-12 14:23 - 2018-06-12 14:23 - 000117418 _____ C:\Users\yanka\Downloads\vedomost - 07.2017.pdf 2018-06-12 14:23 - 2018-06-12 14:23 - 000117219 _____ C:\Users\yanka\Downloads\vedomost-02.2017.pdf 2018-06-12 14:22 - 2018-06-12 14:22 - 000117219 _____ C:\Users\yanka\Downloads\vedomost-01.2017.pdf 2018-06-12 14:22 - 2018-06-12 14:22 - 000117194 _____ C:\Users\yanka\Downloads\vedomost-10.2017.pdf 2018-06-12 14:07 - 2018-06-12 14:07 - 000127143 _____ C:\Users\yanka\Downloads\vedomost-04.2018 (1).pdf 2018-06-12 11:03 - 2018-06-12 11:03 - 000007051 _____ C:\Users\yanka\Downloads\Размери паркинг система за 2 автомобила.pdf 2018-06-11 11:55 - 2018-06-11 11:55 - 000070716 _____ C:\Users\yanka\Downloads\210027991474_0242817462_20180611 (1).pdf 2018-06-11 11:53 - 2018-06-11 11:53 - 000070921 _____ C:\Users\yanka\Downloads\210035250539_0242958905_20180611.pdf 2018-06-11 11:53 - 2018-06-11 11:53 - 000070921 _____ C:\Users\yanka\Downloads\210035250539_0242958905_20180611 (1).pdf 2018-06-11 11:53 - 2018-06-11 11:53 - 000070852 _____ C:\Users\yanka\Downloads\210027957129_0242817459_20180611.pdf 2018-06-11 11:53 - 2018-06-11 11:53 - 000070852 _____ C:\Users\yanka\Downloads\210027957129_0242817459_20180611 (1).pdf 2018-06-11 11:53 - 2018-06-11 11:53 - 000070807 _____ C:\Users\yanka\Downloads\210027956931_0242817457_20180611.pdf 2018-06-11 11:53 - 2018-06-11 11:53 - 000070721 _____ C:\Users\yanka\Downloads\210027990088_0242817461_20180611.pdf 2018-06-11 11:53 - 2018-06-11 11:53 - 000070716 _____ C:\Users\yanka\Downloads\210027991474_0242817462_20180611.pdf 2018-06-11 11:53 - 2018-06-11 11:53 - 000070703 _____ C:\Users\yanka\Downloads\210027957228_0242817460_20180611.pdf 2018-06-08 18:50 - 2018-06-08 18:50 - 000126637 _____ C:\Users\yanka\Downloads\ведомост - 02,2018.pdf 2018-06-08 18:50 - 2018-06-08 18:50 - 000117857 _____ C:\Users\yanka\Downloads\ведомост - 02,2018 (1).pdf 2018-06-08 17:45 - 2018-06-08 17:45 - 000191624 _____ C:\Users\yanka\Downloads\ПРОФОРМА ФАКТУРА 3000010871 ИНТЕРТАЙМ КОНТИНЕНТАЛ АД (1).pdf 2018-06-08 15:11 - 2018-06-08 15:11 - 000040258 _____ C:\Users\yanka\Downloads\invoice-0000000103_both (1).pdf 2018-06-08 15:11 - 2018-06-08 15:11 - 000038860 _____ C:\Users\yanka\Downloads\invoice-0000000102_both.pdf 2018-06-08 13:07 - 2018-06-08 13:07 - 001887050 _____ C:\Users\yanka\Downloads\КСС, Протокол 1.pdf 2018-06-08 13:07 - 2018-06-08 13:07 - 000103078 _____ C:\Users\yanka\Downloads\F_1000000090.pdf 2018-06-08 13:01 - 2018-06-08 13:01 - 000037888 _____ C:\Users\yanka\Downloads\Oферта_29.03.18_Вълкович_Сивец (1).xls 2018-06-08 12:03 - 2018-06-08 12:03 - 000040258 _____ C:\Users\yanka\Downloads\invoice-0000000103_both.pdf 2018-06-08 11:47 - 2018-06-08 11:47 - 000054825 _____ C:\Users\yanka\Downloads\f-ra_O_0000000009.pdf 2018-06-08 11:02 - 2018-06-08 11:02 - 000190811 _____ C:\Users\yanka\Downloads\ПРОФОРМА ФАКТУРА 3000010871 ИНТЕРТАЙМ КОНТИНЕНТАЛ АД.pdf 2018-06-07 16:12 - 2018-06-07 16:12 - 001550999 _____ C:\Users\yanka\Downloads\Приемо-предавателен протокол и фактура договор за доставка (1).pdf 2018-06-06 13:13 - 2018-06-06 13:13 - 000227277 _____ C:\Users\yanka\Downloads\застраховка 3.pdf 2018-06-06 13:13 - 2018-06-06 13:13 - 000227165 _____ C:\Users\yanka\Downloads\застраховка 2.pdf 2018-06-06 13:13 - 2018-06-06 13:13 - 000227163 _____ C:\Users\yanka\Downloads\застраховка 1.pdf 2018-06-06 13:12 - 2018-06-06 13:12 - 000227001 _____ C:\Users\yanka\Downloads\застраховка.pdf 2018-06-06 13:12 - 2018-06-06 13:12 - 000052525 _____ C:\Users\yanka\Downloads\dobavak_Akt 14 UridL.PDF 2018-06-06 13:10 - 2018-06-06 13:10 - 000312116 _____ C:\Users\yanka\Downloads\Заявление за включване като страна по фирмен кредит ЮЛ.pdf 2018-06-06 13:10 - 2018-06-06 13:10 - 000223592 _____ C:\Users\yanka\Downloads\Заявление за включване като страна по фирмен кредит ФЛ.pdf 2018-06-05 11:53 - 2018-06-05 11:53 - 000066560 _____ C:\Users\yanka\Downloads\210027990088_0237832331_20180311.pdf 2018-06-05 11:38 - 2018-06-05 11:38 - 000065029 _____ C:\Users\yanka\Downloads\0366168966.pdf 2018-06-05 11:38 - 2018-06-05 11:38 - 000064959 _____ C:\Users\yanka\Downloads\0367921365.pdf 2018-06-05 11:04 - 2018-06-05 11:04 - 000013075 _____ C:\Users\yanka\Downloads\Protocol_05_18.xlsx 2018-06-04 13:52 - 2018-06-04 13:52 - 000612947 _____ C:\Users\yanka\Downloads\Отпуски май Делчо и Георги.pdf 2018-05-31 11:34 - 2018-05-31 11:34 - 003722701 _____ C:\Users\yanka\Downloads\ГФО 2017 и доклад.pdf 2018-05-31 10:13 - 2018-06-08 10:09 - 000000000 ____D C:\NAT32v2 2018-05-31 10:13 - 2018-05-31 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAT32 IP Router 2018-05-31 10:10 - 2018-05-31 10:10 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-05-31 10:10 - 2018-05-31 10:10 - 000000000 ____D C:\Program Files\MSBuild 2018-05-31 10:10 - 2018-05-31 10:10 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-05-31 10:09 - 2018-03-05 16:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2018-05-31 10:09 - 2018-03-05 16:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2018-05-31 10:09 - 2018-03-05 16:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2018-05-31 10:09 - 2018-02-14 16:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2018-05-31 10:09 - 2018-02-14 16:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2018-05-31 10:09 - 2018-02-14 16:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2018-05-31 10:07 - 2018-05-31 10:14 - 000000000 ____D C:\Users\yanka\AppData\Roaming\facebook-nativefier-f52d2f 2018-05-31 10:07 - 2018-05-31 10:07 - 005089366 _____ C:\Users\yanka\Downloads\nat32_2.2-Build-22270.zip 2018-05-31 10:07 - 2018-05-31 10:07 - 000004210 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1527750457 2018-05-31 10:07 - 2018-05-31 10:07 - 000001364 _____ C:\Users\yanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk 2018-05-31 10:07 - 2018-05-31 10:07 - 000000000 ____D C:\Users\yanka\AppData\Roaming\Opera Software 2018-05-31 10:07 - 2018-05-31 10:07 - 000000000 ____D C:\Users\yanka\AppData\Local\Opera Software 2018-05-31 10:07 - 2018-05-31 10:07 - 000000000 ____D C:\Program Files (x86)\Facebook ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-30 21:56 - 2018-05-16 17:35 - 000005246 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-CPJ8TFE-yanka DESKTOP-CPJ8TFE 2018-06-30 21:55 - 2018-05-16 17:30 - 000000000 ____D C:\Users\yanka 2018-06-30 21:55 - 2018-04-12 02:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-06-30 21:55 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-06-30 21:55 - 2018-04-12 02:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-06-30 21:55 - 2018-04-11 19:10 - 000000000 ___RD C:\Users\yanka\OneDrive 2018-06-30 21:53 - 2018-05-16 17:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-06-30 21:39 - 2018-05-16 17:38 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-06-30 21:39 - 2018-04-12 02:36 - 000000000 ____D C:\WINDOWS\INF 2018-06-30 21:34 - 2018-05-16 17:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-06-30 21:34 - 2018-04-11 19:55 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-06-29 21:10 - 2018-04-11 19:50 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-06-29 21:10 - 2018-04-11 19:50 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-06-29 11:00 - 2018-04-12 00:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-06-28 16:43 - 2018-04-12 14:57 - 000007995 _____ C:\WINDOWS\BRRBCOM.INI 2018-06-28 12:31 - 2018-04-11 19:09 - 000000000 ____D C:\Users\yanka\AppData\Local\Packages 2018-06-27 12:10 - 2018-04-11 19:10 - 000131288 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll 2018-06-22 14:59 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-06-22 14:38 - 2018-04-11 19:19 - 000000000 ____D C:\ProgramData\Package Cache 2018-06-21 17:05 - 2018-05-16 17:35 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3081403711-1452664787-965955870-1001 2018-06-21 17:05 - 2018-05-16 17:30 - 000002363 _____ C:\Users\yanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-06-21 10:33 - 2018-04-12 12:49 - 000000000 ____D C:\Users\yanka\AppData\Roaming\BitComet 2018-06-21 09:44 - 2018-04-11 19:11 - 000000000 ____D C:\Program Files (x86)\Google 2018-06-21 09:40 - 2018-05-16 17:35 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2018-06-20 17:35 - 2018-04-12 15:50 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000463080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2018-06-20 17:35 - 2018-04-12 15:50 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2018-06-20 17:35 - 2018-04-12 02:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2018-06-20 10:13 - 2018-04-12 12:49 - 000000853 _____ C:\Users\Public\Desktop\BitComet.lnk 2018-06-20 09:58 - 2018-04-12 14:20 - 000000000 ____D C:\Users\yanka\AppData\Local\Adobe 2018-06-15 03:11 - 2018-05-16 17:28 - 000493496 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA 2018-06-15 03:10 - 2018-04-12 12:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\TextInput 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\system32\appraiser 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2018-06-15 03:10 - 2018-04-12 02:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2018-06-15 03:10 - 2018-04-12 00:04 - 000000000 ____D C:\WINDOWS\system32\Dism 2018-06-15 02:40 - 2018-04-11 19:50 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-06-15 02:38 - 2018-04-12 02:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-06-11 14:01 - 2018-04-12 14:28 - 000000000 ____D C:\Users\yanka\AppData\Local\PlaceholderTileLogoFolder 2018-06-06 02:29 - 2018-04-12 02:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-06-06 02:29 - 2018-04-12 02:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-05-31 13:52 - 2018-04-17 15:06 - 000000000 ____D C:\Users\yanka\.B-Trust 2018-05-31 10:21 - 2018-05-11 11:43 - 000000000 ____D C:\Users\yanka\AppData\Local\ABBYY ==================== Files in the root of some directories ======= 2018-06-22 14:38 - 2018-06-22 14:38 - 000000260 _____ () C:\ProgramData\fontcacheev1.dat ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-05-16 17:28 ==================== End of FRST.txt ============================ Addition.txt
