Премини към съдържанието

Филтри за търсене

Показани резултати за тагове 'приключен'.

  • Търсене по таг

    Въведете тагове разделени със запетая
  • Търсене по автор

Търсене в


Форуми

  • Софтуер
    • Нови Програми
    • Търсене на Програми
    • Програми - Проблеми и Дискусии
    • Драйвери - Търсене, Проблеми, Линкове
    • Операционни системи
    • Сигурност и антивирусна защита
    • Игри
  • Хардуер
    • Общи хардуерни въпроси
    • Преносими компютри
    • Дънни платки
    • Запаметяващи устройства и памети
    • Монитори, Аудио и Видеокарти
    • Периферия
    • Овърклок и PC модинг
    • Нови конфигурации и части, въпроси, препоръки и мнения
  • Мобилни телефони, GSM, Мобилни приложения, Комуникации
    • Мобилни телефони - Въпроси, Проблеми, Софтуер
    • Съвети при избор на телефон
    • Мобилни Приложения (Apps)
    • Мобилни оператори, Мрежи, Промоции, Абонаменти, Услуги
    • Други теми относно мобилни телефони
  • Уеб дизайн, Графичен дизайн, Програмиране
    • Програмиране
    • Графичен Дизайн и Визуални изкуства
    • CMS, Форумни и Торент системи
    • Хостинг, Домейни, Уеб сървъри
    • SEO, Уеб оптимизация и стандарти
  • Битова Техника
    • Аудиотехника
    • Телевизори, Видео и Фото техника, Видео наблюдение
    • Климатици - проблеми, съвети, въпроси
    • Бойлери, Печки, Отопление
    • Друга битова техника
  • Интернет, Локални Мрежи и GPS Навигации
    • Интернет, WiFi, xDSL и Локална Мрежа
    • Биткойн и Криптовалути
    • Онлайн бизнес, AdSense, Affilate програми
    • Рутери, Модеми, Суичове
    • Facebook - проблеми, въпроси, вируси
    • Skype, VoIP - Интернет телефония
    • GPS, Навигационни системи - Въпроси, Карти, Проблеми
  • Изкуство
    • Музика
    • Кино и Телевизия
    • Поезия и Лично творчество
    • Изкуство - Изящно, Приложно и Сценично
    • Фотография и Фотографска техника
    • Литература, Книги (e-books, video trainings, tutorials & etc.)
  • Други
    • Статии и ревюта
    • Образование и обща култура
    • Религия, Мистика, Езотерика
    • История
    • Философия
    • Психология и Психотерапия
    • Новини от България и Света
    • Българите по света
    • Политика
    • Право и Юридически консултации
    • Здраве и Mедицина
    • Банки, Застраховане, Финанси, Кредити
    • Тийн Зона (Teen Zone)
    • Купувам / Продавам
    • Всичко останало
  • Хоби, Развлечение и Свободно време
  • За kaldata.com
  • Теми
  • Photoshop майнаци Теми
  • python3 data types
  • какви са ви любимите игри?? Темиигри за вас
  • супрески игри и рекорди Темиигри за вас

Блогове

Няма резултати

Няма резултати

Категории

  • Компютри
    • Компютърни конфигурации
    • Компютърни компоненти
    • Периферни устройства
    • Дънни платки
    • Мултимедия
    • Компютърни игри и софтуер
    • Администриране и интернет услуги
    • Компютърни аксесоари
    • Лаптопи и таблети
    • Видеокарти
    • Монитори
    • Процесори
    • Хард дискове и Памети
    • Други
  • Електроника
    • Телефони, GSM апарати
    • Аудио
    • Битова електроника
    • GPS и навигационни системи
    • Фотоапарати и обективи
    • TV и Видео
    • Други
  • Имоти
    • Гарсониери
    • Къщи и вили
    • Търговски площи
    • Гаражи
    • Апартаменти
    • Терени
    • Офиси
    • Други имоти в продажба
  • Авто-мото
    • Автомобили
    • Велосипеди
    • Лодки
    • Резервни части
    • Авто аксесоари
    • Мотоциклети
    • Скутери и ATV
    • Камиони и Автобуси
    • Авто сервизи и Rent-a-Car
    • Други
  • Работа
    • Работа в страната
    • Работа в чужбина
    • Стажове
    • Работа от вкъщи
    • Непълно работно време
  • Услуги
  • Строителство
  • Туризъм
  • Курсове и обучение
  • Домашни любимци
  • Други
  • супрески игри и рекорди Обяви
  • супрески игри и рекорди Обяви

Категории

  • Домашни любимци и Животни
  • Игри
  • Инциденти и Екстремни
  • Коли и превозни средства
  • Музика
    • Българска музика
    • Джаз
    • Електронна
    • Метъл и Рок
    • Народна и Фолклор
    • Поп и Диско
    • Поп-фолк
    • Рап и хип-хоп
    • Ритъм енд блус и соул
    • Друга
  • Новини и политика
  • Реклами
  • Смях и Развлечение
  • Спорт
  • Технологии, Компютри, Хардуер
  • ТВ Предавания и Шоу Програми
  • Хора и блогове
  • Филми и анимация
  • Други
  • Old School Hip-Hop and Electroo 80" Видео клипчета

Календари

  • Събития
  • Изложения
  • Семинари
  • Парти
  • Празници в България

Групи продукти

  • Банер Реклами

Търсене в...

Търси резултати които съдържат...


Дата

  • Начало

    Край


Последно обновяване

  • Начало

    Край


Филтриране по брой...