  23. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01 Ran by Ivanov (administrator) on AK-47 (02-06-2018 13:42:26) Running from C:\Users\Ivanov\Desktop Loaded Profiles: Ivanov (Available Profiles: Ivanov) Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (AMD) C:\Windows\System32\atiesrxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (CheckMAL Inc.) C:\Program Files\CheckMAL\AppCheck\AppCheckS.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe (AMD) C:\Windows\System32\atieclxx.exe (ESET) C:\Program Files\ESET\ESET Security\egui.exe (CheckMAL Inc.) C:\Program Files\CheckMAL\AppCheck\AppCheck.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe () D:\Tools\openhardwaremonitor-v0.8.0-beta\OpenHardwareMonitor\OpenHardwareMonitor.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-30] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-20] (ESET) HKLM\...\Run: [AppCheck Tray] => C:\Program Files\CheckMAL\AppCheck\AppCheck.exe [1618432 2018-05-31] (CheckMAL Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2066757042-3480725279-2205414077-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-2066757042-3480725279-2205414077-1001\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-2066757042-3480725279-2205414077-1001\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-2066757042-3480725279-2205414077-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Startup: C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ras.bat [2018-03-22] () GroupPolicy: Restriction ? <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{48F7F49A-375E-4842-B273-70E8E41861B0}: [NameServer] 178.254.208.2 178.254.192.3 Internet Explorer: ================== HKU\S-1-5-21-2066757042-3480725279-2205414077-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.bg/ SearchScopes: HKU\S-1-5-21-2066757042-3480725279-2205414077-1001 -> DefaultScope {95B213D6-17D3-4BF5-9C7B-3FEAD65E75D8} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2066757042-3480725279-2205414077-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2066757042-3480725279-2205414077-1001 -> {95B213D6-17D3-4BF5-9C7B-3FEAD65E75D8} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-26] (IObit) FireFox: ======== FF DefaultProfile: 2ev8556n.default FF ProfilePath: C:\Users\Ivanov\AppData\Roaming\Mozilla\Firefox\Profiles\2ev8556n.default [2018-06-01] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-06-01] () FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-06-01] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-01] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxps://www.google.bg/ CHR StartupUrls: Default -> "hxxp://google.bg/","hxxp://iron-start.com" CHR Profile: C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default [2018-06-02] CHR Extension: (Google Диск) - C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-01] CHR Extension: (AdGuard рекламен блокер) - C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2018-06-02] CHR Extension: (YouTube) - C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-01] CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-06-01] CHR Extension: (Disconnect) - C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2018-06-01] CHR Extension: (Morpheon Dark) - C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-06-01] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-01] CHR Extension: (Gmail) - C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-01] CHR Extension: (Chrome Media Router) - C:\Users\Ivanov\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-01] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.) [File not signed] R2 AppCheck; C:\Program Files\CheckMAL\AppCheck\AppCheckS.exe [1067856 2018-05-31] (CheckMAL Inc.) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-20] (ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-20] (ESET) R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-26] (IObit) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-06-30] (Realtek Semiconductor) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2018-06-01] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2018-06-01] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-26] () [File not signed] R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2018-06-01] (Advanced Micro Devices Inc.) R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2015-02-26] () [File not signed] R3 AppCheckD; C:\Program Files\CheckMAL\AppCheck\AppCheckD.sys [85328 2018-05-31] (CheckMAL Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [110096 2018-06-01] (Advanced Micro Devices) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137928 2018-04-13] (ESET) S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-04-13] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196112 2018-04-13] (ESET) R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [108320 2018-04-13] (ESET) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-06-01] (REALiX(tm)) R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-07] (IObit.com) R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [22416 2018-01-11] (IObit.com) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3737304 2015-01-06] (Realtek Semiconductor Corporation ) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2018-06-01] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2018-06-01] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2018-06-01] (Microsoft Corporation) R0 WofAdk; C:\Windows\System32\drivers\wofadk.sys [221376 2016-07-16] (Microsoft Corporation) R3 WinRing0_1_2_0; \??\D:\Tools\openhardwaremonitor-v0.8.0-beta\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-02 13:42 - 2018-06-02 13:43 - 000011098 _____ C:\Users\Ivanov\Desktop\FRST.txt 2018-06-02 13:42 - 2018-06-02 13:42 - 000000000 ____D C:\FRST 2018-06-02 13:41 - 2018-06-02 13:41 - 002413056 _____ (Farbar) C:\Users\Ivanov\Desktop\FRST64.exe 2018-06-02 12:49 - 2018-06-02 13:11 - 000000000 ____D C:\Backup(AppCheck) 2018-06-02 11:58 - 2018-06-02 11:58 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Chromium 2018-06-02 11:12 - 2018-06-02 11:12 - 000000000 ____D C:\Users\Ivanov\AppData\Local\Chromium 2018-06-02 01:31 - 2018-06-02 02:05 - 000000000 ____D C:\Users\Ivanov\AppData\Local\niemiro 2018-06-01 23:17 - 2018-06-01 23:17 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Mozilla 2018-06-01 22:44 - 2018-06-01 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppCheck 2018-06-01 22:44 - 2018-06-01 22:44 - 000000000 ____D C:\ProgramData\CheckMAL 2018-06-01 22:44 - 2018-06-01 22:44 - 000000000 ____D C:\Program Files\CheckMAL 2018-06-01 21:54 - 2018-06-01 22:25 - 000000000 ____D C:\Program Files\Heilig Defense, LLC 2018-06-01 21:22 - 2018-06-01 21:22 - 000004458 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-06-01 21:22 - 2018-06-01 21:22 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-06-01 21:22 - 2018-06-01 21:22 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Macromedia 2018-06-01 21:20 - 2018-06-01 21:22 - 000000000 ____D C:\Users\Ivanov\AppData\Local\Adobe 2018-06-01 19:56 - 2018-06-01 20:03 - 000000000 ____D C:\ProgramData\HitmanPro 2018-06-01 18:47 - 2018-06-01 18:47 - 000001897 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2018-06-01 18:47 - 2018-06-01 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-06-01 18:47 - 2018-06-01 18:47 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-06-01 18:47 - 2018-06-01 18:47 - 000000000 ____D C:\Program Files\Malwarebytes 2018-06-01 18:47 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2018-06-01 18:45 - 2018-06-02 08:57 - 000000000 ____D C:\Users\Ivanov\AppData\LocalLow\Mozilla 2018-06-01 17:22 - 2018-06-01 17:22 - 000000000 ____D C:\Program Files (x86)\Realtek Wireless LAN Adapter Software 2018-06-01 17:22 - 2018-06-01 17:22 - 000000000 ____D C:\Program Files (x86)\Cisco 2018-06-01 17:22 - 2015-01-06 12:41 - 003737304 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys 2018-06-01 17:22 - 2014-03-17 16:46 - 002961408 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlUI2.exe 2018-06-01 17:22 - 2014-03-17 16:46 - 000574464 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll 2018-06-01 17:22 - 2014-03-17 16:46 - 000516608 _____ (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\Rtlihvs.dll 2018-06-01 17:22 - 2014-03-17 16:46 - 000451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe 2018-06-01 17:22 - 2014-03-17 16:46 - 000000901 _____ C:\Windows\RtlUI2.exe.manifest 2018-06-01 17:22 - 2014-03-17 16:46 - 000000084 _____ C:\Windows\RtlUI2.ini 2018-06-01 16:14 - 2018-06-01 16:24 - 000000000 ____D C:\Users\Ivanov\AppData\Local\Mozilla 2018-06-01 08:24 - 2018-06-01 08:24 - 000002743 _____ C:\Users\Public\Desktop\Skype.lnk 2018-06-01 08:24 - 2018-06-01 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-06-01 08:23 - 2018-06-01 21:53 - 000000000 ____D C:\ProgramData\Package Cache 2018-06-01 08:17 - 2018-06-01 08:26 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Skype 2018-06-01 08:17 - 2018-06-01 08:17 - 000000000 ____D C:\Users\Ivanov\Tracing 2018-06-01 08:16 - 2018-06-01 08:24 - 000000000 ___RD C:\Program Files (x86)\Skype 2018-06-01 08:16 - 2018-06-01 08:24 - 000000000 ____D C:\ProgramData\Skype 2018-06-01 07:05 - 2018-06-01 07:05 - 000000000 ____D C:\Users\Ivanov\AppData\Local\PokerClient 2018-06-01 07:03 - 2018-06-01 07:03 - 000001099 _____ C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cleanmgr.lnk 2018-06-01 06:55 - 2018-06-01 06:55 - 000113400 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll 2018-06-01 06:55 - 2018-06-01 06:55 - 000110096 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWB6.sys 2018-06-01 06:54 - 2018-06-01 06:54 - 000083656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys 2018-06-01 06:54 - 2018-06-01 06:54 - 000023752 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys 2018-06-01 06:54 - 2018-06-01 06:54 - 000011944 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\amdide64.sys 2018-06-01 06:52 - 2018-06-01 06:52 - 000000000 ____D C:\Windows\IObit 2018-06-01 06:51 - 2018-06-01 06:51 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS 2018-06-01 06:36 - 2018-06-01 06:38 - 000000000 ____D C:\Users\Ivanov\AppData\Local\MSfree Inc 2018-06-01 06:13 - 2018-06-01 06:13 - 000780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll 2018-06-01 06:10 - 2018-06-01 06:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe 2018-06-01 06:00 - 2018-06-01 06:00 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys 2018-06-01 05:58 - 2018-06-01 05:58 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2018-06-01 05:55 - 2018-06-01 05:55 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2018-06-01 05:49 - 2018-06-01 05:49 - 000402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2018-06-01 05:49 - 2018-06-01 05:49 - 000357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2018-06-01 05:46 - 2018-06-01 05:46 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2018-06-01 05:46 - 2018-06-01 05:46 - 000208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2018-06-01 05:44 - 2018-06-01 05:44 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2018-06-01 05:44 - 2018-06-01 05:44 - 000749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2018-06-01 05:44 - 2018-06-01 05:44 - 000411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2018-06-01 05:44 - 2018-06-01 05:44 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2018-06-01 05:44 - 2018-06-01 05:44 - 000360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2018-06-01 05:44 - 2018-06-01 05:44 - 000257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2018-06-01 05:41 - 2018-06-01 05:41 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2018-06-01 05:41 - 2018-06-01 05:41 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2018-06-01 05:38 - 2018-06-01 05:38 - 000410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2018-06-01 05:33 - 2018-06-01 05:33 - 000653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2018-06-01 05:33 - 2018-06-01 05:33 - 000549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2018-06-01 05:30 - 2018-06-01 05:30 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll 2018-06-01 05:28 - 2018-06-01 05:28 - 000911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2018-06-01 05:28 - 2018-06-01 05:28 - 000413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2018-06-01 05:28 - 2018-06-01 05:28 - 000372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2018-06-01 05:28 - 2018-06-01 05:28 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2018-06-01 05:28 - 2018-06-01 05:28 - 000108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2018-06-01 05:28 - 2018-06-01 05:28 - 000038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2018-06-01 05:28 - 2018-06-01 05:28 - 000033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2018-06-01 05:25 - 2018-06-01 05:25 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2018-06-01 05:25 - 2018-06-01 05:25 - 000221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2018-06-01 05:25 - 2018-06-01 05:25 - 000212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2018-06-01 05:20 - 2018-06-01 05:20 - 002745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 002528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 002450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 002447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 002334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 002324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 001877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 001798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 001664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 001484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 001411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 001288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 001210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 001150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 001115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 001037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2018-06-01 05:20 - 2018-06-01 05:20 - 000275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2018-06-01 05:20 - 2018-06-01 05:20 - 000244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2018-06-01 05:20 - 2018-06-01 05:20 - 000090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2018-06-01 05:20 - 2018-06-01 05:20 - 000076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2018-06-01 05:17 - 2018-06-01 05:17 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2018-06-01 05:17 - 2018-06-01 05:17 - 000198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2018-06-01 05:17 - 2018-06-01 05:17 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2018-06-01 05:17 - 2018-06-01 05:17 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2018-06-01 05:14 - 2018-06-01 05:14 - 001728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2018-06-01 05:14 - 2018-06-01 05:14 - 001546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2018-06-01 05:14 - 2018-06-01 05:14 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2018-06-01 05:14 - 2018-06-01 05:14 - 000520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2018-06-01 05:14 - 2018-06-01 05:14 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2018-06-01 05:14 - 2018-06-01 05:14 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll 2018-06-01 05:12 - 2018-06-01 05:12 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe 2018-06-01 05:12 - 2018-06-01 05:12 - 000359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe 2018-06-01 05:12 - 2018-06-01 05:12 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe 2018-06-01 05:12 - 2018-06-01 05:12 - 000182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe 2018-06-01 04:59 - 2018-06-01 04:59 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2018-06-01 04:57 - 2018-06-01 04:57 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2018-06-01 04:57 - 2018-06-01 04:57 - 000561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2018-06-01 04:49 - 2018-06-01 04:49 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2018-06-01 04:49 - 2018-06-01 04:49 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2018-06-01 04:47 - 2018-06-01 04:47 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll 2018-06-01 04:47 - 2018-06-01 04:47 - 000578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll 2018-06-01 04:44 - 2018-06-01 04:44 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2018-06-01 04:44 - 2018-06-01 04:44 - 000483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2018-06-01 04:42 - 2018-06-01 04:42 - 000292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL 2018-06-01 04:42 - 2018-06-01 04:42 - 000243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL 2018-06-01 04:39 - 2018-06-01 04:39 - 000148832 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2018-06-01 04:36 - 2018-06-01 04:36 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 019790760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 015431680 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 013317632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 012879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 009323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2018-06-01 04:14 - 2018-06-01 04:14 - 009323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2018-06-01 04:14 - 2018-06-01 04:14 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 005275136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 005270528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 004690944 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 004298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 003610112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 003553280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 003548160 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 003084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002412544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002252800 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-06-01 04:14 - 2018-06-01 04:14 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-06-01 04:14 - 2018-06-01 04:14 - 001985536 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001565520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001562624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 001549136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 001541240 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001384216 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001364552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001213784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000949760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000837632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000780800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000685440 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000617472 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000590680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 000580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000537200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000482304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2018-06-01 04:14 - 2018-06-01 04:14 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2018-06-01 04:14 - 2018-06-01 04:14 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2018-06-01 04:14 - 2018-06-01 04:14 - 000393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000374096 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2018-06-01 04:14 - 2018-06-01 04:14 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000308872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2018-06-01 04:14 - 2018-06-01 04:14 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000245320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000174928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000164296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ulib.