Регистрация

  • Начало

    Край


Група


Skype


Facebook


Google+


Twitter


ICQ


Yahoo


Интернет сайт


Град


Интереси

Открити 302 резултата

  1. Здравейте!От известно време имам забавяне и забиване на системата и затова вчера и днес пуснах няколко сканирвания с две различни версии на Eset-a.С най-новата версия откри 4 инфектирани файла.С другата при първото сканирване включих и дял D и също 4.При второто без дял D,3 такива.Чудя се дали трябва да се трият тези файлове.Това са логовете. Eset Online Scanner-07.09.2019.txt Eset Online Scanner-08.09.2019.txt
  2. Здравейте, повече от година изполвам емuлатора за Android под Windows MEmu Play. Седмица след автоматичното му обновяване до версия 6.2.3 антивируса ми - Avira започна почти постоянно да ми изкарва прозорец за засечен Malwarе. Почти година не съм инсталирал нищо ново и за това мисля че гадините са се промъкнали с ъпдейта. Моля за помощ. Предварително Ви благодаря.
  3. Здравейте. Имам един компютър който е доставен преди години от фирма свързана със софтуер за управление на дадена апаратура. Вчера не искаше да тръгне. При пускането на машината започва да зарежда в началото както трябва докато стигне до момента в който трябва да покаже десктопа. Но вместо десктоп, показваше съобщение,че Windows не е легален и трябва да го активирам. Имаше две възможности YES или NO, но която и да избера нищо не се променяше. Съобщението се показваше отново и не ме да вляза. След няколко многократни опита по някакъв начин влязох в системата, но тя работеше много бавно. Каквото и да отворя водеше до затормозяване на компа. Сега даже през Хром не успях да сваля Farbar, даваше, ми че е вирус. Успях с много зор да го сваля през Мозила. Сканирах и с Касперски вчера. FRST.txt Addition.txt report.txt
  4. Здравейте, от известно време се появи следния проблем - малко след зареждането на Windows 8.1, започва самоволно стартиране на браузъра по подразбиране, като се отварят по 4-5 прозореца, а понякога и по повече. Прегледах някои теми за сходни проблеми във форума и трябва да отбележа една съществена разлика - при мен браузера се стартира с началния си екран и НЕ тръгва да зарежда някаква страница в интернет... просто си стои на началната страница и стартира още прозорци. След като успях да направя така, че да нямам браузър по default започна да се отваря диалогов прозорец с надпис: "How do you want to open this type of link (http)?", като отдолу са изредени браузерите и win store. Други неща, които се случват: отваряне на десния панел на десктопа на секцията "Search", превключване м/у различни отворени прозорци, отваряне на нови табове при работещ браузър, обхождане на менютата на отворени прозорци, и всичко това придружено със звуков сигнал (бибкане). До момента сканирано с: - Windows defender; - Kasperski Free; - Dr. Web; - Malwarebytes... и всички казват, че системата е чиста... Това е в общи линии. Прилагам резултатите от FRST, благодаря предварително Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01 Ran by Kire (administrator) on KIRE-PC (04-03-2019 11:39:00) Running from C:\Users\Kire\Desktop Loaded Profiles: Kire (Available Profiles: Kire) Platform: Windows 8.1 Enterprise (Update) (X64) Language: English (United States) Default browser: "C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe" "%1" Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera_crashreporter.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe (Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392856 2015-03-20] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed] HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Viber] => C:\Users\Kire\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.) HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-11-21] (Microsoft Windows -> Microsoft Corporation) Startup: C:\Users\Kire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изпращане в OneNote.lnk [2018-04-21] ShortcutTarget: Изпращане в OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 217.9.239.90 217.9.239.94 Tcpip\..\Interfaces\{0AFEE81C-413D-4C4C-87C4-B73D21E67655}: [DhcpNameServer] 217.9.239.90 217.9.239.94 Tcpip\..\Interfaces\{8D5336D0-E0A6-456B-BDA5-1F85837A1179}: [NameServer] 8.8.8.8,8.8.4.4 Internet Explorer: ================== HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/ HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab) DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://ebb.ubb.bg/CAPICOM/capicom.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-02-21] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi FF HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\Kire\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1687209997-659643034-1432533341-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Kire\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File] Chrome: ======= CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd CHR HKU\S-1-5-21-1687209997-659643034-1432533341-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [297888 2016-11-08] (Advanced Micro Devices, Inc. -> AMD) R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab) S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab) R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [144152 2018-11-21] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [26567696 2016-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [528800 2016-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2016-04-12] (Disc Soft Ltd -> Disc Soft Ltd) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [529392 2015-08-05] (Intel(R) Intel Network Drivers -> Intel Corporation) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2740056 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123152 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [89168 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [219744 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLHK; C:\Windows\System32\drivers\klhk.sys [1214752 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1113696 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-02-12] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (Kaspersky Lab -> AO Kaspersky Lab) S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45768 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab) R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project) S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (Kaspersky Lab -> AO Kaspersky Lab) R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [176976 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [203968 2018-02-24] (Kaspersky Lab -> AO Kaspersky Lab) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-02-24] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-02-24] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72864 2019-02-24] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-02-24] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [114040 2019-02-24] (Malwarebytes Corporation -> Malwarebytes) S3 s115bus; C:\Windows\System32\drivers\s115bus.sys [108296 2007-04-23] (MCCI Corporation -> MCCI Corporation) S3 s115mdfl; C:\Windows\system32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation -> MCCI Corporation) S3 s115mdm; C:\Windows\system32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation -> MCCI Corporation) S3 s115mgmt; C:\Windows\system32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation -> MCCI Corporation) S3 s115obex; C:\Windows\system32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation -> MCCI Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-04 11:39 - 2019-03-04 11:39 - 000016906 _____ C:\Users\Kire\Desktop\FRST.txt 2019-03-04 11:38 - 2019-03-04 11:39 - 000000000 ____D C:\FRST 2019-03-04 11:35 - 2019-03-04 11:35 - 002434560 _____ (Farbar) C:\Users\Kire\Desktop\FRST64.exe 2019-02-24 16:56 - 2019-02-24 16:56 - 000072864 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-02-24 16:55 - 2019-02-24 16:55 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-02-24 16:55 - 2019-02-24 16:55 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-02-24 16:55 - 2019-02-24 16:55 - 000114040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-02-24 16:47 - 2019-02-24 16:51 - 000000000 ____D C:\AdwCleaner 2019-02-24 16:44 - 2019-02-24 16:44 - 000002305 _____ C:\Users\Kire\Desktop\mbma.txt 2019-02-24 16:32 - 2019-02-24 16:32 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-02-24 16:32 - 2019-02-24 16:32 - 000001843 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbamtray 2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbam 2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-02-24 16:32 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\Program Files\Malwarebytes 2019-02-22 00:47 - 2019-02-22 00:47 - 000020476 _____ C:\Windows\ntbtlog.txt 2019-02-22 00:38 - 2019-02-22 01:49 - 000000000 ____D C:\Windows\pss 2019-02-21 23:52 - 2019-02-21 23:52 - 000071912 _____ C:\Users\Kire\Documents\cc_20190221_235210.reg 2019-02-21 23:44 - 2019-02-22 00:56 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update 2019-02-21 23:44 - 2019-02-21 23:44 - 000002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2019-02-21 23:44 - 2019-02-21 23:44 - 000000794 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-02-21 23:44 - 2019-02-21 23:44 - 000000000 ____D C:\Program Files\CCleaner 2019-02-21 23:43 - 2019-02-21 23:43 - 019385224 _____ (Piriform Software Ltd) C:\Users\Kire\Desktop\cctrialsetup.exe 2019-02-21 23:40 - 2019-02-21 23:40 - 000001446 _____ C:\Users\Kire\Desktop\uTorrent.exe - Shortcut.lnk 2019-02-21 23:36 - 2019-02-21 23:36 - 000000272 _____ C:\Users\Kire\Desktop\nod.txt 2019-02-21 21:31 - 2019-02-21 21:31 - 000000000 ____D C:\Users\Kire\AppData\Local\ESET 2019-02-21 21:30 - 2019-02-21 21:30 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Kire\Desktop\esetonlinescanner_enu.exe 2019-02-21 21:28 - 2019-02-21 21:30 - 000000000 ____D C:\ProgramData\F-Secure 2019-02-21 21:27 - 2019-02-22 00:28 - 000000000 ____D C:\Users\Kire\AppData\Local\FSDART 2019-02-21 21:27 - 2019-02-21 21:27 - 009603600 _____ (F-Secure Corporation) C:\Users\Kire\Desktop\F-SecureOnlineScanner.exe 2019-02-21 21:27 - 2019-02-21 21:27 - 000000000 ____D C:\Users\Kire\AppData\Local\F-Secure 2019-02-21 20:27 - 2019-02-21 20:27 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} 2019-02-21 20:27 - 2019-02-21 20:27 - 000001196 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk 2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection 2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files\Common Files\AV 2019-02-21 20:26 - 2019-03-04 11:26 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2019-02-21 20:26 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2019-02-21 20:26 - 2019-02-21 20:26 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2019-02-21 20:26 - 2019-02-21 20:26 - 001113696 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2019-02-21 20:26 - 2019-02-21 20:26 - 000219744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2019-02-21 20:26 - 2019-02-21 20:26 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll 2019-02-21 20:26 - 2019-02-21 20:26 - 000002051 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk 2019-02-21 20:26 - 2019-02-21 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free 2019-02-21 20:26 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2019-02-21 20:24 - 2019-02-21 20:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2019-02-21 20:24 - 2019-02-21 20:24 - 002536320 _____ (Kaspersky Lab) C:\Users\Kire\Desktop\startup_14460.exe 2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\Users\Kire\Doctor Web 2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\ProgramData\Doctor Web 2019-02-19 23:27 - 2019-02-19 23:28 - 184226296 _____ C:\Users\Kire\Desktop\5xdzsvd7.exe 2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ C:\Users\Kire\AppData\Local\Resmon.ResmonCfg 2019-02-14 20:08 - 2019-01-26 03:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-02-14 20:07 - 2019-02-06 04:07 - 003323392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-02-14 20:07 - 2019-02-06 03:43 - 003616768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2019-02-14 20:07 - 2019-02-06 02:53 - 002780160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-02-14 20:07 - 2019-02-06 02:44 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2019-02-14 20:07 - 2019-01-26 02:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-02-14 20:07 - 2019-01-26 02:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-02-14 20:07 - 2019-01-26 02:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-02-14 20:07 - 2019-01-26 02:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-02-14 20:07 - 2019-01-26 02:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-02-14 20:07 - 2019-01-26 02:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-02-14 20:07 - 2019-01-26 02:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-02-14 20:07 - 2019-01-26 01:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-02-14 20:07 - 2019-01-26 01:56 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-02-14 20:07 - 2019-01-26 01:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-02-14 20:07 - 2019-01-26 01:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-02-14 20:07 - 2019-01-26 01:36 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-02-14 20:07 - 2019-01-26 01:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-02-14 20:07 - 2019-01-26 01:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-02-14 20:07 - 2019-01-26 01:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-02-14 20:07 - 2019-01-26 01:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-02-14 20:07 - 2019-01-26 01:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-02-14 20:07 - 2019-01-26 01:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-02-14 20:07 - 2019-01-26 01:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-02-14 20:07 - 2019-01-26 01:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-02-14 20:07 - 2019-01-26 01:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-02-14 20:07 - 2019-01-12 03:36 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-02-14 20:07 - 2019-01-12 03:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2019-02-14 20:07 - 2019-01-12 03:18 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-02-14 20:07 - 2019-01-09 08:36 - 001901688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-02-14 20:07 - 2019-01-09 08:27 - 002533920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-02-14 20:07 - 2019-01-09 08:24 - 007371512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-02-14 20:07 - 2019-01-09 05:34 - 001755136 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2019-02-14 20:07 - 2019-01-09 05:34 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll 2019-02-14 20:07 - 2019-01-09 05:21 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2019-02-14 20:07 - 2019-01-09 05:21 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll 2019-02-14 20:07 - 2019-01-08 06:54 - 000032896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-02-14 20:07 - 2019-01-08 03:22 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-02-14 20:07 - 2019-01-08 03:22 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2019-02-14 20:07 - 2019-01-05 19:48 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-02-14 20:07 - 2019-01-05 19:47 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-02-14 20:07 - 2019-01-05 19:46 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-02-14 20:07 - 2018-12-27 19:57 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2019-02-14 20:07 - 2018-12-27 18:30 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\SysWOW64\locale.nls 2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\system32\locale.nls 2019-02-14 20:07 - 2018-12-02 12:08 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2019-02-14 20:07 - 2018-12-01 18:44 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2019-02-14 20:07 - 2018-10-12 15:19 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2019-02-02 11:26 - 2019-02-02 11:26 - 000010752 _____ C:\Users\Kire\Desktop\report_structure.xls ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-04 11:38 - 2019-01-13 19:24 - 000005012 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kire-PC-Kire Kire-PC 2019-03-03 19:04 - 2016-04-14 13:11 - 000003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1460632245 2019-03-03 19:04 - 2016-04-14 13:10 - 000000000 ____D C:\Program Files (x86)\Opera 2019-02-26 21:35 - 2016-04-11 17:51 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1687209997-659643034-1432533341-1001 2019-02-26 20:14 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf 2019-02-24 17:00 - 2014-11-21 09:39 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI 2019-02-24 16:58 - 2016-04-14 13:17 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2019-02-24 16:58 - 2016-04-14 13:12 - 000000000 ____D C:\Users\Kire\AppData\Local\Adobe 2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed 2019-02-24 16:55 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-02-24 16:54 - 2016-08-25 17:16 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2019-02-22 00:39 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-02-21 23:51 - 2018-07-13 10:05 - 000000000 ____D C:\Users\Kire\AppData\Roaming\MPC-HC 2019-02-21 23:51 - 2018-02-28 15:49 - 000000000 ____D C:\Users\Kire\AppData\Roaming\TeamViewer 2019-02-21 23:51 - 2016-04-12 15:40 - 000000000 ____D C:\Users\Kire\AppData\Roaming\DAEMON Tools Lite 2019-02-21 23:51 - 2016-04-12 15:14 - 000000000 ____D C:\Users\Kire\AppData\Roaming\uTorrent 2019-02-21 23:50 - 2017-05-08 15:37 - 000000000 ____D C:\Windows\Minidump 2019-02-21 23:50 - 2016-04-12 04:38 - 000000000 ____D C:\Windows\Panther 2019-02-21 23:39 - 2016-04-12 15:15 - 000000000 ____D C:\Program Files (x86)\uTorrent 2019-02-21 20:32 - 2016-04-14 13:13 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-02-21 20:26 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP 2019-02-21 20:26 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM 2019-02-20 02:39 - 2016-04-11 17:45 - 000000000 ____D C:\Users\Kire 2019-02-14 21:08 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache 2019-02-14 20:28 - 2013-08-22 16:44 - 000551248 _____ C:\Windows\system32\FNTCACHE.DAT 2019-02-14 20:21 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp 2019-02-14 20:16 - 2016-04-12 14:59 - 000000000 ____D C:\Windows\system32\MRT 2019-02-14 20:12 - 2016-04-12 14:59 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-02-14 20:10 - 2016-04-14 13:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2019-02-02 22:07 - 2019-01-17 20:24 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-02-02 22:07 - 2019-01-17 20:24 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-02-02 11:27 - 2016-04-11 17:46 - 000000000 ____D C:\Users\Kire\AppData\Local\Packages ==================== Files in the root of some directories ======= 2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ () C:\Users\Kire\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-03-03 19:14 ==================== End of FRST.txt ============================ Addition.txt
  5. Здравейте, преди ден антивирусната ми програма непрекъснато даваше известия за троянец, който се опитва да се свърже - "Website Blocked Due to Trojan". При сканиране обаче, не се откриваше нищо. При днешното пускане на компютъра забелязах, че работи изключи бавно, непрекъснато забива и т.н. Пробвах да сканирам - антивирусната отказа да стартира. Когато цъкна рестарт всeки път излиза съобщение "Preparing to configure your computer", и отново лаптопът работи видимо затруднено. Нямам диск за операционна система, по-долу съм прикачил файловете от сканирането с Farbar. FRST.txt Addition.txt
  6. компютъра ми пише сам 100 процента е вирус , преинсталирах го проблема си остава, ако някой знае решение на проблема благодаря ето това прави ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ до като не натисна някой клавиш и след малко пак. аз нямам такова "И" в клавиатурата "Ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ"Ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ'ѝ''ѝ'''''ѝ' сега забелязах че когато сложа кавички започва "ѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝѝ благодаря
  7. Добър ден, искам да попитам дали не съм се заразил с някоя гадинка тъй като от около седмица пц-то работи доста бавно,като дори когато в момента пиша това и натисна дясно копче върху самият сайт то отворения прозорец остава така замазан на екрана както и ако отворя някоя друга програма върху сайта или друг няма значение. Дали случайно не съм се напълнил с гадинки или просто лин-а е просто за преинсталация и е доста намазан ? Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 8.02.2019 Ran by GAMEPC (administrator) on GAMEPC-PC (10-02-2019 12:37:44) Running from C:\Users\GAMEPC\Downloads Loaded Profiles: GAMEPC (Available Profiles: GAMEPC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [StereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [2362248 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Viber] => C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe [37073480 2019-01-30] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Spotify] => C:\Users\GAMEPC\AppData\Roaming\Spotify\Spotify.exe [26154216 2019-02-03] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35195280 2019-02-01] (Epic Games Inc. -> Epic Games, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc -> Google Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 94.72.140.1 Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 94.72.140.1 Internet Explorer: ================== HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: mrpwyf7s.default FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2019-01-31] FF user.js: detected! => C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\user.js [2019-01-02] FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\[email protected] [2019-01-31] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] () FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-01-30] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-01-30] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.bg/" CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2019-02-10] CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08] CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (Hoxx VPN Proxy) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcojefnccbanplpoffopkoepjmhgdgh [2019-01-23] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-08] CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07] Opera: ======= OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-12-20] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-01-31] (BattlEye Innovations e.K. -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-07-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 mracsvc; C:\Windows\System32\mracsvc.exe [11132176 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8019808 2018-03-29] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Windows -> Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R0 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [67128 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [28216 2009-04-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd -> Disc Soft Ltd) R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [13287800 2019-02-01] (FACE IT LIMITED -> ) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (Martin Malik - REALiX -> REALiX(tm)) S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [10348560 2018-10-09] (Mail.Ru LLC -> LLC Mail.Ru) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation) R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [34872 2009-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-10 12:37 - 2019-02-10 12:38 - 000016274 _____ C:\Users\GAMEPC\Downloads\FRST.txt 2019-02-10 12:37 - 2019-02-10 12:37 - 002434048 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe 2019-02-10 12:37 - 2019-02-10 12:37 - 000000000 ____D C:\FRST 2019-02-09 10:46 - 2019-02-09 10:46 - 008736903 _____ C:\Users\GAMEPC\Downloads\5. Курве.mp4 2019-02-08 23:47 - 2019-02-08 23:47 - 000004811 _____ C:\Users\GAMEPC\Downloads\niko.zip 2019-02-08 03:03 - 2019-02-08 03:03 - 067321320 _____ (Electronic Arts) C:\Users\GAMEPC\Downloads\ApexLegendsInstaller.exe 2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS.torrent 2019-02-06 23:56 - 2019-02-06 23:56 - 000014497 _____ C:\Users\GAMEPC\Downloads\Flight.of.the.Phoenix.2004.BRRip.XviD.BGAUDiO-KiNGS (1).torrent 2019-02-06 13:10 - 2019-02-06 13:10 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Viber 2019-02-05 14:41 - 2019-02-05 14:41 - 014648464 _____ (Microsoft Corporation) C:\Users\GAMEPC\Downloads\vc_redist.x86.exe 2019-02-04 20:49 - 2019-01-30 22:07 - 000133512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2019-02-04 20:47 - 2019-02-04 20:49 - 000000000 ____D C:\Windows\LastGood 2019-02-04 20:45 - 2019-02-01 23:36 - 000228768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2019-02-04 20:45 - 2019-02-01 23:36 - 000047592 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 001005984 _____ C:\Windows\system32\vulkan-1.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000869584 _____ C:\Windows\SysWOW64\vulkan-1.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000551920 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000457304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000269520 _____ C:\Windows\system32\vulkaninfo.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2019-02-04 20:45 - 2019-02-01 03:42 - 000243920 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2019-02-04 20:45 - 2019-02-01 03:41 - 071470016 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 040344024 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 030021616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 020887352 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 020409840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2019-02-04 20:45 - 2019-02-01 03:41 - 001463952 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 001129368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000631440 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000521872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000419832 _____ C:\Windows\system32\nvofapi64.dll 2019-02-04 20:45 - 2019-02-01 03:41 - 000368808 _____ C:\Windows\SysWOW64\nvofapi.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 040235096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 035140696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 004868080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 004339616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 002030736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001734560 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441881.