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uudf.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000140016 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL 2018-06-01 04:14 - 2018-06-01 04:14 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000114688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ufat.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2018-06-01 04:14 - 2018-06-01 04:14 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uexfat.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2018-06-01 04:14 - 2018-06-01 04:14 - 000072408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 000069976 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000066112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp 2018-06-01 04:14 - 2018-06-01 04:14 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cnvfat.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-06-01 04:14 - 2018-06-01 04:14 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000022360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cmimcext.sys 2018-06-01 04:14 - 2018-06-01 04:14 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mgmtapi.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2018-06-01 04:14 - 2018-06-01 04:14 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-06-01 04:13 - 2018-06-01 04:14 - 001763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 022374248 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 014466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 007797760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 007079424 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 003757056 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 003551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 003320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 003120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002923520 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002608640 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002530400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002452824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 002346496 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002176064 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 002013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 002003456 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 001968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001902328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001737592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001695744 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-06-01 04:13 - 2018-06-01 04:13 - 001662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 001559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001547264 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 001501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001500424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-06-01 04:13 - 2018-06-01 04:13 - 001491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001371344 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 001362432 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001292288 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 001265664 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001217536 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001192960 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 001137872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001115648 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001096192 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 001084928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2018-06-01 04:13 - 2018-06-01 04:13 - 001063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 001001984 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000989528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000922968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2018-06-01 04:13 - 2018-06-01 04:13 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000795648 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000748032 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000738104 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000704512 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2018-06-01 04:13 - 2018-06-01 04:13 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000656896 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000613632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000590848 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000571392 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000567656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000557568 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2018-06-01 04:13 - 2018-06-01 04:13 - 000533856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000531632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000513456 _____ C:\Windows\SysWOW64\locale.nls 2018-06-01 04:13 - 2018-06-01 04:13 - 000513456 _____ C:\Windows\system32\locale.nls 2018-06-01 04:13 - 2018-06-01 04:13 - 000512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2018-06-01 04:13 - 2018-06-01 04:13 - 000507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000461144 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000450392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000448629 _____ C:\Windows\system32\ApnDatabase.xml 2018-06-01 04:13 - 2018-06-01 04:13 - 000445952 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000445952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000443224 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000429568 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2018-06-01 04:13 - 2018-06-01 04:13 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000424448 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000422744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2018-06-01 04:13 - 2018-06-01 04:13 - 000420440 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000418640 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000380248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000377688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000374272 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000371200 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000356184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000354648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000341384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000324896 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000315736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000274272 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000272896 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000242520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000214392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000207360 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000202576 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000165376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000162850 _____ C:\Windows\SysWOW64\C_932.NLS 2018-06-01 04:13 - 2018-06-01 04:13 - 000162850 _____ C:\Windows\system32\C_932.NLS 2018-06-01 04:13 - 2018-06-01 04:13 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2018-06-01 04:13 - 2018-06-01 04:13 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000158552 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000152856 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000136832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbusr.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS 2018-06-01 04:13 - 2018-06-01 04:13 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000121168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000107984 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000100184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000096256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000093008 _____ (Microsoft Corporation) C:\Windows\system32\KeyboardFilterSvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000091992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000086360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000083456 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000080078 _____ C:\Windows\system32\normidna.nls 2018-06-01 04:13 - 2018-06-01 04:13 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000075440 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000065888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS 2018-06-01 04:13 - 2018-06-01 04:13 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000062304 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000057688 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp 2018-06-01 04:13 - 2018-06-01 04:13 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\cnvfat.