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001533936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 001467864 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441881.dll 2019-02-04 20:45 - 2019-02-01 03:40 - 000497056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 035477392 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 031989600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 029985200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 021206192 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 020096416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 017616432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 010894304 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 009254488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 001168936 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000914912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000524248 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000450648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000419776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000182040 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000163184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000159480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2019-02-04 20:45 - 2019-02-01 03:39 - 000141568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2019-02-04 20:45 - 2019-02-01 03:38 - 017424680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2019-02-04 20:45 - 2019-02-01 03:38 - 004311968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json 2019-02-04 20:45 - 2019-01-31 08:26 - 000000669 _____ C:\Windows\system32\nv-vk64.json 2019-02-04 00:33 - 2019-02-04 00:33 - 000016205 _____ C:\Users\GAMEPC\Downloads\Beautiful.Creature.2013.BRRip.XviD.AC3.BGAUDiO-SiSO&QT.torrent 2019-02-02 19:10 - 2019-02-02 19:10 - 000032425 _____ C:\Users\GAMEPC\Downloads\Speed.2.1997.DVDRip.XviD.BGAUDiO-ZmN.torrent 2019-02-02 19:09 - 2019-02-02 19:09 - 000056272 _____ C:\Users\GAMEPC\Downloads\Speed 2 (1997)[DVDRip].torrent 2019-01-31 21:58 - 2019-01-31 21:58 - 000061719 _____ C:\Users\GAMEPC\Downloads\ggirl_din.(subs.sab.bz).rar 2019-01-31 21:58 - 2019-01-31 21:58 - 000012712 _____ C:\Users\GAMEPC\Downloads\Gone.Girl.2014.576p.BRRip.x265-DiN.torrent 2019-01-30 22:43 - 2019-01-30 22:43 - 000023223 _____ C:\Users\GAMEPC\Downloads\The.Call.2013.720p.BluRay.x264_SPARKS.(subs.sab.bz).zip 2019-01-30 22:43 - 2019-01-30 22:43 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR (1).torrent 2019-01-30 22:41 - 2019-01-30 22:41 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Call.BDRip.XviD.AC3-WAR.torrent 2019-01-30 22:22 - 2019-01-30 22:22 - 000028835 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.DC.2004.720p.HDDVD.x264_ESiR.(subs.sab.bz).zip 2019-01-30 22:22 - 2019-01-30 22:22 - 000019710 _____ C:\Users\GAMEPC\Downloads\Taking.Lives.2004.DC.BRRip.x264.AAC-WAR.torrent 2019-01-29 20:26 - 2019-01-29 20:26 - 000029511 _____ C:\Users\GAMEPC\Downloads\The_Cloverfield_Paradox.2018.HDRip.XViD_ETRG.(subs.sab.bz).zip 2019-01-29 20:26 - 2019-01-29 20:26 - 000008066 _____ C:\Users\GAMEPC\Downloads\The.Cloverfield.Paradox.2018.HDRip.XviD.AC3-EVO.torrent 2019-01-29 20:22 - 2019-01-29 20:22 - 000029721 _____ C:\Users\GAMEPC\Downloads\tucker.and.dale.vs.evil.2010.bluray.720p.dts.x264-chd(subsunacs.net).rar 2019-01-29 20:21 - 2019-01-29 20:21 - 000014671 _____ C:\Users\GAMEPC\Downloads\Tucker.And.Dale.vs.Evil.2010.BRRip.XviD-DiN.torrent 2019-01-29 20:11 - 2019-01-29 20:11 - 000014405 _____ C:\Users\GAMEPC\Downloads\Predators.2010.DVDRip.XviD.BG.AUDIO-BDB.torrent 2019-01-29 20:03 - 2019-01-29 20:03 - 000011568 _____ C:\Users\GAMEPC\Downloads\Pandorum.2008.1080p.BluRay.H264.AAC.Dual Audio-ASA.torrent 2019-01-29 19:56 - 2019-01-29 19:56 - 000015401 _____ C:\Users\GAMEPC\Downloads\Abraham.Lincoln.Vampire.Hunter.2012.480p.BDRip.x264.DUAL-SLSS.torrent 2019-01-29 19:55 - 2019-01-29 19:55 - 000027007 _____ C:\Users\GAMEPC\Downloads\cocaine.godmother.2017.720p.webrip.x264-yts.am(subsunacs.net).rar 2019-01-29 19:55 - 2019-01-29 19:55 - 000013125 _____ C:\Users\GAMEPC\Downloads\Cocaine.Godmother.2017.WEBRip.x265-DiN.torrent 2019-01-29 17:26 - 2019-01-29 17:26 - 000014876 _____ C:\Users\GAMEPC\Downloads\api-ms-win-crt-runtime-l1-1-0.dll_85.rar 2019-01-28 17:46 - 2019-01-28 17:46 - 000017617 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.720p.BluRay.x264_DON.(subs.sab.bz).rar 2019-01-28 17:46 - 2019-01-28 17:46 - 000014588 _____ C:\Users\GAMEPC\Downloads\Ghost.Ship.2002.BDRp.XviD.AC3-WAR.torrent 2019-01-28 00:46 - 2019-01-28 00:46 - 000014403 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi (1).torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000033323 _____ C:\Users\GAMEPC\Downloads\top.gear.at.the.movies.2011.bdrip.xvid-taste(subsunacs.net).rar 2019-01-28 00:02 - 2019-01-28 00:02 - 000014764 _____ C:\Users\GAMEPC\Downloads\Top.Gear.At.The.Movies.2011.BDRip.XviD-TASTE.torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000014423 _____ C:\Users\GAMEPC\Downloads\Top.Gear.S14E06.DVBRip.XviD.BGAudio.torrent 2019-01-28 00:02 - 2019-01-28 00:02 - 000011585 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Great.African.Adventure.2013.720p.BluRay.x264.torrent 2019-01-28 00:00 - 2019-01-28 00:00 - 000036810 _____ C:\Users\GAMEPC\Downloads\Top_Gear_India_Special.(subs.sab.bz).rar 2019-01-27 23:59 - 2019-01-27 23:59 - 000014401 _____ C:\Users\GAMEPC\Downloads\top_gear.17x07.india_special.hdtv_xvid-fov.avi.torrent 2019-01-26 04:50 - 2019-01-26 04:50 - 000011416 _____ C:\Users\GAMEPC\Downloads\Top Gear - Burma Special.torrent 2019-01-26 04:47 - 2019-01-26 04:47 - 000020539 _____ C:\Users\GAMEPC\Downloads\Top.Gear.The.Worst.Car.In.The.History.Of.The.World.2012.720p.BluRay.x264.torrent 2019-01-25 04:45 - 2019-01-25 04:45 - 000016631 _____ C:\Users\GAMEPC\Downloads\Top Gear - Season 16.torrent 2019-01-23 23:26 - 2019-01-23 23:26 - 000000219 _____ C:\Users\GAMEPC\Desktop\Counter-Strike Global Offensive.url 2019-01-20 15:34 - 2019-01-20 15:34 - 000094134 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x08.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000092379 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x07.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000086708 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x06.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000067819 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x10.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000063437 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x09.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000055727 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x05.(subs.sab.bz).zip 2019-01-20 15:34 - 2019-01-20 15:34 - 000051267 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_02x11.(subs.sab.bz).zip 2019-01-19 22:51 - 2019-01-19 22:51 - 000000222 _____ C:\Users\GAMEPC\Desktop\DiRT 3 Complete Edition.url 2019-01-19 17:40 - 2019-01-19 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-01-18 18:47 - 2019-01-18 18:47 - 000091478 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x04.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:47 - 000104011 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E02.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:47 - 000086312 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02x03.(subs.sab.bz).zip 2019-01-18 18:46 - 2019-01-18 18:46 - 000101264 _____ C:\Users\GAMEPC\Downloads\The_Grand_Tour_S02E01.(subs.sab.bz).zip 2019-01-18 18:45 - 2019-01-18 18:45 - 000038914 _____ C:\Users\GAMEPC\Downloads\The.Grand.Tour.S02.WEBRip.X264-Mixed.torrent 2019-01-18 18:43 - 2019-01-18 18:43 - 000028976 _____ C:\Users\GAMEPC\Downloads\_Yavka.net_Goosebumps.2.Haunted.Halloween.2018.720p.BluRay.H264.AAC-RARBG.rar 2019-01-18 18:42 - 2019-01-18 18:42 - 000014612 _____ C:\Users\GAMEPC\Downloads\Goosebumps.2.Haunted.Halloween.2018.BRRip.XViD-ETRG.torrent 2019-01-18 17:30 - 2019-01-18 17:36 - 032841688 _____ C:\Users\GAMEPC\Downloads\masturbira pred kamera.flv 2019-01-18 17:30 - 2019-01-18 17:32 - 011506791 _____ C:\Users\GAMEPC\Downloads\Bulgarian teen girl selfshot her orgasm - xHamster.com.flv 2019-01-18 17:29 - 2019-01-18 17:50 - 196627499 _____ C:\Users\GAMEPC\Downloads\Тийнейджърка.mkv 2019-01-18 17:27 - 2019-01-18 17:28 - 021624320 _____ C:\Users\GAMEPC\Downloads\Maria Bratoeva - Ruse.avi 2019-01-18 17:27 - 2019-01-18 17:27 - 003177723 _____ C:\Users\GAMEPC\Downloads\Cumming on my girlfriend's tits and face - xHamster.com.flv 2019-01-18 17:27 - 2019-01-18 17:27 - 001862496 _____ C:\Users\GAMEPC\Downloads\SEX Denica Stoqnova .3gp 2019-01-18 17:27 - 2019-01-18 17:27 - 000215130 _____ C:\Users\GAMEPC\Downloads\Seks v kenefa.3gp 2019-01-18 17:13 - 2019-01-18 17:23 - 096802616 _____ C:\Users\GAMEPC\Downloads\PUTIBG_9-2. от Асеновград пред камератаvideo (1).flv 2019-01-18 14:31 - 2019-01-18 14:31 - 000003476 _____ C:\Users\GAMEPC\Downloads\d2c4a999-a7cb-4247-957e-b682f76cd2ea-profile_image-70x70.jpeg 2019-01-18 00:46 - 2019-01-18 00:46 - 000000218 _____ C:\Users\GAMEPC\Desktop\Counter-Strike.url 2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina.avi 2019-01-17 17:01 - 2019-01-17 17:01 - 002982580 _____ C:\Users\GAMEPC\Downloads\19godina (1).avi 2019-01-17 16:57 - 2019-01-17 16:57 - 007733248 _____ C:\Users\GAMEPC\Downloads\Mimi Kavarna.3gp 2019-01-16 15:51 - 2019-01-16 15:51 - 002824729 _____ C:\Users\GAMEPC\Downloads\IMG_2378.MOV 2019-01-15 17:01 - 2019-01-12 06:02 - 000383568 _____ C:\Windows\system32\nvofapi.dll 2019-01-15 17:00 - 2019-01-12 06:01 - 002018184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441771.dll 2019-01-15 17:00 - 2019-01-12 06:01 - 001467648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441771.dll 2019-01-13 21:23 - 2019-01-13 21:23 - 000016563 _____ C:\Users\GAMEPC\Downloads\The.Hangover.Part.II.2011.BDRip.XviD.AC3.DUAL-REFLUX.torrent 2019-01-13 21:17 - 2019-01-13 21:17 - 000014673 _____ C:\Users\GAMEPC\Downloads\Accepted[2006]DvDrip[Eng]-aXXo.torrent 2019-01-13 21:09 - 2019-01-13 21:09 - 000014129 _____ C:\Users\GAMEPC\Downloads\The.Social.Network.2010.BDRip.XviD.AC3.BGAUDiO-SiSO.torrent 2019-01-11 01:57 - 2019-01-11 21:58 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\PokerStars.BG 2019-01-11 01:57 - 2019-01-11 02:00 - 000000000 ____D C:\Program Files (x86)\PokerStars.BG 2019-01-11 01:57 - 2019-01-11 01:57 - 000002008 _____ C:\Users\GAMEPC\Desktop\PokerStars.bg.lnk 2019-01-11 01:57 - 2019-01-11 01:57 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.BG 2019-01-11 01:56 - 2019-01-11 01:56 - 002174984 _____ (Rational Intellectual Holdings Ltd.) C:\Users\GAMEPC\Downloads\PokerStarsInstallBG.exe ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-02-10 12:25 - 2017-09-23 17:42 - 000000000 ____D C:\Program Files (x86)\Steam 2019-02-10 12:25 - 2017-09-08 13:03 - 000000000 ____D C:\ProgramData\NVIDIA 2019-02-10 03:18 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-02-10 03:18 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-02-10 01:24 - 2017-09-19 22:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\TS3Client 2019-02-09 17:55 - 2019-01-09 00:51 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Spotify 2019-02-09 17:37 - 2019-01-09 00:50 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Spotify 2019-02-09 10:55 - 2017-12-06 18:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ViberPC 2019-02-07 15:31 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Opera 2019-02-07 01:05 - 2018-04-14 10:49 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Ubisoft Game Launcher 2019-02-07 00:01 - 2017-09-10 00:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\qBittorrent 2019-02-05 14:13 - 2017-09-08 13:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA 2019-02-04 20:50 - 2017-09-08 12:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-02-04 20:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-02-04 20:49 - 2017-09-08 12:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-02-04 20:46 - 2017-09-08 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2019-02-03 18:42 - 2017-09-08 14:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\CrashDumps 2019-02-01 23:36 - 2017-09-08 12:19 - 001682392 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2019-02-01 21:20 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-02-01 21:19 - 2018-12-29 22:14 - 013287800 _____ C:\Windows\system32\Drivers\FACEIT.sys 2019-02-01 03:40 - 2017-09-08 12:22 - 037286456 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2019-02-01 03:39 - 2017-09-08 13:02 - 000506208 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2019-02-01 03:38 - 2017-09-08 13:02 - 004868928 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2019-01-31 22:19 - 2018-12-29 22:14 - 000000000 ____D C:\Program Files\FACEIT AC 2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-01-31 22:14 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-01-31 15:01 - 2017-09-08 12:51 - 000000000 ____D C:\Users\GAMEPC\AppData\LocalLow\Mozilla 2019-01-31 08:26 - 2017-09-08 12:21 - 000046936 _____ C:\Windows\system32\nvinfo.pb 2019-01-31 08:26 - 2017-09-08 12:20 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2019-01-30 22:09 - 2017-09-08 13:03 - 005364776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 002624824 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000651248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000450600 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000124968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2019-01-30 22:09 - 2017-09-08 13:03 - 000082800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2019-01-30 15:15 - 2017-09-08 13:03 - 008488852 _____ C:\Windows\system32\nvcoproc.bin 2019-01-29 17:21 - 2017-10-13 15:36 - 000000000 ____D C:\Users\GAMEPC\Documents\ViberDownloads 2019-01-26 16:03 - 2017-09-08 13:03 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2019-01-25 16:58 - 2018-08-04 01:57 - 000000000 ____D C:\ProgramData\TruckersMP 2019-01-21 14:28 - 2017-09-26 23:48 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\ElevatedDiagnostics 2019-01-19 23:47 - 2018-07-27 17:56 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2019-01-19 23:47 - 2018-07-27 17:56 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2019-01-19 17:40 - 2017-09-08 13:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Skype 2019-01-19 17:40 - 2017-09-08 12:39 - 000001318 _____ C:\Users\Public\Desktop\Skype.lnk 2019-01-19 17:40 - 2017-09-08 12:39 - 000000000 ____D C:\ProgramData\Skype 2019-01-19 17:39 - 2017-09-08 12:39 - 000000000 ___RD C:\Program Files (x86)\Skype 2019-01-12 02:01 - 2017-09-08 13:02 - 000505696 _____ (NVIDIA Corporation) C:\Windows\system32\SET3358.tmp 2019-01-12 02:01 - 2017-09-08 12:22 - 036884408 _____ (NVIDIA Corporation) C:\Windows\system32\SET39DF.tmp 2019-01-12 01:59 - 2017-09-08 13:02 - 004850072 _____ (NVIDIA Corporation) C:\Windows\system32\SETE88.tmp ==================== Files in the root of some directories ======= 2018-12-17 20:42 - 2018-12-23 18:48 - 000007597 _____ () C:\Users\GAMEPC\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== 2019-01-29 04:11 - 2019-01-29 04:11 - 000000196 _____ () C:\Users\GAMEPC\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll 2019-01-02 23:12 - 2019-01-06 00:10 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\25bac1013fc49581f9f82c556d27f9bb.dll 2019-01-29 04:11 - 2019-02-09 21:58 - 000000020 _____ () C:\Users\GAMEPC\AppData\Local\Temp\d92b9ce5f9f41a6d518fdcbc62bd3532.dll 2019-01-15 17:01 - 2019-01-11 11:31 - 000397520 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvStInst.exe 2019-01-19 17:38 - 2019-01-19 17:39 - 062928040 _____ (Skype Technologies S.A.) C:\Users\GAMEPC\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-02-02 06:31 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 8.02.2019 Ran by GAMEPC (10-02-2019 12:38:44) Running from C:\Users\GAMEPC\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-09-08 09:32:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2297230751-1021565052-1431566534-500 - Administrator - Disabled) GAMEPC (S-1-5-21-2297230751-1021565052-1431566534-1000 - Administrator - Enabled) => C:\Users\GAMEPC Guest (S-1-5-21-2297230751-1021565052-1431566534-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.) ATI Catalyst Install Manager (HKLM\...\{DC9C8BC1-72CE-B5FE-EA4F-6D9127E51746}) (Version: 3.0.736.0 - ATI Technologies, Inc.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP) CpuCoreParking (HKLM-x32\...\{0984C56D-2985-4786-AB62-39AB985E269C}) (Version: 2.1.2.0 - CpuCoreParking) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.81 - NVIDIA Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD) FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.14.5270 - Gretech Corporation) Google Chrome (HKLM\...\{DA081EB6-F64C-358C-9BB0-AF1EA8001F34}) (Version: 71.0.3578.98 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation) Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Bulgarian/български (HKLM-x32\...\Office14.OMUI.bg-bg) (Version: 14.0.4763.1021 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Mozilla Firefox 64.0.2 (x64 bg) (HKLM\...\Mozilla Firefox 64.0.2 (x64 bg)) (Version: 64.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 418.81 - NVIDIA Corporation) NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation) NVIDIA Graphics Driver 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 418.81 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation) NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software) PokerStars.bg (HKLM-x32\...\PokerStars.bg) (Version: - PokerStars.bg) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.16291 - Kakao Corp.) PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8556 - Kakao Corp.) qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games) Skype, версия 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Spotify) (Version: 1.0.99.250.g936eab8d - Spotify AB) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) Viber (HKLM-x32\...\{0235CB19-2284-4C34-9CF9-04078CF94C32}) (Version: 7.7.0.1126 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\{f37aa91a-8669-4ac1-bb40-8cc05c3beca1}) (Version: 7.7.0.1126 - Viber Media Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinRAR 5.50 (64-битова версия) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1EC5AF9E-5A52-4FE5-A2E8-539165748CC5} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {29CD2B59-F360-4EA0-8046-E993FB989355} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {3216E845-2829-4DBE-AA88-3252ACB814DC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3DAD135E-7AD5-4D57-B3E2-9E7F6AD9E01C} - System32\Tasks\{76A40252-E785-4407-9A98-34E12F6F05C9} => C:\Windows\system32\pcalua.exe -a "c:\program files (x86)\hi-rez studios\HiRezGamesDiagAndSupport.exe" -c uninstall=0 Task: {47FB829C-5030-4A81-8AE1-E19E047EF8CF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {593E836D-18E7-4C3A-A10E-E739556F42F1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {64503CA0-D96B-485A-A2ED-32E1ADEC5130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.) Task: {82C47114-5EDD-46D5-95B9-AA03FCB16F9C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {94F3AB4C-229D-4981-8100-F63CF93E0D45} - System32\Tasks\Opera scheduled Autoupdate 1504866897 => C:\Program Files (x86)\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software) Task: {96F1B500-22FF-4448-9D51-718DA940360E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9D60B4F8-D682-4540-9CBB-BBA043460DF1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A19D33FF-7FBC-4D6F-B122-FFBC2947D956} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {A95A63BB-59FF-4E60-A4BC-C4AF14655608} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B7BAE40D-B03C-4ABB-BBB5-9C26431B4B11} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {CB523FAF-057C-440F-B17F-8A36BBB5394E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F67C982E-B27B-4B4D-B6F1-B5474BEA2341} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {F77C5DF3-2A9F-4C58-909F-C3F4DFDE4752} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FB761E82-2ABF-4B7D-A0A8-3F00F3533DD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-08] (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Браузър Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2010-01-09 19:17 - 2010-01-09 19:17 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2018-05-24 21:15 - 2018-12-06 12:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-08-29 01:53 - 2018-12-06 01:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-08-29 01:53 - 2018-11-20 02:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2018-08-29 01:53 - 2018-11-20 02:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-08-29 01:53 - 2018-11-20 02:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2018-12-12 21:53 - 2018-12-12 07:12 - 002682336 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libglesv2.dll 2018-12-12 21:53 - 2018-12-12 07:12 - 000156640 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libegl.dll 2017-09-08 13:04 - 2018-12-06 12:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-09-23 17:44 - 2018-12-06 01:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-09-23 17:44 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-09-23 17:44 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-09-23 17:44 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-09-23 17:44 - 2019-02-02 19:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2017-12-14 10:20 - 2018-11-05 20:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2017-09-23 17:44 - 2019-02-02 19:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-09-23 17:43 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\GAMEPC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\hola.org -> hxxp://hola.org ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 94.72.140.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: FACEIT => "C:\Users\GAMEPC\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{11074DEE-7B8C-4DC2-AE4C-93DF0A309913}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D19357FE-92D5-4C15-865D-6BA1144E3141}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{21EB0059-8DA7-4F26-8EBC-947F0C4E2AAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{F8BB1871-4D02-4C5E-A222-4D557710B3E1}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{1EE7FB5D-9E25-4DA9-ACB5-D608ECDBB452}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{84ACAD4A-CAC3-405E-BED8-CCE7B6F558B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5C9FEA0E-0037-4228-8A5E-308AD75AC1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FD05E114-41E1-4EC3-B5A2-BBA593EE39E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{831352BE-7396-43E6-9657-9ED9D8BAB30D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{AB5ACC3F-22CB-469F-9EB3-8D69417E7CD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{43ADA9C0-2E56-45D1-B73D-9C89040C463D}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{06129773-C563-4DFF-8D34-BEA82843A4F0}] => (Allow) D:\SteamLibrary\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [TCP Query User{A7A3205E-5145-4588-981D-700ACBF67C2F}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [UDP Query User{FCB7CF1E-D214-47B7-8337-D288C7BAF41D}D:\arc\s\fifa 17\fifa17.exe] => (Allow) D:\arc\s\fifa 17\fifa17.exe No File FirewallRules: [TCP Query User{0D1FADB8-FCE1-4E0E-B19A-D5490965A994}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [UDP Query User{F6FECCC1-1C2E-45A5-B7AC-EAF4B88229DF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [TCP Query User{DEFA441A-0140-4630-9B49-0F0DB88705EC}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.) FirewallRules: [UDP Query User{2F3AD7BE-C36D-4E24-BFFA-EED5BE5D11F4}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.) FirewallRules: [{3B7D3801-5557-4905-A940-9FFB3D9419C2}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe () FirewallRules: [{B5A843B5-4869-438A-A418-D42BF3EC672D}] => (Allow) D:\SteamLibrary\steamapps\common\WormsRevolution\WormsRevolution.exe () FirewallRules: [{B5E37EE1-9BE1-4B57-9AD5-EEF981D7F031}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () FirewallRules: [{DC6EA5CC-0B14-4DA5-BA55-E772E5860678}] => (Allow) D:\SteamLibrary\steamapps\common\TheLongDark\tld.exe () FirewallRules: [{C118432B-871D-4268-9C07-248641F7E265}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited) FirewallRules: [{9A5D2120-07BE-4587-9767-DFFC0484207F}] => (Allow) D:\SteamLibrary\steamapps\common\F1 2015\F1_2015.exe (Codemasters Software Company Limited) FirewallRules: [{CC5A4281-306D-4711-91C7-E00E2ABEBC40}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () FirewallRules: [{8A4DCBEC-E89C-462E-8216-8A9A38C394ED}] => (Allow) D:\SteamLibrary\steamapps\common\Human Fall Flat\Human.exe () FirewallRules: [{BA413E19-022B-4719-B578-4F0E6C99F5FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FDAF511F-0C5C-4E27-8950-6B78D13412DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{B1B4DF97-831E-413C-A928-4176B7B76801}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [UDP Query User{8691C936-9089-4A6A-9831-A0087C639A9C}D:\fifa\fifa18\fifa18.exe] => (Allow) D:\fifa\fifa18\fifa18.exe (Electronic Arts -> Electronic Arts) FirewallRules: [{FF76D716-DBA6-437A-A34F-847AF6AB88AD}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{13A0D233-1007-4376-A4B4-1DA27C101ECB}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{86D55748-40A6-4288-AEF7-2C0B25BDF778}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [UDP Query User{D8AE6DDF-C0F2-475C-AB9C-B84C11DDC8AB}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [TCP Query User{695C8135-FF2C-4E94-9566-E526643684CA}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [UDP Query User{3091889E-265D-4648-88DF-CEE54431325D}C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_116381722\java.exe (Oracle America, Inc. -> Oracle Corporation) FirewallRules: [{19A95D83-1997-4E1D-B782-E9518C66DFBB}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{A1F359C7-4712-4555-B250-972DC5238157}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{9310E9DD-E024-4761-B062-698FB0E3AB13}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{F2B11A3B-CC53-4DFF-B8AC-3ADDA6F5D794}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{DB2F74E8-C7EB-44B3-81D7-12B84175E2EA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E44676E1-030C-4238-B65F-434792B61DE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{0E47D0AA-C664-4226-B706-39D5D9E15552}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [{0FE9DEBC-25B9-4A7D-A2B1-D61EE33E7F27}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation ) FirewallRules: [TCP Query User{0E86F5BD-F2B3-4EF9-8B0C-48823DA809CB}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [UDP Query User{0C5E839A-52EC-40D4-969E-24F12ED8D2D0}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe No File FirewallRules: [TCP Query User{8796E73D-79C0-4D0B-AF34-FB3AF9BCC9BA}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [UDP Query User{EFB29360-AB3A-4A44-9CB4-EF91CEBDB39C}D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\warface\bin32release\game.exe No File FirewallRules: [{CE4CC83D-33DB-4941-B63E-839395BEF26D}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{62B0C736-3662-4965-ABCF-C095480B3E5E}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{91266298-136D-4BB3-8C13-A850A76C9BF1}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{E3EAEE44-6095-4A5E-BE2F-F3E3F8349E0A}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{12A4A27A-BB67-48E9-9C50-3BFF7FAFB778}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{AEEB531B-9796-4704-ACF2-4D21152475BF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{7F3749E0-59C1-4422-B6F5-FB6E3727295D}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{60F8D80B-FA92-4B64-93F5-05A4F7DADF00}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{2D541380-97BF-4291-BDBE-2F2228CAEA60}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{127D37C8-619F-462E-BE1A-E32131065FF4}] => (Allow) D:\SteamLibrary\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{3AE125A7-E2F2-4264-9007-75C3A531B173}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.) FirewallRules: [{9CB2E9CF-4CF5-4270-90C8-708DF5C9EA41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5DDB721B-805F-4405-9439-CF48D05CD91D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{FBCDCF18-DF9A-480D-8245-D45ACCBABE9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{38AC95F2-BD01-4E8B-9093-31663D8E317A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{458841A3-2771-481D-884C-B7930C379C97}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{235BAD27-D13D-420B-8B97-7A919F070DAA}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [{13789DD3-E1EC-4822-B391-E7109AE3CC48}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () FirewallRules: [TCP Query User{3DE0592A-8D12-447D-939D-BCA439AFF137}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{33216198-C2C2-482B-9DC9-2D0D13DBB4FA}C:\users\gamepc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gamepc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BC1B52E7-C2B8-4017-8791-69B710F1CCBB}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{270B0322-3799-457B-960A-455318931953}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{A13AA196-1978-4C67-902B-2460B54A5BBF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{EF08AF4C-3154-4DAB-BCE6-F39115FD1EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{DFBF8C13-3341-468F-9043-C61EE1DF2608}] => (Allow) D:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{64832D58-8D2F-49F2-9821-FC19B1E90DA6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{26B327D5-AC62-4B35-9E8A-241677C45E6B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{17F7F489-79F0-4B1E-8C40-2AE2479A4164}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) FirewallRules: [{12452DC3-0184-4D50-9874-AFEDEF2EFAA9}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe (Codemasters Software Company Limited) FirewallRules: [{59D96386-6E3E-4356-8348-CF3CFA65A81B}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{FFA55DD9-7016-4EC4-A808-1A467A45E95C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{DC649560-4400-4885-84A1-B96EE04BD03C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{962C91EA-9380-4D1D-8A2F-E951089E3F37}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6E404A41-222B-4F61-937B-39B8D0A5BE40}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{394ABFE5-D758-4C24-B451-12FE329ECF53}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{CAB0B3BC-BD97-4B9F-AD34-4EA3FD6A653B}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) FirewallRules: [{D1AE7604-9B6C-4322-8475-D1AC1B29A431}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software) ==================== Restore Points ========================= 01-02-2019 16:11:32 Планирана контролна точка 09-02-2019 15:07:59 Планирана контролна точка ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Description: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Service: L1C Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/10/2019 03:12:13 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/09/2019 03:26:38 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2019 04:45:30 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/08/2019 04:45:29 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/07/2019 03:15:48 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\Setup.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/07/2019 03:15:48 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe". Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (02/09/2019 11:34:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (02/09/2019 02:59:26 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (02/06/2019 08:56:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Изтекъл период на изчакване (30000 милисекунди) при изчакване на отговор за транзакция от услуга eventlog. Error: (02/05/2019 07:09:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 20. Error: (02/04/2019 09:08:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга NVIDIA Telemetry Container прекъсна със следната грешка: Изпълним файл за обща команда върна резултат, показващ грешка. Error: (02/04/2019 08:48:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга NVIDIA LocalSystem Container беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 6000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (02/04/2019 08:48:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Услуга NVIDIA LocalSystem Container прекъсна със следната грешка: Изпълним файл за обща команда върна резултат, показващ грешка. Error: (02/03/2019 01:44:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Steam Client Service не може да бъде стартирана поради следната грешка: Услугата не отговори навреме на искане за стартиране или управление. ==================== Memory info =========================== Processor: AMD FX-8320E Eight-Core Processor Percentage of memory in use: 41% Total physical RAM: 8189.54 MB Available physical RAM: 4811.05 MB Total Virtual: 16377.26 MB Available Virtual: 11050.03 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:150 GB) (Free:70.97 GB) NTFS Drive d: () (Fixed) (Total:781.41 GB) (Free:323.18 GB) NTFS \\?\Volume{2f050b3f-9477-11e7-8c98-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0C59AE75) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=781.4 GB) - (Type=05) ==================== End of Addition.txt ============================
  8. Инсталирах едно нещо, което се оказа, че не трябва и сега ми пъкват реклами постоянно, компа забозва и така нататък. С любов от русия. С какво може да сканирам и да оправя нещата, уиндолс 10.
  9. Здравейте!Допуснах вирус или троянски кон, в резултат на което не мога да отворя нито един файл с разширение doc.,txt,png,jpg,jpeg,mp3,mp4 и т.н.Всичките ми файлове са преименувани като след разширението стоят буквите XQKLBVNMDH.Уиндоуса изписва, че не може да отвори файл с такова разширение.Опитвам се да махна тези букви и да преименувам файла, но след преименуването файла става неизползваем.Инсталирах НОД 32 и ми откри 5065 троянеца, от които успя да почисти 5055, но положението не се промени.Някой може ли да помогне с нещо?
  10. Здравейте! Прикачам лог файла . Непрекъснато ми се отварят страници в браузъра . Моля за съдействие. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.11.2018 Ran by Didista (administrator) on DESKTOP-DSKVSP2 (15-11-2018 22:45:03) Running from C:\Users\Didista\Downloads Loaded Profiles: Didista (Available Profiles: Didista) Platform: Windows 10 Pro N Version 1803 17134.407 (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsLdrSrv64.exe (ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsHidSrv64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (ICEpower a/s) C:\Windows\System32\ICEsoundService64.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsMonStartupTask64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (BitTorrent Inc.) C:\Users\Didista\AppData\Roaming\BitTorrent\BitTorrent.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (NODJE) D:\install\Office_2010_Activator_Full_Version_100_Working_Free_PASSWORD_123\Office_2010_Activator_Full_Version_100_Working_Free_34319.exe (TODO: <Company name>) C:\ProgramData\Kolnixo\Kolnixo.exe (ZLGVXB) C:\Program Files (x86)\uhlkclz42dn\MXVO6R4NL5PR3EY.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files\FCUX3N7ZJS\FCUX3N7ZJ.exe () C:\Users\Didista\AppData\Local\Temp\is-TU326.tmp\swr2ab1i3na.tmp (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files (x86)\uhlkclz42dn\GEQY0.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files\C8JKRJNU79\C8JKRJNU7.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files\OWHJ94UXVD\IBYQ18KGP.exe () C:\Users\Didista\AppData\Local\Temp\is-A480T.tmp\jnt3mero1bx.tmp (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (ZLGVXB) C:\Program Files\CGAVT81G4S\CGAVT81G4.exe (Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [692160 2016-01-19] (Autodesk, Inc.) HKLM-x32\...\Run: [Multitimer] => C:\Program Files (x86)\Multitimer\Multitimer.exe [281600 2017-12-12] () HKLM\...\RunOnce: [OMEWPRODUCT_] => C:\Program Files\Microsoft Analysis Services\96RRN6VKDZW3B\WaN6he06SO.exe [324608 2018-11-15] () HKLM\...\RunOnce: [OMEWPRODUCT_G50GE] => C:\Program Files (x86)\uhlkclz42dn\MXVO6R4NL5PR3EY.exe [249856 2018-11-15] (ZLGVXB) <==== ATTENTION HKLM-x32\...\RunOnce: [Malwarebytes' Anti-Malware] => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [399504 2009-02-11] (Malwarebytes Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-04] (Disc Soft Ltd) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [BLTG4CCEG5MMVFU] => C:\Program Files\FCUX3N7ZJS\FCUX3N7ZJ.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [009KOWOANB1R0IT] => C:\Program Files (x86)\uhlkclz42dn\GEQY0.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [C0GNC6JMCEWTQ6O] => C:\Program Files\C8JKRJNU79\C8JKRJNU7.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [F5BMV40IU8I2UUQ] => C:\Program Files\OWHJ94UXVD\IBYQ18KGP.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\Run: [5ZJNOL91INGZK96] => C:\Program Files\CGAVT81G4S\CGAVT81G4.exe [864256 2018-11-15] (ZLGVXB) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\RunOnce: [Uninstall 18.172.0826.0010\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Didista\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\amd64" HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\RunOnce: [Uninstall 18.172.0826.0010] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Didista\AppData\Local\Microsoft\OneDrive\18.172.0826.0010" HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\MountPoints2: {cf8a0d3e-d136-11e8-a44c-34e12df5e1e5} - "G:\SETUP.EXE" AppInit_DLLs: C:\ProgramData\Kolnixo\Holdzuntip.dll => C:\ProgramData\Kolnixo\Holdzuntip.dll [342528 2018-11-15] () AppInit_DLLs-x32: C:\ProgramData\Kolnixo\Treetamit.dll => C:\ProgramData\Kolnixo\Treetamit.dll [460800 2018-11-15] () GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{18e67df8-ee5e-4dc6-9bb8-bbeaff76c2bc}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{e7c25d7d-cac5-489b-9ac9-1a5057905498}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Internet Explorer: ================== HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g9x1M7zfAerZPy-mzN9zcmDMcvfDkc5u_Ev3swFo2g_SC7H7g_QPX4svLn99oYUBeJSx0M8jBQFUhhKpahz4owLYJuWg,,&q={searchTerms} HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9gxWgPMRIn_JtbnuuUL-tlwFL2wx1pOrQ7EY_hqWtD2w2Umw5nZVaNdKaz8KXE2rb0YvQAfB6h8uy0c32x15ZqFvbPJeA,, SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g9x1M7zfAerZPy-mzN9zcmDMcvfDkc5u_Ev3swFo2g_SC7H7g_QPX4svLn99oYUBeJSx0M8jBQFUhhKpahz4owLYJuWg,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g9x1M7zfAerZPy-mzN9zcmDMcvfDkc5u_Ev3swFo2g_SC7H7g_QPX4svLn99oYUBeJSx0M8jBQFUhhKpahz4owLYJuWg,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g9x1M7zfAerZPy-mzN9zcmDMcvfDkc5u_Ev3swFo2g_SC7H7g_QPX4svLn99oYUBeJSx0M8jBQFUhhKpahz4owLYJuWg,,&q={searchTerms} BHO: YoutubeAdBlock -> {14D0AD49-F627-4E41-93CA-E9A444EE8B22} -> C:\Program Files (x86)\IwTmDCzJJIE\tlyQ30LVS.dll [2018-11-15] () BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: YoutubeAdBlock -> {14D0AD49-F627-4E41-93CA-E9A444EE8B22} -> C:\Program Files (x86)\IwTmDCzJJIE\kYJpSopz.dll [2018-11-15] () BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-06] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-06] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-16] (Google Inc.) Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g93Ei_kR4QfjE79dxLYrFfWDs_CfJpsT-vaieDY4VnebfjLIlKWsx8On8zU7golcX5d29Elpc50g1Vo18qkwYwDO34vg,, CHR StartupUrls: Profile 1 -> "","hxxp://www.google.com/" CHR DefaultSearchURL: Profile 1 -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBLoO-BhLymRVyoiO2t6mfQOs8Z_UNrRNGfcnSVI8V3AroBajNPW18Orf3T1Ba9uRElwxpRFd80U7ywFKBzGlBsUTS5ydDZAoVPb9g90GCghaQlXbNRvqBsYkQJ-9VCB4gGW7EHDeqFR3qfsiN3COVjumKAa8gi6VFWZsgxgH1TYMldeUVRDgXlzyunSsBkig,,&q={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> feed.sonic-search.com CHR Profile: C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default [2018-11-15] CHR Extension: (Slides) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-16] CHR Extension: (Docs) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-16] CHR Extension: (Google Drive) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-10-16] CHR Extension: (YouTube) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-16] CHR Extension: (Sheets) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-16] CHR Extension: (Google Docs Offline) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-16] CHR Extension: (Adblocker for Youtube™) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmepafhiigbfimndaicdpoeebdgmkfdb [2018-11-15] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION CHR Extension: (Chrome Web Store Payments) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-16] CHR Extension: (Gmail) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-16] CHR Extension: (Chrome Media Router) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-03] CHR Profile: C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-11-15] CHR Extension: (Slides) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-16] CHR Extension: (Docs) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-16] CHR Extension: (Google Drive) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-10-16] CHR Extension: (YouTube) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-16] CHR Extension: (uBlock Origin) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-10-16] CHR Extension: (Sheets) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-16] CHR Extension: (Google Docs Offline) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-16] CHR Extension: (AdBlock) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-16] CHR Extension: (Pinterest Save Button) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-10-19] CHR Extension: (Kaldata.com) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jliaaaomamailheoidfllejljaibbemc [2018-10-16] CHR Extension: (Capital.bg) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lanbncpnnmafpfikemcimkiddbogfnki [2018-10-16] CHR Extension: (#ДАНСwithme) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmcpmmnecclemnhobkplkgpjjddgnkej [2018-10-16] CHR Extension: (hxxp://goo.mx/Az2aea) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mldlblfnplplbhojnognmlaoemiiedje [2018-10-16] CHR Extension: (Bazz Search) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmeinlfojlcegblpogpjbhipmonclejh [2018-11-15] CHR Extension: (Adblocker for Youtube™) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmepafhiigbfimndaicdpoeebdgmkfdb [2018-11-15] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION CHR Extension: (Chrome Web Store Payments) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-16] CHR Extension: (Gmail) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-16] CHR Extension: (Chrome Media Router) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01] CHR Profile: C:\Users\Didista\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-15] CHR Extension: (Adblocker for Youtube™) - C:\Users\Didista\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmepafhiigbfimndaicdpoeebdgmkfdb [2018-11-15] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1222664 2016-01-19] (Autodesk Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated) R2 AsHidService; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsHidSrv64.exe [171912 2018-01-07] (ASUSTek Computer Inc.) R2 ASLDRService; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsLdrSrv64.exe [202120 2018-01-07] (ASUSTek Computer Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730024 2018-10-04] (Disc Soft Ltd) R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1651792 2017-10-27] (Intel Corporation) R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [541896 2018-04-19] (Intel Corporation) R2 ICEsoundService; C:\Windows\system32\ICEsoundService64.exe [483816 2018-05-10] (ICEpower a/s) R2 Kolnixo; C:\ProgramData\\Kolnixo\\Kolnixo.exe [1995264 2018-11-15] (TODO: <Company name>) [File not signed] S3 mi-raysat_3dsmax2017_64; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-15] () [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation) S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-25] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-25] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 ATKWMIACPIIO; C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\atkwmiacpi64.sys [30600 2018-01-07] (ASUSTek Computer Inc.) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [70040 2017-10-27] (Intel Corporation) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-10-16] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2018-10-16] (Disc Soft Ltd) S1 erenopno; C:\Windows\system32\drivers\erenopno.sys [72816 2018-11-15] (Microsoft Corporation) R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [399264 2017-10-27] (Intel Corporation) R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34184 2018-05-02] (ASUS) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136208 2018-04-19] (Intel Corporation) R3 Netwtw06; C:\Windows\system32\DRIVERS\Netwtw06.sys [8752120 2018-05-02] (Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvlddmkm.sys [17213616 2018-10-15] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-05-21] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-05-15] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation) S1 nyutbnzk; C:\Windows\system32\drivers\nyutbnzk.sys [72816 2018-11-15] (Microsoft Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek ) S1 rxhodcdr; C:\Windows\system32\drivers\rxhodcdr.sys [72816 2018-11-15] (Microsoft Corporation) S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46184 2018-10-25] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [328696 2018-10-25] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-25] (Microsoft Corporation) S1 wgbxphjl; C:\Windows\system32\drivers\wgbxphjl.sys [72816 2018-11-15] (Microsoft Corporation) S1 xrsjazsk; C:\Windows\system32\drivers\xrsjazsk.sys [72816 2018-11-15] (Microsoft Corporation) S1 xwhjuavh; C:\Windows\system32\drivers\xwhjuavh.sys [72816 2018-11-15] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-11-15 22:45 - 2018-11-15 22:45 - 000027997 _____ C:\Users\Didista\Downloads\FRST.txt 2018-11-15 22:44 - 2018-11-15 22:45 - 000000000 ____D C:\FRST 2018-11-15 22:44 - 2018-11-15 22:44 - 002416128 _____ (Farbar) C:\Users\Didista\Downloads\FRST64.exe 2018-11-15 22:42 - 2018-11-15 22:42 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\erenopno.sys 2018-11-15 22:27 - 2018-11-15 22:27 - 000001082 _____ C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk 2018-11-15 22:27 - 2018-11-15 22:27 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Malwarebytes 2018-11-15 22:27 - 2018-11-15 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware 2018-11-15 22:27 - 2018-11-15 22:27 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-11-15 22:27 - 2018-11-15 22:27 - 000000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2018-11-15 22:27 - 2009-02-11 10:19 - 000038496 _____ (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys 2018-11-15 22:27 - 2009-02-11 10:19 - 000015504 _____ (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbam.sys 2018-11-15 22:22 - 2018-11-15 22:22 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nyutbnzk.sys 2018-11-15 22:20 - 2018-11-15 22:20 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wgbxphjl.sys 2018-11-15 22:20 - 2018-11-15 22:20 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rxhodcdr.sys 2018-11-15 22:20 - 2018-11-15 22:20 - 000000000 ____D C:\Program Files (x86)\Multitimer 2018-11-15 22:19 - 2018-11-15 22:25 - 000000000 ____D C:\ProgramData\localNETService 2018-11-15 22:19 - 2018-11-15 22:22 - 000000000 ____D C:\Program Files (x86)\Close 2018-11-15 22:19 - 2018-11-15 22:20 - 000000000 ____D C:\Users\Didista\AppData\Roaming\gqz0chuajmt 2018-11-15 22:19 - 2018-11-15 22:20 - 000000000 ____D C:\Users\Didista\AppData\Roaming\0deilzc0shp 2018-11-15 22:19 - 2018-11-15 22:20 - 000000000 ____D C:\Program Files\CGAVT81G4S 2018-11-15 22:19 - 2018-11-15 22:19 - 000003212 _____ C:\Windows\System32\Tasks\OqUgsIhoyVOixP 2018-11-15 22:19 - 2018-11-15 22:19 - 000003052 __RSH C:\ProgramData\ntuser.pol 2018-11-15 22:19 - 2018-11-15 22:19 - 000003044 _____ C:\Windows\System32\Tasks\EGDwIDfrVjLvW2 2018-11-15 22:19 - 2018-11-15 22:19 - 000003034 _____ C:\Windows\System32\Tasks\qdxgajDnKqmDPrtzQ2 2018-11-15 22:19 - 2018-11-15 22:19 - 000003026 _____ C:\Windows\System32\Tasks\yKlRUxrwnsuFpeUeBWz2 2018-11-15 22:19 - 2018-11-15 22:19 - 000003008 _____ C:\Windows\System32\Tasks\niYEcWwYibJfLQX2 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Users\Didista\AppData\Roaming\4bdykg2qirq 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\ProgramData\zTXZmVxyKBKDhdVB 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files\OWHJ94UXVD 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\UmTwpSvRUOfSC 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\pbjpUXEkQjxU2 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\IwTmDCzJJIE 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\hGGLWjvHZZUn 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\eEvEEOxmU 2018-11-15 22:19 - 2018-11-15 22:19 - 000000000 ____D C:\Program Files (x86)\BHXQvOBMsgKdEntstUR 2018-11-15 22:18 - 2018-11-15 22:33 - 000000000 ____D C:\ProgramData\Kolnixo 2018-11-15 22:18 - 2018-11-15 22:25 - 000000000 ____D C:\Program Files (x86)\OneSystemCare 2018-11-15 22:18 - 2018-11-15 22:25 - 000000000 ____D C:\Program Files (x86)\foldershare 2018-11-15 22:18 - 2018-11-15 22:20 - 000000000 ____D C:\ProgramData\Logic Cramble 2018-11-15 22:18 - 2018-11-15 22:18 - 025260414 _____ (TigerTrade ) C:\ProgramData\lzxhod.exe 2018-11-15 22:18 - 2018-11-15 22:18 - 007809024 _____ C:\Users\Didista\AppData\Local\agent.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 002024475 _____ C:\Users\Didista\AppData\Local\Doubledax.tst 2018-11-15 22:18 - 2018-11-15 22:18 - 000126464 _____ C:\Users\Didista\AppData\Local\noah.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000070896 _____ C:\Users\Didista\AppData\Local\Config.xml 2018-11-15 22:18 - 2018-11-15 22:18 - 000018432 _____ C:\Users\Didista\AppData\Local\Main.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000015614 _____ C:\Windows\SysWOW64\findit.xml 2018-11-15 22:18 - 2018-11-15 22:18 - 000005568 _____ C:\Users\Didista\AppData\Local\md.xml 2018-11-15 22:18 - 2018-11-15 22:18 - 000000116 _____ C:\ProgramData\lzxhoc.txt 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Users\Didista\AppData\Roaming\xfyg1f23d4k 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Users\Didista\AppData\Roaming\One System Care 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Mozilla 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\Kolnixos 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\72101d1e-3ee9-4f7a-8b3d-44459f18b40b 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\2a1cffdf-4eb1-1 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\ProgramData\2a1cffdf-3d51-0 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files\FCUX3N7ZJS 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files\C8JKRJNU79 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files (x86)\uhlkclz42dn 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files (x86)\TigerTrade 2018-11-15 22:18 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files (x86)\publicHotsp 2018-11-15 22:18 - 2018-11-15 22:17 - 001995264 _____ (TODO: <Company name>) C:\Users\Didista\AppData\Local\Doubledax.exe 2018-11-15 22:17 - 2018-11-15 22:18 - 000722944 _____ C:\Users\Didista\AppData\Local\sham.db 2018-11-15 22:17 - 2018-11-15 22:18 - 000017664 _____ C:\Users\Didista\AppData\Local\InstallationConfiguration.xml 2018-11-15 22:17 - 2018-11-15 22:17 - 000140800 _____ C:\Users\Didista\AppData\Local\installer.dat 2018-11-15 22:17 - 2018-11-15 22:17 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xwhjuavh.sys 2018-11-15 22:17 - 2018-11-15 22:17 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xrsjazsk.sys 2018-11-15 22:12 - 2018-11-15 22:12 - 000078848 _____ C:\Windows\KMSEmulator.exe 2018-11-13 21:44 - 2018-11-01 13:49 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe 2018-11-13 21:44 - 2018-11-01 13:46 - 002394960 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL 2018-11-13 21:44 - 2018-11-01 13:45 - 004527776 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2018-11-13 21:44 - 2018-11-01 13:45 - 001617320 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2018-11-13 21:44 - 2018-11-01 13:45 - 001376672 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2018-11-13 21:44 - 2018-11-01 13:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll 2018-11-13 21:44 - 2018-11-01 13:31 - 006602240 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2018-11-13 21:44 - 2018-11-01 13:30 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll 2018-11-13 21:44 - 2018-11-01 13:30 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll 2018-11-13 21:44 - 2018-11-01 13:29 - 012710400 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-11-13 21:44 - 2018-11-01 13:29 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll 2018-11-13 21:44 - 2018-11-01 13:28 - 003649024 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2018-11-13 21:44 - 2018-11-01 13:28 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2018-11-13 21:44 - 2018-11-01 13:27 - 001121792 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2018-11-13 21:44 - 2018-11-01 13:27 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2018-11-13 21:44 - 2018-11-01 13:26 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll 2018-11-13 21:44 - 2018-11-01 13:26 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll 2018-11-13 21:44 - 2018-11-01 13:26 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe 2018-11-13 21:44 - 2018-11-01 13:26 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2018-11-13 21:44 - 2018-11-01 13:26 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe 2018-11-13 21:44 - 2018-11-01 13:25 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe 2018-11-13 21:44 - 2018-11-01 12:09 - 001027000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2018-11-13 21:44 - 2018-11-01 11:59 - 005669888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2018-11-13 21:44 - 2018-11-01 11:56 - 011902464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-11-13 21:44 - 2018-11-01 11:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll 2018-11-13 21:44 - 2018-11-01 11:56 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll 2018-11-13 21:44 - 2018-11-01 11:54 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-11-13 21:44 - 2018-11-01 11:53 - 000908288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2018-11-13 21:44 - 2018-11-01 11:52 - 002892800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2018-11-13 21:44 - 2018-11-01 09:39 - 001035256 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe 2018-11-13 21:44 - 2018-11-01 09:38 - 000269336 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll 2018-11-13 21:44 - 2018-11-01 09:37 - 000272408 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave.dll 2018-11-13 21:44 - 2018-11-01 09:28 - 001221432 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe 2018-11-13 21:44 - 2018-11-01 09:28 - 001062712 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2018-11-13 21:44 - 2018-11-01 09:28 - 001029944 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe 2018-11-13 21:44 - 2018-11-01 09:28 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe 2018-11-13 21:44 - 2018-11-01 09:28 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll 2018-11-13 21:44 - 2018-11-01 09:28 - 000076088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys 2018-11-13 21:44 - 2018-11-01 09:27 - 001017152 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2018-11-13 21:44 - 2018-11-01 09:27 - 000491200 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2018-11-13 21:44 - 2018-11-01 09:26 - 007432120 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2018-11-13 21:44 - 2018-11-01 09:26 - 003291640 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2018-11-13 21:44 - 2018-11-01 09:26 - 003180080 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2018-11-13 21:44 - 2018-11-01 09:26 - 001363536 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 009089848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-11-13 21:44 - 2018-11-01 09:25 - 007520088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 004404912 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 002822456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2018-11-13 21:44 - 2018-11-01 09:25 - 002571320 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 002371296 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001934808 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001784680 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001456728 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-11-13 21:44 - 2018-11-01 09:25 - 001288920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001257880 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-11-13 21:44 - 2018-11-01 09:25 - 001209888 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001190248 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 001140672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-11-13 21:44 - 2018-11-01 09:25 - 000982592 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2018-11-13 21:44 - 2018-11-01 09:25 - 000885968 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000793080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2018-11-13 21:44 - 2018-11-01 09:25 - 000713472 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000594224 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2018-11-13 21:44 - 2018-11-01 09:25 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\coml2.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000413720 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2018-11-13 21:44 - 2018-11-01 09:25 - 000375824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2018-11-13 21:44 - 2018-11-01 09:25 - 000268088 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll 2018-11-13 21:44 - 2018-11-01 09:25 - 000261000 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2018-11-13 21:44 - 2018-11-01 09:09 - 025855488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2018-11-13 21:44 - 2018-11-01 09:03 - 003397120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2018-11-13 21:44 - 2018-11-01 09:03 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe 2018-11-13 21:44 - 2018-11-01 09:02 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll 2018-11-13 21:44 - 2018-11-01 09:02 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\CSystemEventsBrokerClient.dll 2018-11-13 21:44 - 2018-11-01 09:01 - 022716416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-11-13 21:44 - 2018-11-01 09:01 - 009084928 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll 2018-11-13 21:44 - 2018-11-01 09:01 - 007057408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll 2018-11-13 21:44 - 2018-11-01 09:00 - 008189440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2018-11-13 21:44 - 2018-11-01 09:00 - 006031360 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2018-11-13 21:44 - 2018-11-01 09:00 - 003392000 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2018-11-13 21:44 - 2018-11-01 09:00 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2018-11-13 21:44 - 2018-11-01 09:00 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll 2018-11-13 21:44 - 2018-11-01 08:59 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe 2018-11-13 21:44 - 2018-11-01 08:59 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll 2018-11-13 21:44 - 2018-11-01 08:59 - 000192000 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2018-11-13 21:44 - 2018-11-01 08:59 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll 2018-11-13 21:44 - 2018-11-01 08:59 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 007573504 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 004867072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 004383744 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2018-11-13 21:44 - 2018-11-01 08:58 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 003381248 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 002825728 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 002364928 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll 2018-11-13 21:44 - 2018-11-01 08:57 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 002929664 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 002172928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 001768448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 001395200 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2018-11-13 21:44 - 2018-11-01 08:56 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll 2018-11-13 21:44 - 2018-11-01 08:55 - 002738688 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2018-11-13 21:44 - 2018-11-01 08:55 - 001058304 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2018-11-13 21:44 - 2018-11-01 08:55 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001679360 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001551360 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001264640 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 001023488 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000895488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2018-11-13 21:44 - 2018-11-01 08:54 - 000606208 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 002248192 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 001373696 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-11-13 21:44 - 2018-11-01 08:53 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2018-11-13 21:44 - 2018-11-01 07:39 - 000001310 _____ C:\Windows\system32\tcbres.wim 2018-11-13 21:44 - 2018-11-01 07:08 - 002417952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2018-11-13 21:44 - 2018-11-01 06:50 - 000861712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2018-11-13 21:44 - 2018-11-01 06:50 - 000786288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 006039064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 004790184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 002478872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 000880248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2018-11-13 21:44 - 2018-11-01 06:48 - 000384520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\coml2.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 006570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 001980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 001379792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 001020064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 000567256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll 2018-11-13 21:44 - 2018-11-01 06:47 - 000129304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2018-11-13 21:44 - 2018-11-01 06:40 - 022015488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2018-11-13 21:44 - 2018-11-01 06:35 - 019403776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-11-13 21:44 - 2018-11-01 06:34 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2018-11-13 21:44 - 2018-11-01 06:33 - 006661632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2018-11-13 21:44 - 2018-11-01 06:33 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-11-13 21:44 - 2018-11-01 06:32 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2018-11-13 21:44 - 2018-11-01 06:31 - 005307904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2018-11-13 21:44 - 2018-11-01 06:31 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 005883904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 005775872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2018-11-13 21:44 - 2018-11-01 06:30 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 001862656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll 2018-11-13 21:44 - 2018-11-01 06:29 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2018-11-13 21:44 - 2018-11-01 06:28 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll 2018-11-13 21:44 - 2018-11-01 06:28 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2018-11-13 21:44 - 2018-11-01 06:28 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll 2018-11-13 21:44 - 2018-11-01 06:27 - 001627648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-11-13 21:44 - 2018-11-01 06:27 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2018-11-13 21:44 - 2018-11-01 06:27 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll 2018-11-13 21:44 - 2018-11-01 06:27 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-11-13 21:44 - 2018-11-01 06:27 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-11-13 21:44 - 2018-11-01 06:26 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2018-11-13 21:44 - 2018-11-01 06:26 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2018-11-13 21:44 - 2018-11-01 06:26 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2018-11-13 21:44 - 2018-10-21 15:04 - 002267448 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll 2018-11-13 21:44 - 2018-10-21 15:00 - 021386368 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2018-11-13 21:44 - 2018-10-21 15:00 - 001639560 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2018-11-13 21:44 - 2018-10-21 15:00 - 001516120 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2018-11-13 21:44 - 2018-10-21 15:00 - 000790416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2018-11-13 21:44 - 2018-10-21 15:00 - 000396304 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2018-11-13 21:44 - 2018-10-21 14:59 - 000766480 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll 2018-11-13 21:44 - 2018-10-21 14:59 - 000236728 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll 2018-11-13 21:44 - 2018-10-21 14:46 - 013572096 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2018-11-13 21:44 - 2018-10-21 14:46 - 004393472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2018-11-13 21:44 - 2018-10-21 14:45 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2018-11-13 21:44 - 2018-10-21 14:44 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2018-11-13 21:44 - 2018-10-21 14:44 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2018-11-13 21:44 - 2018-10-21 14:43 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll 2018-11-13 21:44 - 2018-10-21 14:43 - 000276992 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll 2018-11-13 21:44 - 2018-10-21 14:43 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll 2018-11-13 21:44 - 2018-10-21 14:42 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll 2018-11-13 21:44 - 2018-10-21 14:42 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2018-11-13 21:44 - 2018-10-21 14:42 - 000592896 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll 2018-11-13 21:44 - 2018-10-21 14:42 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll 2018-11-13 21:44 - 2018-10-21 14:41 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2018-11-13 21:44 - 2018-10-21 13:41 - 001540408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll 2018-11-13 21:44 - 2018-10-21 13:41 - 000023056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hvsicontainerservice.dll 2018-11-13 21:44 - 2018-10-21 13:38 - 001322376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2018-11-13 21:44 - 2018-10-21 13:38 - 000662312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2018-11-13 21:44 - 2018-10-21 13:38 - 000660480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll 2018-11-13 21:44 - 2018-10-21 13:38 - 000221216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll 2018-11-13 21:44 - 2018-10-21 13:37 - 020381808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2018-11-13 21:44 - 2018-10-21 13:37 - 001626656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2018-11-13 21:44 - 2018-10-21 13:28 - 012501504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2018-11-13 21:44 - 2018-10-21 13:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2018-11-13 21:44 - 2018-10-21 13:23 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2018-11-13 21:44 - 2018-10-21 13:23 - 000523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2018-11-13 21:44 - 2018-10-21 13:22 - 002405888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll 2018-11-13 21:44 - 2018-10-21 13:22 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll 2018-11-13 21:44 - 2018-10-21 09:48 - 005602456 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll 2018-11-13 21:44 - 2018-10-21 09:47 - 000368440 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2018-11-13 21:44 - 2018-10-21 09:46 - 000717112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll 2018-11-13 21:44 - 2018-10-21 09:46 - 000709936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2018-11-13 21:44 - 2018-10-21 09:46 - 000611640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2018-11-13 21:44 - 2018-10-21 09:46 - 000560136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2018-11-13 21:44 - 2018-10-21 09:46 - 000497864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll 2018-11-13 21:44 - 2018-10-21 09:46 - 000171024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-11-13 21:44 - 2018-10-21 09:45 - 003283512 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2018-11-13 21:44 - 2018-10-21 09:45 - 001946208 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 001098064 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 000607136 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 000185120 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-11-13 21:44 - 2018-10-21 09:45 - 000175624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys 2018-11-13 21:44 - 2018-10-21 09:45 - 000139792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-11-13 21:44 - 2018-10-21 09:45 - 000058088 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-11-13 21:44 - 2018-10-21 09:28 - 016592384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2018-11-13 21:44 - 2018-10-21 09:22 - 004710912 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll 2018-11-13 21:44 - 2018-10-21 09:21 - 001589248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2018-11-13 21:44 - 2018-10-21 09:21 - 000123424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-11-13 21:44 - 2018-10-21 09:20 - 000424000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll 2018-11-13 21:44 - 2018-10-21 09:20 - 000295224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2018-11-13 21:44 - 2018-10-21 09:20 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll 2018-11-13 21:44 - 2018-10-21 09:20 - 000141312 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2018-11-13 21:44 - 2018-10-21 09:20 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 002487088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 001620776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 001130768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000514560 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe 2018-11-13 21:44 - 2018-10-21 09:19 - 000505616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys 2018-11-13 21:44 - 2018-10-21 09:19 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys 2018-11-13 21:44 - 2018-10-21 09:19 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\ofdeploy.exe 2018-11-13 21:44 - 2018-10-21 09:19 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\BthAvrcpAppSvc.dll 2018-11-13 21:44 - 2018-10-21 09:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhf.sys 2018-11-13 21:44 - 2018-10-21 09:19 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000761344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000461824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Activities.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000395264 _____ (Microsoft Corporation) C:\Windows\system32\BthAvctpSvc.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll 2018-11-13 21:44 - 2018-10-21 09:18 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 001668096 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 000787456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys 2018-11-13 21:44 - 2018-10-21 09:17 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\BthAvrcp.dll 2018-11-13 21:44 - 2018-10-21 09:17 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 002584576 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 001535488 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll 2018-11-13 21:44 - 2018-10-21 09:16 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2018-11-13 21:44 - 2018-10-21 09:15 - 003212800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2018-11-13 21:44 - 2018-10-21 09:15 - 002904064 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2018-11-13 21:44 - 2018-10-21 09:15 - 000743936 _____ (Microsoft Corporation) C:\Windows\system32\PrintRenderAPIHost.DLL 2018-11-13 21:44 - 2018-10-21 09:15 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 002224640 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2018-11-13 21:44 - 2018-10-21 09:14 - 001919488 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 001097216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2018-11-13 21:44 - 2018-10-21 09:14 - 001034752 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 000453632 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll 2018-11-13 21:44 - 2018-10-21 09:14 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll 2018-11-13 21:44 - 2018-10-21 09:09 - 013873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2018-11-13 21:44 - 2018-10-21 09:02 - 002966528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll 2018-11-13 21:44 - 2018-10-21 09:02 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll 2018-11-13 21:44 - 2018-10-21 09:01 - 001189376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2018-11-13 21:44 - 2018-10-21 09:01 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll 2018-11-13 21:44 - 2018-10-21 09:00 - 000214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll 2018-11-13 21:44 - 2018-10-21 08:59 - 000602112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2018-11-13 21:44 - 2018-10-21 08:58 - 001124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll 2018-11-13 21:44 - 2018-10-21 08:58 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-11-13 21:44 - 2018-10-21 08:58 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2018-11-13 21:44 - 2018-10-21 08:57 - 002611200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2018-11-13 21:44 - 2018-10-21 07:59 - 000806320 _____ C:\Windows\SysWOW64\locale.nls 2018-11-13 21:44 - 2018-10-21 07:59 - 000806320 _____ C:\Windows\system32\locale.nls 2018-11-13 21:44 - 2018-09-21 06:14 - 000661056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2018-11-13 21:44 - 2018-09-21 06:11 - 000753056 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2018-11-13 21:44 - 2018-09-20 11:16 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll 2018-11-13 21:44 - 2018-09-20 10:28 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll 2018-11-13 21:44 - 2018-07-14 06:22 - 006813744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2018-11-13 21:44 - 2018-07-14 06:22 - 001144664 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2018-11-13 21:44 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2018-11-13 21:44 - 2018-07-14 06:19 - 001946752 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2018-11-13 21:44 - 2018-07-14 06:18 - 002563984 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2018-11-13 21:44 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2018-11-13 21:44 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2018-11-13 21:44 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2018-11-13 21:44 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2018-11-13 21:44 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll 2018-11-13 21:44 - 2018-07-14 05:56 - 004559872 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2018-11-13 21:44 - 2018-07-14 05:54 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll 2018-11-13 21:44 - 2018-07-06 09:26 - 001148800 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2018-11-13 21:44 - 2018-07-06 09:14 - 000988640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2018-11-13 21:44 - 2018-06-15 19:28 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2018-11-13 21:44 - 2018-06-15 19:28 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2018-11-13 21:44 - 2018-06-15 17:16 - 002206528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL 2018-11-13 21:44 - 2018-06-15 07:09 - 001742272 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2018-11-13 21:44 - 2018-06-15 07:09 - 001112600 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2018-11-13 21:44 - 2018-06-15 07:09 - 000247984 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2018-11-13 21:44 - 2018-06-15 07:08 - 002062488 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll 2018-11-13 21:44 - 2018-06-15 07:08 - 001150408 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll 2018-11-13 21:44 - 2018-06-15 07:08 - 000500552 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2018-11-13 21:44 - 2018-06-15 07:07 - 001611584 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2018-11-13 21:44 - 2018-06-15 07:05 - 000550608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2018-11-13 21:44 - 2018-06-15 07:04 - 001397192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 002163184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 001710240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 000770152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 000472136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2018-11-13 21:44 - 2018-06-15 07:03 - 000232488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2018-11-13 21:44 - 2018-06-15 06:44 - 001342976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll 2018-11-13 21:44 - 2018-06-15 06:44 - 000873472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2018-11-13 21:44 - 2018-06-15 06:38 - 001305088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll 2018-11-13 21:44 - 2018-06-15 06:38 - 001070080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2018-11-13 21:44 - 2018-06-08 11:29 - 002590400 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2018-11-13 21:44 - 2018-06-08 11:29 - 000416144 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll 2018-11-13 21:44 - 2018-06-08 11:10 - 002307336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2018-11-13 21:44 - 2018-06-08 11:10 - 000457152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll 2018-11-13 21:44 - 2018-06-08 10:59 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe 2018-11-13 21:44 - 2018-06-08 10:56 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2018-11-13 21:44 - 2018-06-08 10:55 - 001242112 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll 2018-11-13 21:44 - 2018-06-08 10:54 - 000857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2018-11-13 21:44 - 2018-06-08 10:54 - 000842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll 2018-11-13 21:44 - 2018-06-08 10:54 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL 2018-11-13 21:44 - 2018-05-20 13:53 - 001017088 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll 2018-11-13 21:44 - 2018-05-20 13:53 - 001012408 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2018-11-13 21:44 - 2018-05-20 13:34 - 000861096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll 2018-11-13 21:44 - 2018-05-20 13:32 - 001034096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll 2018-11-13 21:44 - 2018-05-20 13:26 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\MSHEIF.dll 2018-11-13 21:44 - 2018-05-20 13:15 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSHEIF.dll 2018-11-13 21:44 - 2018-04-28 06:02 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2018-11-09 22:05 - 2018-09-06 03:27 - 000132408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2018-10-30 20:44 - 2018-10-30 20:44 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignfee3af2f37ccfaf7 2018-10-30 20:44 - 2018-10-30 20:44 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign649abea5711a27b1 2018-10-29 18:46 - 2018-10-29 18:46 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignfcadd6de6d859c33 2018-10-29 18:46 - 2018-10-29 18:46 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignf829852edb424f0e 2018-10-28 20:06 - 2018-10-28 20:06 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk 2018-10-28 11:41 - 2018-10-28 11:41 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsigna87c65d35d4bbccc 2018-10-28 11:41 - 2018-10-28 11:41 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign352f7c6706beb9b1 2018-10-28 11:12 - 2018-10-28 11:12 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignda012d01317a59f2 2018-10-28 11:12 - 2018-10-28 11:12 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign30ae473d07c84a4d 2018-10-28 10:18 - 2018-10-28 10:18 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignced34b6baaa19d8d 2018-10-28 10:18 - 2018-10-28 10:18 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign7ac55f9599ef9488 2018-10-28 09:52 - 2018-10-28 09:52 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign74faaac5b9362ae8 2018-10-28 09:51 - 2018-10-28 09:51 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign8a4e0cefe6f03c64 2018-10-28 09:41 - 2018-10-28 09:41 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign578166f34347a7ca 2018-10-28 09:41 - 2018-10-28 09:41 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign355bdde2e86340e2 2018-10-25 10:19 - 2018-10-25 10:19 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign9b663c80e1a0a94b 2018-10-25 10:19 - 2018-10-25 10:19 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign2b5dca1c4c5013ee 2018-10-25 09:52 - 2018-10-25 09:52 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign90f40453ec5e16f4 2018-10-25 09:52 - 2018-10-25 09:52 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign27a5531bbf90a046 2018-10-25 09:51 - 2018-10-25 09:51 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign4e850f8465786228 2018-10-25 09:51 - 2018-10-25 09:51 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign182f997f4160a0e3 2018-10-25 09:28 - 2018-10-25 09:28 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign78d3e84575e8c719 2018-10-25 09:28 - 2018-10-25 09:28 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign00a8375e5508502c 2018-10-21 19:36 - 2018-10-21 19:36 - 000000000 ____D C:\adb 2018-10-20 23:23 - 2018-10-20 23:23 - 000000000 ____D C:\Users\Didista\.android 2018-10-20 23:22 - 2018-10-20 23:22 - 000001192 _____ C:\Users\Public\Desktop\Minimal ADB and Fastboot.lnk 2018-10-20 23:22 - 2018-10-20 23:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot 2018-10-20 23:22 - 2018-10-20 23:22 - 000000000 ____D C:\Program Files (x86)\Minimal ADB and Fastboot 2018-10-20 22:31 - 2018-10-20 22:31 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2018-10-20 22:10 - 2018-10-21 14:01 - 000000000 ____D C:\android 2018-10-20 21:52 - 2018-10-20 21:52 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2018-10-20 21:08 - 2018-10-20 21:08 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsigna2089c0b2bb9a5be 2018-10-20 21:08 - 2018-10-20 21:08 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign510d79789619224c 2018-10-20 21:06 - 2018-10-20 21:06 - 000000000 ____D C:\Program Files\Windows Portable Devices 2018-10-20 21:06 - 2018-10-20 21:06 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2018-10-20 21:06 - 2018-10-20 21:06 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2018-10-20 21:06 - 2018-10-20 21:06 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2018-10-20 21:02 - 2018-04-11 06:08 - 000387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2018-10-20 21:02 - 2018-04-11 06:08 - 000032104 _____ (Microsoft Corporation) C:\Windows\system32\CameraSettingsUIHost.exe 2018-10-20 21:02 - 2018-04-11 06:02 - 000277424 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll 2018-10-20 21:02 - 2018-04-11 06:01 - 000336296 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL 2018-10-20 21:02 - 2018-04-11 06:01 - 000030112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUpFltr.sys 2018-10-20 21:02 - 2018-04-11 05:44 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\WmpDui.dll 2018-10-20 21:02 - 2018-04-11 05:40 - 001517568 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2018-10-20 21:02 - 2018-04-11 05:39 - 009137664 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2018-10-20 21:02 - 2018-04-11 05:39 - 001949184 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 001339392 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000906240 _____ (Microsoft Corporation) C:\Windows\system32\sqlceqp40.