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\vid.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000032768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000032384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000027992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000023040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000022816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbldfltr.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\mgmtapi.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000021856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\convert.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000017240 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys 2018-06-01 04:13 - 2018-06-01 04:13 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspiper.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-06-01 04:13 - 2018-06-01 04:13 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2018-06-01 04:13 - 2018-06-01 04:13 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll 2018-06-01 04:06 - 2018-06-01 04:26 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\PlanetWin365 Pro 2018-06-01 04:06 - 2018-06-01 04:06 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2018-06-01 04:06 - 2018-06-01 04:06 - 000375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2018-06-01 04:06 - 2018-06-01 04:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2018-06-01 04:06 - 2018-06-01 04:06 - 000129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2018-06-01 04:06 - 2018-06-01 04:06 - 000074584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2018-06-01 04:06 - 2018-06-01 04:06 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2018-06-01 04:05 - 2018-06-01 04:06 - 000000000 ____D C:\Program Files (x86)\PlanetWin365 Pro 2018-06-01 04:05 - 2018-06-01 04:05 - 001156608 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2018-06-01 04:05 - 2018-06-01 04:05 - 000627200 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2018-06-01 04:05 - 2018-06-01 04:05 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2018-06-01 04:05 - 2018-06-01 04:05 - 000363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2018-06-01 04:05 - 2018-06-01 04:05 - 000339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2018-06-01 04:05 - 2018-06-01 04:05 - 000320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll 2018-06-01 04:05 - 2018-06-01 04:05 - 000286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2018-06-01 04:05 - 2018-06-01 04:05 - 000002009 _____ C:\Users\Ivanov\Desktop\PlanetWin365 Pro.lnk 2018-06-01 04:05 - 2018-06-01 04:05 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetWin365 Pro 2018-06-01 04:04 - 2018-06-01 04:04 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2018-06-01 04:04 - 2018-06-01 04:04 - 000331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll 2018-06-01 04:04 - 2018-06-01 04:04 - 000291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll 2018-06-01 04:04 - 2018-06-01 04:04 - 000135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2018-06-01 04:04 - 2018-06-01 04:04 - 000115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll 2018-06-01 04:04 - 2018-06-01 04:04 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll 2018-06-01 04:04 - 2018-06-01 04:04 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll 2018-06-01 04:04 - 2018-06-01 04:04 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll 2018-06-01 04:04 - 2018-06-01 04:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll 2018-06-01 03:57 - 2018-06-01 03:57 - 000179248 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-06-01 03:57 - 2018-06-01 03:57 - 000104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-06-01 03:57 - 2018-06-01 03:57 - 000100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-06-01 03:52 - 2018-06-01 03:52 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-06-01 03:52 - 2018-06-01 03:52 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-06-01 03:52 - 2018-06-01 03:52 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-06-01 03:52 - 2018-06-01 03:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-06-01 03:16 - 2016-07-16 02:27 - 000221376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wofadk.sys 2018-06-01 03:09 - 2018-06-01 03:09 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Daum 2018-06-01 03:08 - 2018-06-01 03:10 - 000000995 _____ C:\Users\Ivanov\Desktop\PotPlayer 64 bit.lnk 2018-06-01 03:08 - 2018-06-01 03:09 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\PotPlayerMini64 2018-06-01 03:08 - 2018-06-01 03:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum 2018-06-01 03:08 - 2018-06-01 03:08 - 000000000 ____D C:\Program Files\DAUM 2018-06-01 03:07 - 2018-06-01 03:09 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\tixati 2018-06-01 03:05 - 2018-06-01 03:05 - 000000802 _____ C:\Users\Ivanov\Desktop\Tixati.lnk 2018-06-01 03:05 - 2018-06-01 03:05 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati 2018-06-01 03:05 - 2018-06-01 03:05 - 000000000 ____D C:\Users\Ivanov\AppData\Local\CEF 2018-06-01 03:05 - 2018-06-01 03:05 - 000000000 ____D C:\Program Files\tixati 2018-06-01 03:04 - 2018-06-01 03:04 - 000001138 _____ C:\Users\Public\Desktop\AOMEI OneKey Recovery 1.5.lnk 2018-06-01 03:04 - 2018-06-01 03:04 - 000001024 ____H C:\OKTAG.BIN 2018-06-01 03:04 - 2018-06-01 03:04 - 000001024 ____H C:\AMTAG.BIN 2018-06-01 03:04 - 2018-06-01 03:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI OneKey Recovery 1.5 2018-06-01 03:04 - 2015-02-26 10:00 - 000030648 _____ C:\Windows\system32\ambakdrv.sys 2018-06-01 03:04 - 2015-02-26 10:00 - 000017848 _____ C:\Windows\system32\amwrtdrv.sys 2018-06-01 03:04 - 2015-02-26 10:00 - 000013424 _____ C:\Windows\system32\amreg.sys 2018-06-01 03:03 - 2018-06-01 03:06 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel 2018-06-01 03:03 - 2018-06-01 03:04 - 000000000 ____D C:\Program Files (x86)\AOMEI OneKey Recovery 1.5 2018-06-01 03:03 - 2018-06-01 03:03 - 000001109 _____ C:\Users\Ivanov\Desktop\Hard Disk Sentinel.lnk 2018-06-01 03:03 - 2018-06-01 03:03 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Hard Disk Sentinel 2018-06-01 03:03 - 2018-06-01 03:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel 2018-06-01 03:02 - 2018-06-01 03:02 - 000000822 _____ C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poker at bet365.BG.lnk 2018-06-01 03:02 - 2018-06-01 03:02 - 000000792 _____ C:\Users\Ivanov\Desktop\Poker at bet365.BG.lnk 2018-06-01 03:01 - 2018-06-01 03:01 - 000001178 _____ C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenHardwareMonitor.lnk 2018-06-01 03:01 - 2018-06-01 03:01 - 000000000 ____D C:\Poker 2018-06-01 03:00 - 2018-06-01 21:09 - 000000000 ____D C:\Users\Ivanov\AppData\Local\PokerStars.BG 2018-06-01 03:00 - 2018-06-01 03:00 - 000002004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.bg.lnk 2018-06-01 03:00 - 2018-06-01 03:00 - 000001998 _____ C:\Users\Public\Desktop\PokerStars.bg.lnk 2018-06-01 02:59 - 2018-06-02 13:08 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\vlc 2018-06-01 02:59 - 2018-06-01 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.BG 2018-06-01 02:59 - 2018-06-01 02:59 - 000000893 _____ C:\Users\Public\Desktop\VLC media player.lnk 2018-06-01 02:59 - 2018-06-01 02:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2018-06-01 02:59 - 2018-06-01 02:59 - 000000000 ____D C:\Program Files\VideoLAN 2018-06-01 02:58 - 2018-06-01 03:04 - 000000000 ____D C:\Program Files (x86)\PokerStars.BG 2018-06-01 02:45 - 2018-06-01 06:58 - 000000000 ____D C:\ProgramData\ProductData 2018-06-01 02:45 - 2018-06-01 06:48 - 000000000 ____D C:\Users\Ivanov\AppData\LocalLow\IObit 2018-06-01 02:45 - 2018-06-01 02:45 - 000001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2018-06-01 02:45 - 2018-06-01 02:45 - 000001380 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2018-06-01 02:45 - 2018-06-01 02:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2018-06-01 02:44 - 2018-06-01 06:58 - 000000000 ____D C:\Program Files (x86)\IObit 2018-06-01 02:43 - 2018-06-01 07:00 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\IObit 2018-06-01 02:43 - 2018-06-01 06:52 - 000000000 ____D C:\ProgramData\IObit 2018-06-01 02:41 - 2018-06-01 02:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2018-06-01 02:41 - 2018-06-01 02:41 - 000000000 ____D C:\ProgramData\ESET 2018-06-01 02:41 - 2018-06-01 02:41 - 000000000 ____D C:\Program Files\ESET 2018-06-01 02:37 - 2018-06-01 01:46 - 000000000 ____D C:\Windows\Panther 2018-06-01 02:24 - 2018-06-01 02:24 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Google 2018-06-01 02:23 - 2018-06-01 02:30 - 000000000 ____D C:\Users\Ivanov\AppData\Local\Google 2018-06-01 02:23 - 2018-06-01 02:23 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-06-01 02:23 - 2018-06-01 02:23 - 000002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-06-01 02:22 - 2018-06-01 02:23 - 000000000 ____D C:\Program Files (x86)\Google 2018-06-01 02:22 - 2018-06-01 02:22 - 000003432 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-06-01 02:22 - 2018-06-01 02:22 - 000003304 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-06-01 02:19 - 2018-06-01 17:30 - 000000000 __SHD C:\Users\Ivanov\AppData\LocalLow\EmieUserList 2018-06-01 02:19 - 2018-06-01 17:30 - 000000000 __SHD C:\Users\Ivanov\AppData\LocalLow\EmieSiteList 2018-06-01 02:19 - 2018-06-01 17:30 - 000000000 __SHD C:\Users\Ivanov\AppData\Local\EmieUserList 2018-06-01 02:19 - 2018-06-01 17:30 - 000000000 __SHD C:\Users\Ivanov\AppData\Local\EmieSiteList 2018-06-01 02:19 - 2018-06-01 02:19 - 000000000 __SHD C:\Users\Ivanov\AppData\LocalLow\EmieBrowserModeList 2018-06-01 02:19 - 2018-06-01 02:19 - 000000000 __SHD C:\Users\Ivanov\AppData\Local\EmieBrowserModeList 2018-06-01 02:11 - 2018-06-01 02:11 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2018-06-01 02:11 - 2018-06-01 02:11 - 000000000 ____D C:\Windows\system32\SRSLabs 2018-06-01 02:11 - 2018-06-01 02:11 - 000000000 ____D C:\Program Files\Realtek 2018-06-01 02:11 - 2017-06-30 04:55 - 003509256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 003507688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 003410832 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 003122656 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 001382232 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 001347136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000984912 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000873456 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000691680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000158696 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2018-06-01 02:11 - 2017-06-30 04:55 - 000075536 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2018-06-01 02:11 - 2017-06-30 04:52 - 005826560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2018-06-01 02:11 - 2017-06-30 04:52 - 003677160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2018-06-01 02:11 - 2017-06-30 04:52 - 003205120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2018-06-01 02:11 - 2017-06-30 04:51 - 002210304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2018-06-01 02:11 - 2017-06-30 04:51 - 000023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2018-06-01 02:11 - 2017-06-29 13:05 - 012334923 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2018-06-01 02:10 - 2018-06-01 02:11 - 000000000 ___HD C:\Program Files (x86)\Temp 2018-06-01 02:10 - 2017-06-30 04:54 - 004059960 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2018-06-01 02:10 - 2017-06-30 04:53 - 001616680 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2018-06-01 02:10 - 2017-06-30 04:53 - 001529136 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64Proxy.dll 2018-06-01 02:10 - 2017-06-30 04:52 - 000574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2018-06-01 02:10 - 2017-06-30 04:52 - 000118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2018-06-01 02:10 - 2017-06-30 04:50 - 000122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2018-06-01 02:10 - 2016-09-23 00:55 - 002839520 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2018-06-01 02:09 - 2018-06-01 02:09 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center 2018-06-01 02:09 - 2018-06-01 02:09 - 000000000 ____D C:\Users\Ivanov\AppData\Local\AMD 2018-06-01 02:08 - 2018-06-01 02:08 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\ATI 2018-06-01 02:08 - 2018-06-01 02:08 - 000000000 ____D C:\Users\Ivanov\AppData\Local\ATI 2018-06-01 02:08 - 2018-06-01 02:08 - 000000000 ____D C:\ProgramData\ATI 2018-06-01 02:06 - 2018-04-20 09:56 - 000999296 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys 2018-06-01 02:06 - 2018-04-20 09:56 - 000122816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll 2018-06-01 02:04 - 2018-06-01 17:22 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-06-01 02:04 - 2018-06-01 02:10 - 000000000 ____D C:\Program Files (x86)\Realtek 2018-06-01 02:04 - 2018-06-01 02:04 - 000000000 ____D C:\Windows\SysWOW64\sda 2018-06-01 02:04 - 2012-06-15 08:50 - 000315536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUVStor.sys 2018-06-01 02:02 - 2018-06-01 02:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center 2018-06-01 02:02 - 2018-06-01 02:02 - 000000000 ____D C:\ProgramData\AMD 2018-06-01 02:02 - 2018-06-01 02:02 - 000000000 ____D C:\Program Files (x86)\AMD AVT 2018-06-01 02:02 - 2018-06-01 02:02 - 000000000 ____D C:\Program Files (x86)\AMD APP 2018-06-01 02:01 - 2018-06-01 02:01 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2018-06-01 02:01 - 2018-06-01 02:01 - 000000000 ____D C:\Program Files (x86)\ATI Technologies 2018-06-01 02:01 - 2018-06-01 02:01 - 000000000 _____ C:\Windows\ativpsrm.bin 2018-06-01 02:01 - 2012-08-08 22:07 - 005538984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2018-06-01 02:01 - 2012-08-08 22:03 - 010283520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2018-06-01 02:01 - 2012-08-08 22:00 - 024934912 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2018-06-01 02:01 - 2012-08-08 21:29 - 020546560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2018-06-01 02:01 - 2012-08-08 20:53 - 000268728 _____ C:\Windows\SysWOW64\atiapfxx.blb 2018-06-01 02:01 - 2012-08-08 20:53 - 000268728 _____ C:\Windows\system32\atiapfxx.blb 2018-06-01 02:01 - 2012-08-08 20:52 - 000163840 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2018-06-01 02:01 - 2012-08-08 20:46 - 000534528 _____ (AMD) C:\Windows\system32\atieclxx.exe 2018-06-01 02:01 - 2012-08-08 20:46 - 000442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2018-06-01 02:01 - 2012-08-08 20:46 - 000239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2018-06-01 02:01 - 2012-08-08 20:44 - 000120320 _____ (AMD) C:\Windows\system32\atitmm64.dll 2018-06-01 02:01 - 2012-08-08 20:44 - 000059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll 2018-06-01 02:01 - 2012-08-08 20:44 - 000043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll 2018-06-01 02:01 - 2012-08-08 20:44 - 000021504 _____ (AMD) C:\Windows\system32\atimuixx.dll 2018-06-01 02:01 - 2012-08-08 20:43 - 006430208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2018-06-01 02:01 - 2012-08-08 20:38 - 000070144 _____ (AMD) C:\Windows\system32\coinst_8.982.7.dll 2018-06-01 02:01 - 2012-08-08 20:27 - 007052288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll 2018-06-01 02:01 - 2012-08-08 20:11 - 004269056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2018-06-01 02:01 - 2012-08-08 20:10 - 003150560 _____ C:\Windows\system32\atiumd6a.cap 2018-06-01 02:01 - 2012-08-08 20:10 - 000204952 _____ C:\Windows\SysWOW64\ativvsvl.dat 2018-06-01 02:01 - 2012-08-08 20:10 - 000204952 _____ C:\Windows\system32\ativvsvl.dat 2018-06-01 02:01 - 2012-08-08 20:10 - 000157144 _____ C:\Windows\SysWOW64\ativvsva.dat 2018-06-01 02:01 - 2012-08-08 20:10 - 000157144 _____ C:\Windows\system32\ativvsva.dat 2018-06-01 02:01 - 2012-08-08 20:08 - 000051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll 2018-06-01 02:01 - 2012-08-08 20:08 - 000046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2018-06-01 02:01 - 2012-08-08 20:08 - 000044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll 2018-06-01 02:01 - 2012-08-08 20:08 - 000044032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2018-06-01 02:01 - 2012-08-08 20:07 - 016034304 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll 2018-06-01 02:01 - 2012-08-08 20:03 - 013605888 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2018-06-01 02:01 - 2012-08-08 20:03 - 004753408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2018-06-01 02:01 - 2012-08-08 20:02 - 003187136 _____ C:\Windows\SysWOW64\atiumdva.cap 2018-06-01 02:01 - 2012-08-08 19:59 - 006676480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2018-06-01 02:01 - 2012-08-08 19:49 - 000540672 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2018-06-01 02:01 - 2012-08-08 19:49 - 000368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2018-06-01 02:01 - 2012-08-08 19:48 - 000368640 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2018-06-01 02:01 - 2012-08-08 19:48 - 000041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2018-06-01 02:01 - 2012-08-08 19:48 - 000033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2018-06-01 02:01 - 2012-08-08 19:48 - 000017920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2018-06-01 02:01 - 2012-08-08 19:48 - 000014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2018-06-01 02:01 - 2012-08-08 19:48 - 000014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2018-06-01 02:01 - 2012-08-08 19:47 - 000129536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2018-06-01 02:01 - 2012-08-08 19:47 - 000109568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2018-06-01 02:01 - 2012-08-08 19:47 - 000103936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2018-06-01 02:01 - 2012-08-08 19:47 - 000083456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2018-06-01 02:01 - 2012-08-08 19:46 - 000053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2018-06-01 02:01 - 2012-08-08 19:44 - 000056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2018-06-01 02:01 - 2012-08-08 19:43 - 000056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2018-06-01 02:01 - 2012-08-08 19:43 - 000056832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2018-06-01 02:01 - 2012-08-08 19:43 - 000056320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2018-06-01 02:01 - 2012-07-17 18:59 - 000098472 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW86.sys 2018-06-01 02:01 - 2012-07-16 15:33 - 000038557 _____ C:\Windows\atiogl.xml 2018-06-01 02:01 - 2012-04-13 01:30 - 000637743 _____ C:\Windows\system32\atiicdxx.dat 2018-06-01 02:01 - 2011-09-13 04:06 - 000003917 _____ C:\Windows\SysWOW64\atipblag.dat 2018-06-01 02:01 - 2011-09-13 04:06 - 000003917 _____ C:\Windows\system32\atipblag.dat 2018-06-01 02:01 - 2010-08-28 00:33 - 000332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe 2018-06-01 02:01 - 2009-06-22 21:34 - 000051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe 2018-06-01 02:01 - 2009-05-12 