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000621056 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese40.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000437760 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\mswmdm.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000263168 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe 2018-10-20 21:02 - 2018-04-11 05:39 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\sqlceoledb40.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000196096 _____ (Microsoft Corporation) C:\Windows\system32\wmidx.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000181760 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm 2018-10-20 21:02 - 2018-04-11 05:39 - 000154624 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWiaCompat.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\sqlcecompact40.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000137216 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Renewal.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe 2018-10-20 21:02 - 2018-04-11 05:39 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wmdmps.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000086016 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm 2018-10-20 21:02 - 2018-04-11 05:39 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\mfvfw.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\wmdmlog.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe 2018-10-20 21:02 - 2018-04-11 05:39 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL 2018-10-20 21:02 - 2018-04-11 05:39 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2018-10-20 21:02 - 2018-04-11 05:39 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\wmerror.dll 2018-10-20 21:02 - 2018-04-11 05:39 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\asferror.dll 2018-10-20 21:02 - 2018-04-11 05:00 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb 2018-10-20 21:02 - 2018-04-11 05:00 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb 2018-10-20 21:02 - 2018-04-11 04:20 - 000254680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL 2018-10-20 21:02 - 2018-04-11 04:20 - 000251096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll 2018-10-20 21:02 - 2018-04-11 04:20 - 000153976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll 2018-10-20 21:02 - 2018-04-11 04:20 - 000029464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraSettingsUIHost.exe 2018-10-20 21:02 - 2018-04-11 04:12 - 000286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WmpDui.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 009137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2018-10-20 21:02 - 2018-04-11 04:08 - 001896960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 001195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000839168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000730624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlceqp40.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000527360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese40.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswmdm.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unregmp2.exe 2018-10-20 21:02 - 2018-04-11 04:08 - 000190464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codecp.acm 2018-10-20 21:02 - 2018-04-11 04:08 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidx.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe 2018-10-20 21:02 - 2018-04-11 04:08 - 000069632 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm 2018-10-20 21:02 - 2018-04-11 04:08 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe 2018-10-20 21:02 - 2018-04-11 04:08 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmerror.dll 2018-10-20 21:02 - 2018-04-11 04:08 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asferror.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlceoledb40.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWiaCompat.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcecompact40.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmps.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvfw.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdmlog.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LAPRXY.DLL 2018-10-20 21:02 - 2018-04-11 04:07 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2018-10-20 21:02 - 2018-04-11 04:07 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2018-10-20 21:02 - 2018-04-11 04:07 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2018-10-20 21:02 - 2018-04-11 03:31 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.tlb 2018-10-20 21:02 - 2018-04-11 03:31 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amcompat.tlb 2018-10-20 21:02 - 2018-04-10 20:48 - 000095104 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2018-10-20 21:02 - 2018-04-10 20:47 - 002195728 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2018-10-20 21:02 - 2018-04-10 20:47 - 000202064 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2018-10-20 21:02 - 2018-04-10 20:47 - 000111632 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2018-10-20 21:02 - 2018-04-10 20:43 - 000736624 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2018-10-20 21:02 - 2018-04-10 20:43 - 000519128 _____ (Microsoft Corporation) C:\Windows\system32\DMRServer.dll 2018-10-20 21:02 - 2018-04-10 20:42 - 000335824 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2018-10-20 21:02 - 2018-04-10 20:41 - 000049688 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2018-10-20 21:02 - 2018-04-10 20:40 - 002085704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2018-10-20 21:02 - 2018-04-10 20:40 - 000102824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2018-10-20 21:02 - 2018-04-10 20:40 - 000084752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2018-10-20 21:02 - 2018-04-10 20:39 - 000741232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2018-10-20 21:02 - 2018-04-10 20:39 - 000356480 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2018-10-20 21:02 - 2018-04-10 20:39 - 000237160 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2018-10-20 21:02 - 2018-04-10 20:39 - 000236656 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2018-10-20 21:02 - 2018-04-10 20:38 - 000187032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2018-10-20 21:02 - 2018-04-10 20:38 - 000114704 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2018-10-20 21:02 - 2018-04-10 20:37 - 000549112 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll 2018-10-20 21:02 - 2018-04-10 20:37 - 000137416 _____ (Microsoft Corporation) C:\Windows\system32\mfAACEnc.dll 2018-10-20 21:02 - 2018-04-10 20:36 - 000124576 _____ (Microsoft Corporation) C:\Windows\system32\mfaudiocnv.dll 2018-10-20 21:02 - 2018-04-10 20:35 - 001227784 _____ (Microsoft Corporation) C:\Windows\system32\mfperfhelper.dll 2018-10-20 21:02 - 2018-04-10 20:35 - 000472688 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll 2018-10-20 21:02 - 2018-04-10 20:34 - 000041392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2018-10-20 21:02 - 2018-04-10 20:32 - 000691616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2018-10-20 21:02 - 2018-04-10 20:29 - 000267072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2018-10-20 21:02 - 2018-04-10 20:29 - 000266568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2018-10-20 21:02 - 2018-04-10 20:28 - 000272272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2018-10-20 21:02 - 2018-04-10 20:27 - 000389496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll 2018-10-20 21:02 - 2018-04-10 20:27 - 000346096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2018-10-20 21:02 - 2018-04-10 20:26 - 001079000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfperfhelper.dll 2018-10-20 21:02 - 2018-04-10 20:25 - 000682400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2018-10-20 21:02 - 2018-04-10 20:25 - 000114704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfAACEnc.dll 2018-10-20 21:02 - 2018-04-10 20:25 - 000097664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2018-10-20 21:02 - 2018-04-10 20:24 - 000333696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll 2018-10-20 21:02 - 2018-04-10 20:23 - 000096640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfaudiocnv.dll 2018-10-20 21:02 - 2018-04-10 20:12 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMmRes.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfdvdec.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSOpusDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAlacEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAlacDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAMRNBSink.dll 2018-10-20 21:02 - 2018-04-10 20:11 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmcodecdspps.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2018-10-20 21:02 - 2018-04-10 20:10 - 000387072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2018-10-20 21:02 - 2018-04-10 20:10 - 000336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000183808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmvdspa.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.ps.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh263enc.dll 2018-10-20 21:02 - 2018-04-10 20:10 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\CoreMmRes.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 001050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2018-10-20 21:02 - 2018-04-10 20:09 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2018-10-20 21:02 - 2018-04-10 20:09 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAMRNBDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\MSAlacEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\MSAlacDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2018-10-20 21:02 - 2018-04-10 20:09 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\MSAMRNBSink.dll 2018-10-20 21:02 - 2018-04-10 20:09 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\wmcodecdspps.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000633856 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2018-10-20 21:02 - 2018-04-10 20:08 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2018-10-20 21:02 - 2018-04-10 20:08 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\wmvdspa.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAMRNBEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\MSOpusDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\mfdvdec.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAMRNBSource.dll 2018-10-20 21:02 - 2018-04-10 20:08 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\mfh263enc.dll 2018-10-20 21:02 - 2018-04-10 20:07 - 001056256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll 2018-10-20 21:02 - 2018-04-10 20:07 - 000431104 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2018-10-20 21:02 - 2018-04-10 20:07 - 000421888 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:07 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2018-10-20 21:02 - 2018-04-10 20:06 - 001244672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2018-10-20 21:02 - 2018-04-10 20:06 - 000241664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll 2018-10-20 21:02 - 2018-04-10 20:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2018-10-20 21:02 - 2018-04-10 20:05 - 001371648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll 2018-10-20 21:02 - 2018-04-10 20:05 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll 2018-10-20 21:02 - 2018-04-10 20:05 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\MSAMRNBDecoder.dll 2018-10-20 21:02 - 2018-04-10 20:05 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\MSAMRNBSource.dll 2018-10-20 21:02 - 2018-04-10 20:04 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll 2018-10-20 21:02 - 2018-04-10 20:04 - 000207872 _____ (Microsoft Corporation) C:\Windows\system32\MSAMRNBEncoder.dll 2018-10-20 21:02 - 2018-04-10 20:02 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll 2018-10-20 21:02 - 2018-04-10 20:02 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL 2018-10-20 21:02 - 2018-01-22 17:15 - 004171264 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll 2018-10-20 21:02 - 2017-10-29 17:03 - 000316640 _____ C:\Windows\WMSysPr9.prx 2018-10-20 20:54 - 2018-10-20 20:54 - 000003596 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DSKVSP2-Didista 2018-10-17 22:03 - 2018-10-17 22:03 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign972041f8865f69bb 2018-10-17 22:03 - 2018-10-17 22:03 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign7edd8a4c6d97542a 2018-10-17 22:01 - 2018-10-17 22:01 - 000001271 _____ C:\Users\Didista\Desktop\Adobe After Effects CC 2017.lnk 2018-10-17 22:01 - 2018-10-17 22:01 - 000000000 ____D C:\Users\Didista\Documents\Adobe 2018-10-17 22:01 - 2018-10-17 22:01 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsignec509007fc6c8e36 2018-10-17 22:01 - 2018-10-17 22:01 - 000000000 ____D C:\Users\Didista\AppData\Local\Tempzxpsign0cc030757ef39a74 2018-10-17 22:00 - 2018-10-17 22:00 - 000001271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2017.lnk 2018-10-17 21:58 - 2018-10-17 22:00 - 000000000 ____D C:\Program Files\Common Files\Adobe 2018-10-17 21:58 - 2018-10-17 22:00 - 000000000 ____D C:\Program Files\Adobe 2018-10-17 21:57 - 2018-10-28 20:06 - 000000000 ____D C:\Program Files (x86)\Adobe 2018-10-17 21:49 - 2018-10-17 21:49 - 000000000 ____D C:\Users\Didista\AppData\Local\PeerDistRepub 2018-10-17 21:36 - 2018-10-28 21:46 - 000000000 ____D C:\Users\Didista\AppData\Local\Adobe 2018-10-17 21:36 - 2018-10-28 20:06 - 000000000 ____D C:\ProgramData\Adobe 2018-10-17 21:36 - 2018-10-17 21:36 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Macromedia 2018-10-17 21:16 - 2018-11-15 21:27 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture 2018-10-17 21:15 - 2018-10-21 19:36 - 000000000 ____D C:\Program Files\DIFX 2018-10-17 21:15 - 2018-10-17 21:15 - 000003628 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher 2018-10-17 21:15 - 2018-10-17 21:15 - 000000000 ____D C:\Program Files (x86)\ASUS 2018-10-16 22:01 - 2018-10-16 22:01 - 000000000 ____D C:\Users\Didista\AppData\Local\ChaosGroup 2018-10-16 21:56 - 2018-10-16 21:57 - 000000000 ____D C:\Program Files\Common Files\ChaosGroup 2018-10-16 21:56 - 2018-10-16 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group 2018-10-16 21:56 - 2018-10-16 21:56 - 000000000 ____D C:\Program Files\Chaos Group 2018-10-16 21:34 - 2018-10-16 21:34 - 000001116 _____ C:\Users\Didista\Desktop\Lightscreen.lnk 2018-10-16 21:34 - 2018-10-16 21:34 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightscreen 2018-10-16 21:34 - 2018-10-16 21:34 - 000000000 ____D C:\Program Files (x86)\Lightscreen 2018-10-16 21:11 - 2018-10-16 21:11 - 000000000 ____D C:\ProgramData\boost_interprocess 2018-10-16 21:03 - 2018-10-17 22:01 - 000000000 ____D C:\Users\Didista\AppData\Local\NVIDIA 2018-10-16 21:03 - 2018-10-16 21:03 - 000000000 ____D C:\Users\Didista\AppData\Local\CEF 2018-10-16 21:03 - 2018-10-16 21:03 - 000000000 ____D C:\Users\Didista\ansel 2018-10-16 21:02 - 2018-10-16 21:02 - 000007597 _____ C:\Users\Didista\AppData\Local\Resmon.ResmonCfg 2018-10-16 20:47 - 2018-10-16 20:47 - 000001441 _____ C:\Users\Public\Desktop\Autodesk Desktop App.lnk 2018-10-16 20:47 - 2018-10-16 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Backburner 2017.0 2018-10-16 20:45 - 2018-10-16 21:52 - 000002045 _____ C:\Users\Public\Desktop\3ds Max 2017.lnk 2018-10-16 20:42 - 2018-10-16 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2018-10-16 20:42 - 2018-10-16 20:42 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared 2018-10-16 20:14 - 2018-10-16 20:14 - 000000881 _____ C:\Users\Didista\Desktop\CCleaner.lnk 2018-10-16 20:11 - 2018-10-16 20:11 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update 2018-10-16 20:11 - 2018-10-16 20:11 - 000002874 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2018-10-16 20:11 - 2018-10-16 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2018-10-16 20:11 - 2018-10-16 20:11 - 000000000 ____D C:\Program Files\CCleaner 2018-10-16 20:05 - 2018-10-16 20:09 - 000000000 ____D C:\ProgramData\Packages 2018-10-16 19:53 - 2018-10-16 19:53 - 000000000 ____D C:\Windows\Firmware 2018-10-16 19:42 - 2018-11-15 22:42 - 000000000 ____D C:\Users\Didista\AppData\Roaming\BitTorrent 2018-10-16 19:42 - 2018-10-16 19:42 - 000000918 _____ C:\Users\Didista\Desktop\BitTorrent.lnk 2018-10-16 19:22 - 2018-11-13 21:48 - 000000000 ____D C:\Windows\system32\MRT 2018-10-16 19:22 - 2018-11-13 21:47 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-10-16 19:19 - 2018-09-21 11:23 - 000257848 _____ (Microsoft Corporation) C:\Windows\system32\AppVFileSystemMetadata.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 001786168 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 001626936 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 001422648 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 001038136 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000954368 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000830264 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000825144 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000749880 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000670008 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000652288 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000495416 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000399672 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe 2018-10-16 19:19 - 2018-09-21 11:21 - 000228152 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamMap.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll 2018-10-16 19:19 - 2018-09-21 11:21 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\AppVDllSurrogate.exe 2018-10-16 19:19 - 2018-09-21 11:21 - 000173056 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe 2018-10-16 19:19 - 2018-09-21 11:21 - 000034304 _____ C:\Windows\system32\SyncAppvPublishingServer.exe 2018-10-16 19:19 - 2018-09-21 06:13 - 000480568 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll 2018-10-16 19:19 - 2018-09-21 06:09 - 002253696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-10-16 19:19 - 2018-09-21 06:09 - 001427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll 2018-10-16 19:19 - 2018-09-21 06:08 - 002765344 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-10-16 19:19 - 2018-09-21 06:08 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll 2018-10-16 19:19 - 2018-09-21 06:07 - 000604664 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe 2018-10-16 19:19 - 2018-09-21 05:57 - 002900992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2018-10-16 19:19 - 2018-09-21 05:56 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll 2018-10-16 19:19 - 2018-09-21 05:53 - 001006080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2018-10-16 19:19 - 2018-09-21 05:43 - 001627136 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2018-10-16 19:19 - 2018-09-21 05:39 - 003320320 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2018-10-16 19:19 - 2018-09-21 05:37 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll 2018-10-16 19:19 - 2018-09-21 05:36 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll 2018-10-16 19:19 - 2018-09-20 11:37 - 001634944 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll 2018-10-16 19:19 - 2018-09-20 11:17 - 002874368 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2018-10-16 19:19 - 2018-09-20 11:17 - 001856000 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2018-10-16 19:19 - 2018-09-20 10:46 - 001454440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll 2018-10-16 19:19 - 2018-09-20 10:29 - 002824704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2018-10-16 19:19 - 2018-09-20 10:29 - 001586176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2018-10-16 19:19 - 2018-09-20 06:29 - 001989232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2018-10-16 19:19 - 2018-09-20 06:29 - 001513032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2018-10-16 19:19 - 2018-09-20 06:29 - 000357056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2018-10-16 19:19 - 2018-09-20 06:10 - 000500536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-10-16 19:19 - 2018-09-20 06:09 - 002462888 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2018-10-16 19:19 - 2018-09-20 06:09 - 002421248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2018-10-16 19:19 - 2018-09-20 06:09 - 001767096 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2018-10-16 19:19 - 2018-09-20 06:09 - 001540096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll 2018-10-16 19:19 - 2018-09-20 06:08 - 004191232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-10-16 19:19 - 2018-09-20 05:40 - 003090432 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2018-10-16 19:19 - 2018-09-20 05:38 - 001724416 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll 2018-10-16 19:19 - 2018-09-20 05:38 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll 2018-10-16 19:19 - 2018-09-20 05:37 - 004615680 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-10-16 19:19 - 2018-09-08 10:12 - 000452112 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 002868536 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2018-10-16 19:19 - 2018-09-08 10:07 - 001610552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000792376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000689464 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000612360 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000309560 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2018-10-16 19:19 - 2018-09-08 10:07 - 000144696 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-10-16 19:19 - 2018-09-08 10:07 - 000069944 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll 2018-10-16 19:19 - 2018-09-08 10:02 - 000645112 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-10-16 19:19 - 2018-09-08 10:02 - 000540984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2018-10-16 19:19 - 2018-09-08 09:57 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2018-10-16 19:19 - 2018-09-08 09:42 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2018-10-16 19:19 - 2018-09-08 09:42 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll 2018-10-16 19:19 - 2018-09-08 09:40 - 001724928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2018-10-16 19:19 - 2018-09-08 09:40 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2018-10-16 19:19 - 2018-09-08 09:40 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2018-10-16 19:19 - 2018-09-08 09:40 - 000522240 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2018-10-16 19:19 - 2018-09-08 09:40 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl 2018-10-16 19:19 - 2018-09-08 09:39 - 005505024 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll 2018-10-16 19:19 - 2018-09-08 09:39 - 002052096 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll 2018-10-16 19:19 - 2018-09-08 09:39 - 001787904 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll 2018-10-16 19:19 - 2018-09-08 09:39 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll 2018-10-16 19:19 - 2018-09-08 09:38 - 001288192 