03:35 - 000118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe 2018-06-01 02:00 - 2018-06-01 02:02 - 000000000 ____D C:\Program Files\ATI Technologies 2018-06-01 02:00 - 2018-06-01 02:00 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\WinRAR 2018-06-01 02:00 - 2018-06-01 02:00 - 000000000 ____D C:\Program Files\ATI 2018-06-01 01:59 - 2018-06-01 01:59 - 000000000 ____D C:\Program Files\WinRAR 2018-06-01 01:52 - 2018-06-02 13:16 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2066757042-3480725279-2205414077-1001 2018-06-01 01:52 - 2018-06-01 01:52 - 000000440 __RSH C:\ProgramData\ntuser.pol 2018-06-01 01:46 - 2018-06-01 22:07 - 000000000 ____D C:\Users\Ivanov 2018-06-01 01:46 - 2018-06-01 02:52 - 000000000 ____D C:\Users\Ivanov\AppData\Local\Packages 2018-06-01 01:46 - 2018-06-01 01:46 - 000001446 _____ C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2018-06-01 01:46 - 2018-06-01 01:46 - 000000020 ___SH C:\Users\Ivanov\ntuser.ini 2018-06-01 01:46 - 2018-06-01 01:46 - 000000000 ____D C:\Users\Ivanov\AppData\Roaming\Adobe 2018-06-01 01:46 - 2018-06-01 01:46 - 000000000 ____D C:\Users\Ivanov\AppData\Local\VirtualStore 2018-06-01 01:46 - 2014-11-21 11:53 - 000000369 _____ C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2018-06-01 01:46 - 2014-11-21 11:53 - 000000369 _____ C:\Users\Ivanov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2018-06-01 01:45 - 2018-06-01 01:45 - 000000000 ____D C:\Windows\CSC 2018-06-01 01:39 - 2018-06-01 01:39 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2018-05-31 16:37 - 2018-05-31 16:37 - 001321760 _____ (CheckMAL Inc.) C:\Windows\system32\AppCheck64.dll 2018-05-31 16:37 - 2018-05-31 16:37 - 001194976 _____ (CheckMAL Inc.) C:\Windows\SysWOW64\AppCheck32.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-06-02 13:10 - 2013-08-22 17:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-06-02 12:51 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2018-06-02 12:51 - 2013-08-22 18:20 - 000000000 ____D C:\Windows\CbsTemp 2018-06-02 09:43 - 2014-11-21 11:43 - 000818732 _____ C:\Windows\system32\PerfStringBackup.INI 2018-06-02 09:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\Inf 2018-06-02 09:10 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2018-06-02 09:04 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\AppReadiness 2018-06-02 02:00 - 2013-08-22 18:36 - 000000000 ___HD C:\Program Files\WindowsApps 2018-06-01 21:21 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-06-01 21:21 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\system32\Macromed 2018-06-01 19:56 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\tracing 2018-06-01 10:04 - 2013-08-22 16:25 - 000000122 _____ C:\Windows\win.ini 2018-06-01 06:30 - 2013-08-22 17:44 - 000337808 _____ C:\Windows\system32\FNTCACHE.DAT 2018-06-01 06:25 - 2013-08-22 18:36 - 000000000 ___RD C:\Windows\ToastData 2018-06-01 06:24 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\SysWOW64\setup 2018-06-01 06:24 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\system32\setup 2018-06-01 06:24 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\PolicyDefinitions 2018-06-01 06:24 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Windows Defender 2018-06-01 06:24 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2018-06-01 06:24 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\oobe 2018-06-01 06:23 - 2014-11-21 11:25 - 000000000 ____D C:\Program Files\Windows Journal 2018-06-01 03:43 - 2014-11-21 19:23 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-06-01 03:43 - 2014-11-21 19:23 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-06-01 02:42 - 2013-08-22 18:36 - 000000000 ___HD C:\Windows\ELAMBKUP 2018-06-01 02:37 - 2013-08-22 18:36 - 000262144 _____ C:\Windows\system32\config\BCD-Template 2018-06-01 02:01 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-06-01 01:51 - 2013-08-22 18:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy 2018-06-01 01:48 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\rescache ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-06-01 01:38 ==================== End of FRST.txt ============================ Addition.txt
  24. Добър вечер имам съмнение за вирус който по някакъв начин е свързан с интернет-а ми През определен период от време от порядъка на час и половина нета ми буквално забива. Имам 2 лан карти тествах ги и не е от тях за това реших да се допитам до вас Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03 Ran by GAMEPC (administrator) on GAMEPC-PC (01-09-2018 20:09:16) Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (TeamSpeak Systems GmbH) C:\Users\GAMEPC\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2017-09-08] () HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-30] (Valve Corporation) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Viber] => C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe [33453640 2018-08-21] (Viber Media S.Ã r.l.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {2d2c5be0-94b8-11e7-8704-048d38748987} - E:\stp-fifa18.exe HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {609d2171-c4d2-11e7-a1c0-048d38748987} - F:\Lenovo_Suite.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 87.121.24.12 Tcpip\..\Interfaces\{BFE47783-CFC6-4DEE-8858-A9889FC23A55}: [DhcpNameServer] 87.121.24.12 Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 87.121.24.12 Internet Explorer: ================== HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle Corporation) FireFox: ======== FF DefaultProfile: mrpwyf7s.default FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2018-08-28] FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2018-07-25] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-15] () FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-15] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-08-21] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-08-21] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.bg/" CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2018-09-01] CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-08] CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08] CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (Hoxx VPN Proxy) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2018-08-27] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-08] CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-06-25] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7212480 2018-08-08] () S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-07-29] (EasyAntiCheat Ltd) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-29] (Hi-Rez Studios) [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (REALiX(tm)) S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros Co., Ltd.) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation) R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corporation ) S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-01 20:09 - 2018-09-01 20:09 - 000015452 _____ C:\Users\GAMEPC\Downloads\FRST.txt 2018-09-01 20:08 - 2018-09-01 20:09 - 002413056 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe 2018-09-01 17:36 - 2018-09-01 17:36 - 000014477 _____ C:\Users\GAMEPC\Downloads\Upgrade.2018.BRRip.AC3.X264-CMRG.torrent 2018-09-01 03:38 - 2018-09-01 03:38 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\SmartSteamEmu 2018-09-01 03:13 - 2018-09-01 03:13 - 000059462 _____ C:\Users\GAMEPC\Downloads\HALF-LIFE 2 (1).torrent 2018-09-01 03:13 - 2018-09-01 03:13 - 000012474 _____ C:\Users\GAMEPC\Downloads\Half-Life 2 Episode Two v2257546 FiNAL.torrent 2018-09-01 03:12 - 2018-09-01 03:12 - 000059462 _____ C:\Users\GAMEPC\Downloads\HALF-LIFE 2.torrent 2018-09-01 02:55 - 2018-09-01 02:55 - 000060204 _____ C:\Users\GAMEPC\Downloads\Half Life 2. Crack & Cd Key. Works.rar.torrent 2018-08-30 15:56 - 2018-08-30 15:56 - 000013166 _____ C:\Users\GAMEPC\Downloads\Captain.America.The.First.Avenger.2011.BRRip.XviD.BGAudio-SLSS.torrent 2018-08-30 15:56 - 2018-08-30 15:56 - 000013166 _____ C:\Users\GAMEPC\Downloads\Captain.America.The.First.Avenger.2011.BRRip.XviD.BGAudio-SLSS (1).torrent 2018-08-30 15:54 - 2018-08-30 15:54 - 000019853 _____ C:\Users\GAMEPC\Downloads\Captain.America.The.First.Avenger.2011.480p.BDRip.XviD.DUAL-KiNGS.torrent 2018-08-28 18:10 - 2018-08-28 18:10 - 000014341 _____ C:\Users\GAMEPC\Downloads\Scary Movie 4 (2006) DVDRip.BGAudio-CoveR.avi.torrent 2018-08-28 00:34 - 2018-08-21 13:24 - 000132408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2018-08-28 00:31 - 2018-08-22 19:12 - 032457736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2018-08-28 00:31 - 2018-08-22 19:12 - 017014632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2018-08-28 00:31 - 2018-08-22 19:12 - 000628560 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2018-08-28 00:31 - 2018-08-22 19:12 - 000519120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 040346976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 035250176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 031248576 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 025964944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 019088480 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 017755768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 015699512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 015169920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 013732120 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 011276424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 004085328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 003967304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 003504968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 002015184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439907.