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll 2018-10-16 19:19 - 2018-09-08 09:38 - 001004544 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2018-10-16 19:19 - 2018-09-08 09:38 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2018-10-16 19:19 - 2018-09-08 09:38 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2018-10-16 19:19 - 2018-09-08 09:37 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2018-10-16 19:19 - 2018-09-08 09:16 - 000482080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-10-16 19:19 - 2018-09-08 09:13 - 000181288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll 2018-10-16 19:19 - 2018-09-08 09:03 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdBth.dll 2018-10-16 19:19 - 2018-09-08 09:02 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll 2018-10-16 19:19 - 2018-09-08 09:00 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2018-10-16 19:19 - 2018-09-08 08:59 - 001530368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2018-10-16 19:19 - 2018-09-08 08:59 - 001452544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll 2018-10-16 19:19 - 2018-09-08 08:59 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll 2018-10-16 19:19 - 2018-09-08 08:59 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll 2018-10-16 19:19 - 2018-09-08 08:58 - 001308672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll 2018-10-16 19:19 - 2018-09-08 08:58 - 000775680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2018-10-16 19:19 - 2018-09-08 08:57 - 005391360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll 2018-10-16 19:19 - 2018-09-08 08:57 - 000625664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2018-10-16 19:19 - 2018-09-08 08:57 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2018-10-16 19:19 - 2018-09-08 08:57 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl 2018-10-16 19:19 - 2018-09-08 08:56 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe 2018-10-16 19:19 - 2018-09-08 06:08 - 000462880 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2018-10-16 19:19 - 2018-09-08 05:59 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2018-10-16 19:19 - 2018-09-08 05:59 - 000361544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2018-10-16 19:19 - 2018-09-08 05:58 - 000744976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2018-10-16 19:19 - 2018-09-08 05:58 - 000376120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2018-10-16 19:19 - 2018-09-08 05:57 - 001016984 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2018-10-16 19:19 - 2018-09-08 05:57 - 000930616 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2018-10-16 19:19 - 2018-09-08 05:57 - 000482384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll 2018-10-16 19:19 - 2018-09-08 05:57 - 000368448 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2018-10-16 19:19 - 2018-09-08 05:51 - 000380728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll 2018-10-16 19:19 - 2018-09-08 05:45 - 000286824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2018-10-16 19:19 - 2018-09-08 05:44 - 000829752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2018-10-16 19:19 - 2018-09-08 05:43 - 001174448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2018-10-16 19:19 - 2018-09-08 05:43 - 000269104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2018-10-16 19:19 - 2018-09-08 05:30 - 003601920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll 2018-10-16 19:19 - 2018-09-08 05:30 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll 2018-10-16 19:19 - 2018-09-08 05:29 - 004771840 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll 2018-10-16 19:19 - 2018-09-08 05:29 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2018-10-16 19:19 - 2018-09-08 05:29 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll 2018-10-16 19:19 - 2018-09-08 05:29 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll 2018-10-16 19:19 - 2018-09-08 05:29 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll 2018-10-16 19:19 - 2018-09-08 05:28 - 000481280 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll 2018-10-16 19:19 - 2018-09-08 05:27 - 003348992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2018-10-16 19:19 - 2018-09-08 05:27 - 000983040 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll 2018-10-16 19:19 - 2018-09-08 05:27 - 000596992 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll 2018-10-16 19:19 - 2018-09-08 05:27 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\winipcfile.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 002328064 _____ (Microsoft Corporation) C:\Windows\system32\winmsipc.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000814592 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000784896 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcfile.dll 2018-10-16 19:19 - 2018-09-08 05:26 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll 2018-10-16 19:19 - 2018-09-08 05:25 - 003553792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll 2018-10-16 19:19 - 2018-09-08 05:25 - 002789376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2018-10-16 19:19 - 2018-09-08 05:25 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\winipcsecproc.dll 2018-10-16 19:19 - 2018-09-08 05:25 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2018-10-16 19:19 - 2018-09-08 05:24 - 001457664 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2018-10-16 19:19 - 2018-09-08 05:24 - 000899072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-10-16 19:19 - 2018-09-08 05:24 - 000845824 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2018-10-16 19:19 - 2018-09-08 05:24 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\das.dll 2018-10-16 19:19 - 2018-09-08 05:23 - 001655296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmsipc.dll 2018-10-16 19:19 - 2018-09-08 05:23 - 000807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipcsecproc.dll 2018-10-16 19:19 - 2018-09-08 05:23 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll 2018-10-16 19:19 - 2018-09-08 05:22 - 000778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-10-16 19:19 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2018-10-16 19:19 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2018-10-16 19:19 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll 2018-10-16 19:19 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-10-16 19:19 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2018-10-16 19:19 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-10-16 19:19 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll 2018-10-16 19:19 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2018-10-16 19:19 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2018-10-16 19:19 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll 2018-10-16 19:19 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-10-16 19:19 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2018-10-16 19:19 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll 2018-10-16 19:19 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2018-10-16 19:19 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2018-10-16 19:19 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll 2018-10-16 19:19 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2018-10-16 19:19 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2018-10-16 19:19 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll 2018-10-16 19:19 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll 2018-10-16 19:19 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2018-10-16 19:19 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2018-10-16 19:19 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2018-10-16 19:19 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll 2018-10-16 19:19 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll 2018-10-16 19:19 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe 2018-10-16 19:19 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2018-10-16 19:19 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2018-10-16 19:19 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2018-10-16 19:19 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-10-16 19:19 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll 2018-10-16 19:19 - 2018-08-09 11:09 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\PackageInspector.exe 2018-10-16 19:19 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollUI.dll 2018-10-16 19:19 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-10-16 19:19 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certreq.exe 2018-10-16 19:19 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2018-10-16 19:19 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2018-10-16 19:19 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll 2018-10-16 19:19 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll 2018-10-16 19:19 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys 2018-10-16 19:19 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2018-10-16 19:19 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll 2018-10-16 19:19 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2018-10-16 19:19 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\Windows\system32\cryptxml.dll 2018-10-16 19:19 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll 2018-10-16 19:19 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptxml.dll 2018-10-16 19:19 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\eShims.dll 2018-10-16 19:19 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2018-10-16 19:19 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll 2018-10-16 19:19 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2018-10-16 19:19 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\TtlsAuth.dll 2018-10-16 19:19 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\certca.dll 2018-10-16 19:19 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-10-16 19:19 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll 2018-10-16 19:19 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll 2018-10-16 19:19 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2018-10-16 19:19 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2018-10-16 19:19 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-10-16 19:19 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2018-10-16 19:19 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certca.dll 2018-10-16 19:19 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-10-16 19:19 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TtlsAuth.dll 2018-10-16 19:19 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll 2018-10-16 19:19 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll 2018-10-16 19:19 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2018-10-16 19:19 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-10-16 19:19 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll 2018-10-16 19:19 - 2018-08-03 10:24 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2018-10-16 19:19 - 2018-08-03 10:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2018-10-16 19:19 - 2018-08-03 10:20 - 004049408 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2018-10-16 19:19 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2018-10-16 19:19 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2018-10-16 19:19 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2018-10-16 19:19 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2018-10-16 19:19 - 2018-08-03 05:47 - 000128920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys 2018-10-16 19:19 - 2018-08-03 05:41 - 000061736 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll 2018-10-16 19:19 - 2018-08-03 05:40 - 000566568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2018-10-16 19:19 - 2018-08-03 05:40 - 000228136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ucx01000.sys 2018-10-16 19:19 - 2018-08-03 05:40 - 000072800 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll 2018-10-16 19:19 - 2018-08-03 05:39 - 000692240 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2018-10-16 19:19 - 2018-08-03 05:39 - 000114080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys 2018-10-16 19:19 - 2018-08-03 05:39 - 000075160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys 2018-10-16 19:19 - 2018-08-03 05:39 - 000031648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys 2018-10-16 19:19 - 2018-08-03 05:38 - 001285536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2018-10-16 19:19 - 2018-08-03 05:38 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\vertdll.dll 2018-10-16 19:19 - 2018-08-03 05:38 - 000115640 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll 2018-10-16 19:19 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll 2018-10-16 19:19 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2018-10-16 19:19 - 2018-08-03 05:14 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\WaaSAssessment.dll 2018-10-16 19:19 - 2018-08-03 05:12 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2018-10-16 19:19 - 2018-08-03 05:09 - 001932288 _____ (Microsoft Corporation) C:\Windows\system32\edgeangle.dll 2018-10-16 19:19 - 2018-08-03 05:08 - 000776192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-10-16 19:19 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-10-16 19:19 - 2018-07-15 03:00 - 000183736 _____ (Microsoft Corporation) C:\Windows\system32\mavinject.exe 2018-10-16 19:19 - 2018-07-15 02:58 - 000094112 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2018-10-16 19:19 - 2018-07-15 02:42 - 008624128 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2018-10-16 19:19 - 2018-07-15 02:42 - 004708864 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll 2018-10-16 19:19 - 2018-07-15 02:41 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll 2018-10-16 19:19 - 2018-07-15 02:39 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2018-10-16 19:19 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2018-10-16 19:19 - 2018-07-14 06:23 - 000760888 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe 2018-10-16 19:19 - 2018-07-14 06:22 - 000510392 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll 2018-10-16 19:19 - 2018-07-14 06:19 - 000981920 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll 2018-10-16 19:19 - 2018-07-14 06:19 - 000636944 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2018-10-16 19:19 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll 2018-10-16 19:19 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll 2018-10-16 19:19 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2018-10-16 19:19 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 002697216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Controls.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Controls.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll 2018-10-16 19:19 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys 2018-10-16 19:19 - 2018-07-14 05:55 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\datamarketsvc.dll 2018-10-16 19:19 - 2018-07-14 05:55 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe 2018-10-16 19:19 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\PushToInstall.dll 2018-10-16 19:19 - 2018-07-14 05:54 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000681984 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000450560 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreCommonProxyStub.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2018-10-16 19:19 - 2018-07-14 05:53 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll 2018-10-16 19:19 - 2018-07-14 05:52 - 000972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2018-10-16 19:19 - 2018-07-14 05:52 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll 2018-10-16 19:19 - 2018-07-14 05:52 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll 2018-10-16 19:19 - 2018-07-14 05:52 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll 2018-10-16 19:19 - 2018-07-14 05:51 - 003376640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll 2018-10-16 19:19 - 2018-07-14 05:51 - 001304064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2018-10-16 19:19 - 2018-07-14 05:51 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 001773056 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 000949760 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 000884224 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll 2018-10-16 19:19 - 2018-07-14 05:50 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll 2018-10-16 19:19 - 2018-07-06 16:17 - 003932672 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2018-10-16 19:19 - 2018-07-06 15:53 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2018-10-16 19:19 - 2018-07-06 15:53 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll 2018-10-16 19:19 - 2018-07-06 15:53 - 000386048 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2018-10-16 19:19 - 2018-07-06 14:06 - 003611368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2018-10-16 19:19 - 2018-07-06 13:53 - 000565248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2018-10-16 19:19 - 2018-07-06 09:27 - 000057440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.ShellCommon.Broker.dll 2018-10-16 19:19 - 2018-07-06 09:26 - 000766608 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2018-10-16 19:19 - 2018-07-06 09:25 - 000335776 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll 2018-10-16 19:19 - 2018-07-06 09:14 - 000573904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2018-10-16 19:19 - 2018-07-06 08:59 - 001153536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll 2018-10-16 19:19 - 2018-07-06 08:59 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\NmaDirect.dll 2018-10-16 19:19 - 2018-07-06 08:59 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\tokenbinding.dll 2018-10-16 19:19 - 2018-07-06 08:58 - 000670720 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll 2018-10-16 19:19 - 2018-07-06 08:58 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\CredProv2faHelper.dll 2018-10-16 19:19 - 2018-07-06 08:58 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tokenbinding.dll 2018-10-16 19:19 - 2018-07-06 08:57 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll 2018-10-16 19:19 - 2018-07-06 08:57 - 000676864 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Devices.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 001817600 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 001567744 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll 2018-10-16 19:19 - 2018-07-06 08:56 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProv2faHelper.dll 2018-10-16 19:19 - 2018-07-06 08:54 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll 2018-10-16 19:19 - 2018-07-06 08:54 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll 2018-10-16 19:19 - 2018-07-06 08:54 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll 2018-10-16 19:19 - 2018-06-15 19:55 - 000542888 _____ C:\Windows\system32\FaceProcessorCore.dll 2018-10-16 19:19 - 2018-06-15 19:48 - 000338352 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll 2018-10-16 19:19 - 2018-06-15 19:33 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys 2018-10-16 19:19 - 2018-06-15 19:32 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll 2018-10-16 19:19 - 2018-06-15 19:32 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\AcLayers.dll 2018-10-16 19:19 - 2018-06-15 19:32 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe 2018-10-16 19:19 - 2018-06-15 19:31 - 002193920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll 2018-10-16 19:19 - 2018-06-15 19:31 - 000907776 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe 2018-10-16 19:19 - 2018-06-15 19:30 - 001308672 _____ C:\Windows\system32\FaceProcessor.dll 2018-10-16 19:19 - 2018-06-15 19:30 - 001186816 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll 2018-10-16 19:19 - 2018-06-15 19:30 - 001127936 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe 2018-10-16 19:19 - 2018-06-15 19:30 - 001054720 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2018-10-16 19:19 - 2018-06-15 19:29 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2018-10-16 19:19 - 2018-06-15 19:29 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2018-10-16 19:19 - 2018-06-15 19:29 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSoftwareInstallationClient.dll 2018-10-16 19:19 - 2018-06-15 19:00 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll 2018-10-16 19:19 - 2018-06-15 17:04 - 000851968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe 2018-10-16 19:19 - 2018-06-15 17:04 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcLayers.dll 2018-10-16 19:19 - 2018-06-15 17:03 - 000831488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe 2018-10-16 19:19 - 2018-06-15 17:02 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2018-10-16 19:19 - 2018-06-15 09:03 - 000083360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2018-10-16 19:19 - 2018-06-15 07:21 - 001213368 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe 2018-10-16 19:19 - 2018-06-15 07:19 - 000116632 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe 2018-10-16 19:19 - 2018-06-15 07:19 - 000093600 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll 2018-10-16 19:19 - 2018-06-15 07:18 - 000228768 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll 2018-10-16 19:19 - 2018-06-15 07:13 - 000324000 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-10-16 19:19 - 2018-06-15 07:12 - 000118872 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2018-10-16 19:19 - 2018-06-15 07:10 - 000326024 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll 2018-10-16 19:19 - 2018-06-15 07:09 - 002546592 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll 2018-10-16 19:19 - 2018-06-15 07:09 - 001798552 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2018-10-16 19:19 - 2018-06-15 07:09 - 001659296 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll 2018-10-16 19:19 - 2018-06-15 07:08 - 001921944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys 2018-10-16 19:19 - 2018-06-15 07:08 - 000945568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys 2018-10-16 19:19 - 2018-06-15 07:08 - 000898760 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2018-10-16 19:19 - 2018-06-15 07:08 - 000642088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll 2018-10-16 19:19 - 2018-06-15 07:08 - 000072768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys 2018-10-16 19:19 - 2018-06-15 07:04 - 001462824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2018-10-16 19:19 - 2018-06-15 07:04 - 001251736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll 2018-10-16 19:19 - 2018-06-15 07:04 - 000719552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2018-10-16 19:19 - 2018-06-15 07:04 - 000281080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExecModelClient.dll 2018-10-16 19:19 - 2018-06-15 07:04 - 000105376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2018-10-16 19:19 - 2018-06-15 06:48 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll 2018-10-16 19:19 - 2018-06-15 06:47 - 000515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2018-10-16 19:19 - 2018-06-15 06:46 - 001356800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll 2018-10-16 19:19 - 2018-06-15 06:46 - 000593408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll 2018-10-16 19:19 - 2018-06-15 06:46 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll 2018-10-16 19:19 - 2018-06-15 06:46 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2018-10-16 19:19 - 2018-06-15 06:45 - 002548736 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe 2018-10-16 19:19 - 2018-06-15 06:45 - 000871424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe 2018-10-16 19:19 - 2018-06-15 06:45 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll 2018-10-16 19:19 - 2018-06-15 06:44 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys 2018-10-16 19:19 - 2018-06-15 06:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 001110528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 000675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\VideoHandlers.dll 2018-10-16 19:19 - 2018-06-15 06:43 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe 2018-10-16 19:19 - 2018-06-15 06:42 - 000431104 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll 2018-10-16 19:19 - 2018-06-15 06:42 - 000386048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll 2018-10-16 19:19 - 2018-06-15 06:42 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2018-10-16 19:19 - 2018-06-15 06:42 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2018-10-16 19:19 - 2018-06-15 06:42 - 000102400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll 2018-10-16 19:19 - 2018-06-15 06:41 - 001724928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll 2018-10-16 19:19 - 2018-06-15 06:41 - 000953856 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe 2018-10-16 19:19 - 2018-06-15 06:41 - 000811520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll 2018-10-16 19:19 - 2018-06-15 06:41 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll 2018-10-16 19:19 - 2018-06-15 06:40 - 001487360 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll 2018-10-16 19:19 - 2018-06-15 06:40 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll 2018-10-16 19:19 - 2018-06-15 06:40 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll 2018-10-16 19:19 - 2018-06-15 06:40 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll 2018-10-16 19:19 - 2018-06-15 06:38 - 001581568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll 2018-10-16 19:19 - 2018-06-15 06:38 - 000910848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll 2018-10-16 19:19 - 2018-06-15 06:37 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2018-10-16 19:19 - 2018-06-15 06:36 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys 2018-10-16 19:19 - 2018-06-08 21:07 - 000506184 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe 2018-10-16 19:19 - 2018-06-08 21:07 - 000040864 _____ (Microsoft Corporation) C:\Windows\system32\AppVClientPS.dll 2018-10-16 19:19 - 2018-06-08 21:07 - 000019872 _____ (Microsoft Corporation) C:\Windows\system32\AppVTerminator.dll 2018-10-16 19:19 - 2018-06-08 21:02 - 000661160 _____ (Microsoft Corporation) C:\Windows\system32\GenValObj.exe 2018-10-16 19:19 - 2018-06-08 21:01 - 001046944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2018-10-16 19:19 - 2018-06-08 20:47 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2018-10-16 19:19 - 2018-06-08 20:45 - 000808960 _____ C:\Windows\system32\MBR2GPT.EXE 2018-10-16 19:19 - 2018-06-08 20:44 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll 2018-10-16 19:19 - 2018-06-08 20:43 - 003640832 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2018-10-16 19:19 - 2018-06-08 20:43 - 002922496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2018-10-16 19:19 - 2018-06-08 20:43 