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001564136 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001467728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439907.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001420296 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001217352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001159096 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 001093456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000906608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000546880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000464536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000420032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000182624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000164792 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000159736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2018-08-28 00:31 - 2018-08-22 19:11 - 000142656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2018-08-27 18:10 - 2018-08-27 18:10 - 000106090 _____ C:\Users\GAMEPC\Downloads\Pirates_of_the_Caribbean_Dead_Men_Tell_No_Tales_2017.(subs.sab.bz).rar 2018-08-27 18:10 - 2018-08-27 18:10 - 000016254 _____ C:\Users\GAMEPC\Downloads\Pirates.of.the.Caribbean.Dead.Men.Tell.No.Tales.2017.BRRip.XViD.AC3-HUD.torrent 2018-08-27 02:28 - 2018-08-27 02:29 - 000493548 _____ C:\Users\GAMEPC\Downloads\The Simpsons S01 - S27 Mega Pack x265.torrent 2018-08-26 17:54 - 2018-08-26 17:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Viber 2018-08-26 10:45 - 2018-08-26 10:45 - 000022858 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x19___Whiskey_Business.(subs.sab.bz).rar 2018-08-26 10:45 - 2018-08-26 10:45 - 000020450 _____ C:\Users\GAMEPC\Downloads\The_Simpsons__24x20__The_Fabulous_Faker_Boy.(subs.sab.bz).rar 2018-08-26 08:04 - 2018-08-26 08:04 - 000022840 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x17___What_Animated_Women_Want.(subs.sab.bz).rar 2018-08-26 08:04 - 2018-08-26 08:04 - 000021986 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x18___Pulpit_Friction.(subs.sab.bz).rar 2018-08-26 03:59 - 2018-08-26 03:59 - 000021949 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x16.(subs.sab.bz).rar 2018-08-26 03:59 - 2018-08-26 03:59 - 000020900 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x15___Black_Eyed__Please.(subs.sab.bz).rar 2018-08-26 03:22 - 2018-08-26 03:22 - 000022549 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x14___Gorgeous_Grampa.(subs.sab.bz).rar 2018-08-26 03:22 - 2018-08-26 03:22 - 000018792 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x13___Hardly_Kirk_ing.(subs.sab.bz).rar 2018-08-24 09:07 - 2018-08-24 09:07 - 000021584 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x12___Love_Is_a_Many_Splintered_Thing.(subs.sab.bz).rar 2018-08-24 08:28 - 2018-08-24 08:28 - 000021542 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x11___Changing_of_the_Guardian.(subs.sab.bz).rar 2018-08-24 08:28 - 2018-08-24 08:28 - 000018550 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x10___A_Test_Before_Trying.(subs.sab.bz).rar 2018-08-24 04:23 - 2018-08-24 04:23 - 000019082 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x09___Homer_Goes_to_Prep_School.(subs.sab.bz).rar 2018-08-24 03:33 - 2018-08-24 03:33 - 000022972 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x07___The_Day_The_Earth_Stood_Cool.(subs.sab.bz).rar 2018-08-24 03:33 - 2018-08-24 03:33 - 000020357 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x08___To_Cur_With_Love.(subs.sab.bz).rar 2018-08-23 09:03 - 2018-08-23 09:03 - 000018620 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x06___A_Tree_Grows_in_Springfield.(subs.sab.bz).rar 2018-08-23 08:41 - 2018-08-23 08:41 - 000020144 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x05___Penny_Wiseguys.(subs.sab.bz).rar 2018-08-23 04:21 - 2018-08-23 04:21 - 000020846 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x04___Gone_Abie_Gone..(subs.sab.bz).rar 2018-08-23 04:19 - 2018-08-23 04:19 - 000021718 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x03___Adventures_in_Baby_Getting.(subs.sab.bz).rar 2018-08-23 03:21 - 2018-08-23 03:21 - 000021140 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x01___Moonshine_River.(subs.sab.bz) (1).rar 2018-08-23 03:21 - 2018-08-23 03:21 - 000017872 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x02___Treehouse_of_Horror_XXIII.(subs.sab.bz) (1).rar 2018-08-23 03:21 - 2018-08-23 03:21 - 000014133 _____ C:\Users\GAMEPC\Downloads\The.Simpsons.Season.24.HDTV.x264-***.torrent 2018-08-23 03:21 - 2018-08-23 03:21 - 000014133 _____ C:\Users\GAMEPC\Downloads\The.Simpsons.Season.24.HDTV.x264-*** (1).torrent 2018-08-23 03:20 - 2018-08-23 03:20 - 000021140 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x01___Moonshine_River.(subs.sab.bz).rar 2018-08-23 03:20 - 2018-08-23 03:20 - 000017872 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___24x02___Treehouse_of_Horror_XXIII.(subs.sab.bz).rar 2018-08-23 03:19 - 2018-08-23 03:19 - 000012426 _____ C:\Users\GAMEPC\Downloads\The.Simpsons.Season.24.HDTV.XviD-***.torrent 2018-08-22 09:27 - 2018-08-22 09:27 - 000021840 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x21___Ned__N__Edna_s_Blend.(subs.sab.bz) (1).rar 2018-08-22 09:26 - 2018-08-22 09:26 - 000021840 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x21___Ned__N__Edna_s_Blend.(subs.sab.bz).rar 2018-08-22 09:26 - 2018-08-22 09:26 - 000019622 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x20___The_Spy_Who_Learned_Me.(subs.sab.bz).rar 2018-08-22 03:41 - 2018-08-22 03:41 - 000019260 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x19____A_Totally_Fun_Thing_Bart_Will_Never_Do_Again.(subs.sab.bz).rar 2018-08-22 03:41 - 2018-08-22 03:41 - 000018680 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x18___Beware_My_Cheating_Bart.(subs.sab.bz) (1).rar 2018-08-22 02:28 - 2018-08-22 02:28 - 000018680 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x18___Beware_My_Cheating_Bart.(subs.sab.bz).rar 2018-08-22 02:27 - 2018-08-22 02:27 - 000018962 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x17___Them__Robot.(subs.sab.bz).rar 2018-08-22 02:27 - 2018-08-22 02:27 - 000009178 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x16___How_I_Wet_Your_Mother.(subs.sab.bz) (1).rar 2018-08-21 16:59 - 2018-08-21 16:59 - 000003506 _____ C:\Windows\System32\Tasks\GAMEPC 2018-08-21 13:29 - 2018-08-21 13:29 - 000009178 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x16___How_I_Wet_Your_Mother.(subs.sab.bz).rar 2018-08-21 11:56 - 2018-08-21 11:56 - 000019710 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x15___Exit_Through_the_Kwik_E_Mart.(subs.sab.bz).rar 2018-08-21 11:14 - 2018-08-21 11:14 - 000018647 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x14___At_Long_Last_Leave.(subs.sab.bz).rar 2018-08-21 11:14 - 2018-08-21 11:14 - 000016842 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x13___The_Daughter_Also_Rises_.(subs.sab.bz).rar 2018-08-21 03:31 - 2018-08-21 03:31 - 000017623 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x12___Moe_Goes_from_Rags_to_Riches.(subs.sab.bz).rar 2018-08-21 02:23 - 2018-08-21 02:23 - 000022312 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x10___Politically_Inept__with_Homer_Simpson.(subs.sab.bz) (1).rar 2018-08-21 02:23 - 2018-08-21 02:23 - 000019117 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x11___The_D_oh_cial_Network.(subs.sab.bz).rar 2018-08-20 00:25 - 2018-08-20 00:25 - 000012347 _____ C:\Users\GAMEPC\Downloads\Euro Truck Simulator 2 [v 1.30.2.2s + 56 DLC] (2013) PC RePack.torrent 2018-08-19 21:03 - 2018-08-19 21:08 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\.ACEStream 2018-08-19 21:03 - 2018-08-19 21:03 - 000000000 ___HD C:\_acestream_cache_ 2018-08-19 20:58 - 2018-08-19 21:00 - 079522432 _____ C:\Users\GAMEPC\Downloads\Ace_Stream_Media_3.1.2.exe 2018-08-19 04:15 - 2018-08-19 04:15 - 000022312 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x10___Politically_Inept__with_Homer_Simpson.(subs.sab.bz).rar 2018-08-19 03:39 - 2018-08-19 03:39 - 000021035 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x08___The_Ten_Per_Cent_Solution.(subs.sab.bz).rar 2018-08-19 03:39 - 2018-08-19 03:39 - 000019249 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x09___Holidays_of_Future_Passed.(subs.sab.bz).rar 2018-08-19 02:42 - 2018-08-19 02:42 - 000023026 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x06___The_Book_Job.(subs.sab.bz).rar 2018-08-19 02:42 - 2018-08-19 02:42 - 000021969 _____ C:\Users\GAMEPC\Downloads\The_Simpsons___23x07___The_Man_in_the_Blue_Flannel_Pants.(subs.sab.bz).rar 2018-08-18 17:22 - 2018-08-18 17:22 - 000000000 ____D C:\Users\GAMEPC\AppData\LocalLow\SKS 2018-08-13 21:06 - 2018-08-13 21:06 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\EasyAntiCheat 2018-08-04 02:57 - 2018-08-14 23:50 - 000000000 ____D C:\Users\GAMEPC\Documents\ETS2MP 2018-08-04 02:57 - 2018-08-04 02:57 - 000000000 ____D C:\ProgramData\TruckersMP 2018-08-04 02:56 - 2018-08-04 02:56 - 000000681 _____ C:\Users\Public\Desktop\TruckersMP.lnk 2018-08-04 02:56 - 2018-08-04 02:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher 2018-08-03 23:58 - 2018-08-31 23:52 - 000000000 ____D C:\Users\GAMEPC\Documents\Euro Truck Simulator 2 2018-08-03 23:46 - 2018-08-03 23:46 - 000000222 _____ C:\Users\GAMEPC\Desktop\Euro Truck Simulator 2.url ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-01 20:09 - 2018-04-05 15:41 - 000000000 ____D C:\FRST 2018-09-01 19:59 - 2017-09-19 23:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\T