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll 2018-10-16 19:19 - 2018-06-08 20:43 - 001659904 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2018-10-16 19:19 - 2018-06-08 20:43 - 001543680 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2018-10-16 19:19 - 2018-06-08 20:42 - 003999232 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2018-10-16 19:19 - 2018-06-08 20:42 - 000800256 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe 2018-10-16 19:19 - 2018-06-08 20:41 - 002019840 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll 2018-10-16 19:19 - 2018-06-08 20:41 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2018-10-16 19:19 - 2018-06-08 20:41 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll 2018-10-16 19:19 - 2018-06-08 20:40 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll 2018-10-16 19:19 - 2018-06-08 18:58 - 000917408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2018-10-16 19:19 - 2018-06-08 18:47 - 003492864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll 2018-10-16 19:19 - 2018-06-08 18:47 - 001462784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll 2018-10-16 19:19 - 2018-06-08 18:47 - 001032704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2018-10-16 19:19 - 2018-06-08 18:47 - 000231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll 2018-10-16 19:19 - 2018-06-08 18:46 - 003444224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2018-10-16 19:19 - 2018-06-08 18:06 - 000976384 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe 2018-10-16 19:19 - 2018-06-08 18:05 - 000944640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll 2018-10-16 19:19 - 2018-06-08 16:00 - 000658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll 2018-10-16 19:19 - 2018-06-08 12:38 - 005821544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2018-10-16 19:19 - 2018-06-08 12:35 - 001613200 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll 2018-10-16 19:19 - 2018-06-08 12:35 - 000613144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2018-10-16 19:19 - 2018-06-08 12:34 - 001299056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll 2018-10-16 19:19 - 2018-06-08 12:34 - 000748512 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2018-10-16 19:19 - 2018-06-08 12:31 - 007900984 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2018-10-16 19:19 - 2018-06-08 12:31 - 000029600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys 2018-10-16 19:19 - 2018-06-08 12:30 - 000705440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2018-10-16 19:19 - 2018-06-08 11:30 - 000723360 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll 2018-10-16 19:19 - 2018-06-08 11:30 - 000527264 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe 2018-10-16 19:19 - 2018-06-08 11:30 - 000194456 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll 2018-10-16 19:19 - 2018-06-08 11:30 - 000137568 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 004970360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 001792808 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 001364184 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000678840 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000659096 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000313592 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000164768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2018-10-16 19:19 - 2018-06-08 11:29 - 000084288 _____ (Microsoft Corporation) C:\Windows\system32\LanguageOverlayUtil.dll 2018-10-16 19:19 - 2018-06-08 11:29 - 000057960 _____ (Microsoft Corporation) C:\Windows\system32\kernel.appcore.dll 2018-10-16 19:19 - 2018-06-08 11:10 - 000097176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 004469832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 001584128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 001077504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000607648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000568720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000553248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000064648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LanguageOverlayUtil.dll 2018-10-16 19:19 - 2018-06-08 11:09 - 000050208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel.appcore.dll 2018-10-16 19:19 - 2018-06-08 11:03 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys 2018-10-16 19:19 - 2018-06-08 11:01 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll 2018-10-16 19:19 - 2018-06-08 11:01 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll 2018-10-16 19:19 - 2018-06-08 11:00 - 001285120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll 2018-10-16 19:19 - 2018-06-08 11:00 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll 2018-10-16 19:19 - 2018-06-08 10:59 - 001318400 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll 2018-10-16 19:19 - 2018-06-08 10:59 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll 2018-10-16 19:19 - 2018-06-08 10:58 - 001676800 _____ (Microsoft Corporation) C:\Windows\system32\CoreShell.dll 2018-10-16 19:19 - 2018-06-08 10:58 - 000239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll 2018-10-16 19:19 - 2018-06-08 10:57 - 000483328 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 003293696 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000871424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000869376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000715776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll 2018-10-16 19:19 - 2018-06-08 10:56 - 000264704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 002061824 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 001192448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 001171968 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 000849408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 000652800 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll 2018-10-16 19:19 - 2018-06-08 10:55 - 000630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 001128448 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000950272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000593408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll 2018-10-16 19:19 - 2018-06-08 10:54 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll 2018-10-16 19:19 - 2018-06-08 10:53 - 001675264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2018-10-16 19:19 - 2018-06-08 10:53 - 000648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2018-10-16 19:19 - 2018-06-08 10:53 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll 2018-10-16 19:19 - 2018-06-06 20:57 - 003733320 _____ C:\Windows\system32\Windows.Mirage.dll 2018-10-16 19:19 - 2018-06-06 06:20 - 002841312 _____ C:\Windows\SysWOW64\Windows.Mirage.dll 2018-10-16 19:19 - 2018-05-20 21:42 - 001649760 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2018-10-16 19:19 - 2018-05-20 21:26 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll 2018-10-16 19:19 - 2018-05-20 21:23 - 000947712 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2018-10-16 19:19 - 2018-05-20 21:23 - 000899072 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2018-10-16 19:19 - 2018-05-20 21:22 - 001665024 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2018-10-16 19:19 - 2018-05-20 21:22 - 000804352 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll 2018-10-16 19:19 - 2018-05-20 20:14 - 001490144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll 2018-10-16 19:19 - 2018-05-20 20:02 - 000461312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll 2018-10-16 19:19 - 2018-05-20 20:00 - 000864768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl 2018-10-16 19:19 - 2018-05-20 19:59 - 000863232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll 2018-10-16 19:19 - 2018-05-20 19:59 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll 2018-10-16 19:19 - 2018-05-20 14:33 - 000105368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys 2018-10-16 19:19 - 2018-05-20 13:53 - 002178136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2018-10-16 19:19 - 2018-05-20 13:53 - 000131232 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll 2018-10-16 19:19 - 2018-05-20 13:53 - 000088472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys 2018-10-16 19:19 - 2018-05-20 13:52 - 000735560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2018-10-16 19:19 - 2018-05-20 13:52 - 000347704 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2018-10-16 19:19 - 2018-05-20 13:52 - 000130456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys 2018-10-16 19:19 - 2018-05-20 13:52 - 000089984 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll 2018-10-16 19:19 - 2018-05-20 13:33 - 001665920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2018-10-16 19:19 - 2018-05-20 13:33 - 000101288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll 2018-10-16 19:19 - 2018-05-20 13:32 - 000560488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2018-10-16 19:19 - 2018-05-20 13:32 - 000286200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2018-10-16 19:19 - 2018-05-20 13:31 - 001456640 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll 2018-10-16 19:19 - 2018-05-20 13:28 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\AppHostRegistrationVerifier.exe 2018-10-16 19:19 - 2018-05-20 13:26 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll 2018-10-16 19:19 - 2018-05-20 13:26 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe 2018-10-16 19:19 - 2018-05-20 13:26 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUser.dll 2018-10-16 19:19 - 2018-05-20 13:25 - 000384000 _____ (Microsoft Corporation) C:\Windows\system32\Phoneutil.dll 2018-10-16 19:19 - 2018-05-20 13:24 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll 2018-10-16 19:19 - 2018-05-20 13:23 - 000933376 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2018-10-16 19:19 - 2018-05-20 13:21 - 000960512 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll 2018-10-16 19:19 - 2018-05-20 13:21 - 000783360 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll 2018-10-16 19:19 - 2018-05-20 13:14 - 000167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtutil.exe 2018-10-16 19:19 - 2018-05-20 13:13 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll 2018-10-16 19:19 - 2018-05-20 13:12 - 000860160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll 2018-10-16 19:19 - 2018-04-28 16:23 - 000826776 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe 2018-10-16 19:19 - 2018-04-28 16:03 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\SharedPCCSP.dll 2018-10-16 19:19 - 2018-04-28 16:00 - 000695296 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2018-10-16 19:19 - 2018-04-28 15:14 - 000581120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2018-10-16 19:19 - 2018-04-28 15:12 - 001380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2018-10-16 19:19 - 2018-04-28 06:29 - 000788216 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2018-10-16 19:19 - 2018-04-28 06:29 - 000776880 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2018-10-16 19:19 - 2018-04-28 06:29 - 000494488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2018-10-16 19:19 - 2018-04-28 06:29 - 000382872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2018-10-16 19:19 - 2018-04-28 06:14 - 000434584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2018-10-16 19:19 - 2018-04-28 06:13 - 000665320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2018-10-16 19:19 - 2018-04-28 06:12 - 000606448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2018-10-16 19:19 - 2018-04-28 05:59 - 000553984 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationExtensions.dll 2018-10-16 19:19 - 2018-04-28 04:43 - 001953280 _____ C:\Windows\system32\rdpnano.dll 2018-10-16 19:18 - 2018-09-21 11:01 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2018-10-16 19:18 - 2018-09-21 10:12 - 000150016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2018-10-16 19:18 - 2018-09-21 05:54 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll 2018-10-16 19:18 - 2018-09-20 06:11 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe 2018-10-16 19:18 - 2018-09-20 06:10 - 000355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll 2018-10-16 19:18 - 2018-09-20 05:43 - 000052736 _____ C:\Windows\system32\runexehelper.exe 2018-10-16 19:18 - 2018-09-20 05:42 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll 2018-10-16 19:18 - 2018-09-20 03:28 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2018-10-16 19:18 - 2018-09-08 09:44 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll 2018-10-16 19:18 - 2018-09-08 09:43 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\SCardBi.dll 2018-10-16 19:18 - 2018-09-08 09:42 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2018-10-16 19:18 - 2018-09-08 09:42 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll 2018-10-16 19:18 - 2018-09-08 09:41 - 000258560 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll 2018-10-16 19:18 - 2018-09-08 09:40 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll 2018-10-16 19:18 - 2018-09-08 09:38 - 000986112 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2018-10-16 19:18 - 2018-09-08 08:58 - 000897536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2018-10-16 19:18 - 2018-09-08 05:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpstorport.sys 2018-10-16 19:18 - 2018-09-08 05:31 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe 2018-10-16 19:18 - 2018-09-08 05:31 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Proxy.dll 2018-10-16 19:18 - 2018-09-08 05:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys 2018-10-16 19:18 - 2018-09-08 05:30 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll 2018-10-16 19:18 - 2018-09-08 05:28 - 000153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Proxy.dll 2018-10-16 19:18 - 2018-09-08 05:27 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll 2018-10-16 19:18 - 2018-09-08 05:25 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Proximity.dll 2018-10-16 19:18 - 2018-09-08 05:23 - 000314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Proximity.dll 2018-10-16 19:18 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2018-10-16 19:18 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-10-16 19:18 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2018-10-16 19:18 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2018-10-16 19:18 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll 2018-10-16 19:18 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll 2018-10-16 19:18 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll 2018-10-16 19:18 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\TtlsExt.dll 2018-10-16 19:18 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll 2018-10-16 19:18 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll 2018-10-16 19:18 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll 2018-10-16 19:18 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollCtrl.exe 2018-10-16 19:18 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\TtlsCfg.dll 2018-10-16 19:18 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollCtrl.exe 2018-10-16 19:18 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TtlsCfg.dll 2018-10-16 19:18 - 2018-08-03 10:24 - 000046592 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2018-10-16 19:18 - 2018-08-03 10:21 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys 2018-10-16 19:18 - 2018-08-03 05:17 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys 2018-10-16 19:18 - 2018-08-03 05:16 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll 2018-10-16 19:18 - 2018-08-03 05:15 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys 2018-10-16 19:18 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll 2018-10-16 19:18 - 2018-07-15 01:31 - 000148888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mavinject.exe 2018-10-16 19:18 - 2018-07-14 06:21 - 000192920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-10-16 19:18 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll 2018-10-16 19:18 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2018-10-16 19:18 - 2018-07-14 05:56 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreCommonProxyStub.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2018-10-16 19:18 - 2018-07-14 05:55 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2018-10-16 19:18 - 2018-07-14 05:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\EasPolicyManagerBrokerPS.dll 2018-10-16 19:18 - 2018-07-06 13:53 - 000347136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll 2018-10-16 19:18 - 2018-07-06 09:01 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll 2018-10-16 19:18 - 2018-07-06 09:01 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvcProxy.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\mapstoasttask.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\MapsTelemetry.dll 2018-10-16 19:18 - 2018-07-06 09:00 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nativemap.dll 2018-10-16 19:18 - 2018-07-06 08:59 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Geolocation.dll 2018-10-16 19:18 - 2018-07-06 08:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll 2018-10-16 19:18 - 2018-07-06 08:59 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll 2018-10-16 19:18 - 2018-07-06 08:58 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll 2018-10-16 19:18 - 2018-07-06 08:58 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Cortana.dll 2018-10-16 19:18 - 2018-07-06 08:58 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll 2018-10-16 19:18 - 2018-07-06 08:57 - 000262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NmaDirect.dll 2018-10-16 19:18 - 2018-07-06 08:56 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll 2018-10-16 19:18 - 2018-07-06 08:56 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll 2018-10-16 19:18 - 2018-06-15 19:34 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\DsmUserTask.exe 2018-10-16 19:18 - 2018-06-15 19:34 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll 2018-10-16 19:18 - 2018-06-15 19:33 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManagerAPI.dll 2018-10-16 19:18 - 2018-06-15 19:33 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll 2018-10-16 19:18 - 2018-06-15 19:32 - 000406528 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CscUnpinTool.exe 2018-10-16 19:18 - 2018-06-15 19:29 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2018-10-16 19:18 - 2018-06-15 19:03 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe 2018-10-16 19:18 - 2018-06-15 17:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll 2018-10-16 19:18 - 2018-06-15 17:01 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2018-10-16 19:18 - 2018-06-15 09:10 - 000048544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys 2018-10-16 19:18 - 2018-06-15 06:47 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll 2018-10-16 19:18 - 2018-06-15 06:47 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll 2018-10-16 19:18 - 2018-06-15 06:46 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll 2018-10-16 19:18 - 2018-06-15 06:45 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2018-10-16 19:18 - 2018-06-15 06:45 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll 2018-10-16 19:18 - 2018-06-15 06:45 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandlerPS.dll 2018-10-16 19:18 - 2018-06-15 06:44 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll 2018-10-16 19:18 - 2018-06-15 06:44 - 000135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll 2018-10-16 19:18 - 2018-06-15 06:44 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll 2018-10-16 19:18 - 2018-06-15 06:44 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll 2018-10-16 19:18 - 2018-06-15 06:43 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll 2018-10-16 19:18 - 2018-06-15 06:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll 2018-10-16 19:18 - 2018-06-15 06:42 - 000978432 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll 2018-10-16 19:18 - 2018-06-15 06:42 - 000558592 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2018-10-16 19:18 - 2018-06-15 06:42 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll 2018-10-16 19:18 - 2018-06-15 06:41 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll 2018-10-16 19:18 - 2018-06-15 06:41 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll 2018-10-16 19:18 - 2018-06-08 20:46 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2018-10-16 19:18 - 2018-06-08 20:45 - 001560576 _____ (Microsoft Corporation) C:\Windows\system32\msdt.exe 2018-10-16 19:18 - 2018-06-08 20:44 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll 2018-10-16 19:18 - 2018-06-08 18:50 - 001508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdt.exe 2018-10-16 19:18 - 2018-06-08 11:03 - 000906752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.PhoneNumberFormatting.dll 2018-10-16 19:18 - 2018-06-08 11:03 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll 2018-10-16 19:18 - 2018-06-08 11:02 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll 2018-10-16 19:18 - 2018-06-08 11:02 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\edpnotify.exe 2018-10-16 19:18 - 2018-06-08 11:02 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe 2018-10-16 19:18 - 2018-06-08 11:01 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll 2018-10-16 19:18 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll 2018-10-16 19:18 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2018-10-16 19:18 - 2018-06-08 11:00 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe 2018-10-16 19:18 - 2018-06-08 11:00 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManagerClient.dll 2018-10-16 19:18 - 2018-06-08 10:59 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll 2018-10-16 19:18 - 2018-06-08 10:58 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe 2018-10-16 19:18 - 2018-06-08 10:57 - 000150016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll 2018-10-16 19:18 - 2018-06-08 10:57 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll 2018-10-16 19:18 - 2018-06-08 10:55 - 000778752 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2018-10-16 19:18 - 2018-06-01 07:18 - 000058524 _____ C:\Windows\system32\srms.dat 2018-10-16 19:18 - 2018-05-20 21:22 - 001292288 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe 2018-10-16 19:18 - 2018-05-20 21:22 - 000941056 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll 2018-10-16 19:18 - 2018-05-20 13:32 - 000077040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll 2018-10-16 19:18 - 2018-05-20 13:27 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\ApiSetHost.AppExecutionAlias.dll 2018-10-16 19:18 - 2018-05-20 13:23 - 005951488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2018-10-16 19:18 - 2018-05-20 13:21 - 001371136 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2018-10-16 19:18 - 2018-05-20 13:16 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ApiSetHost.AppExecutionAlias.dll 2018-10-16 19:18 - 2018-05-20 13:15 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll 2018-10-16 19:18 - 2018-05-20 13:13 - 004929024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll 2018-10-16 19:18 - 2018-05-20 13:11 - 001036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll 2018-10-16 19:18 - 2018-05-20 10:26 - 000018716 _____ C:\Windows\system32\srms-apr.dat 2018-10-16 19:18 - 2018-05-18 19:08 - 000018716 _____ C:\Windows\SysWOW64\srms-apr.dat 2018-10-16 19:18 - 2018-04-28 06:03 - 000585728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.rs3.dll 2018-10-16 19:18 - 2018-04-28 06:03 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.rs1.dll 2018-10-16 19:18 - 2018-04-28 06:03 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.th.dll 2018-10-16 19:18 - 2018-04-28 06:03 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.win81.dll 2018-10-16 19:18 - 2018-04-28 06:02 - 000613376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.rs4.dll 2018-10-16 19:18 - 2018-04-28 06:02 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.rs2.dll 2018-10-16 19:18 - 2018-04-28 06:02 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.win8rtm.dll 2018-10-16 19:18 - 2018-04-28 06:01 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-10-16 19:18 - 2018-04-28 06:00 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-10-16 19:18 - 2018-04-28 05:57 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-10-16 19:18 - 2018-04-28 05:55 - 001421312 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll 2018-10-16 19:18 - 2018-04-28 05:53 - 001235968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll 2018-10-16 19:18 - 2018-04-28 05:53 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-10-16 19:12 - 2018-10-16 19:11 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2018-10-16 18:04 - 2018-10-16 18:04 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2018-10-16 18:04 - 2018-10-16 18:04 - 000000000 ____D C:\Windows\PCHEALTH 2018-10-16 18:04 - 2018-10-16 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2018-10-16 18:04 - 2018-10-16 18:04 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2018-10-16 18:03 - 2018-11-15 22:18 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2018-10-16 18:03 - 2018-10-16 18:04 - 000000000 ____D C:\Program Files\Microsoft Office 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 __RHD C:\MSOCache 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 ____D C:\Windows\SHELLNEW 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 ____D C:\Users\Didista\AppData\Local\Microsoft Help 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-10-16 18:03 - 2018-10-16 18:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2018-10-16 18:01 - 2018-10-16 18:02 - 000000000 ____D C:\Users\Didista\AppData\Roaming\DAEMON Tools Lite 2018-10-16 18:01 - 2018-10-16 18:01 - 000047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys 2018-10-16 18:01 - 2018-10-16 18:01 - 000030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2018-10-16 18:01 - 2018-10-16 18:01 - 000001814 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2018-10-16 18:01 - 2018-10-16 18:01 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2018-10-16 18:01 - 2018-10-16 18:01 - 000000000 ____D C:\Users\Public\Documents\Catch! 2018-10-16 18:01 - 2018-10-16 18:01 - 000000000 ____D C:\Users\Didista\AppData\Local\Disc_Soft_Ltd 2018-10-16 18:01 - 2018-10-16 18:01 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2018-10-16 18:00 - 2018-10-16 18:01 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2018-10-16 17:59 - 2018-10-16 21:04 - 000000000 ____D C:\Users\Didista\AppData\Local\NVIDIA Corporation 2018-10-16 15:46 - 2018-10-16 12:47 - 000000000 ____D C:\Windows\Panther 2018-10-16 14:25 - 2018-10-19 18:31 - 000000000 ____D C:\Users\Didista\AppData\Local\CrashDumps 2018-10-16 14:25 - 2018-10-17 21:49 - 000000000 ____D C:\Users\Didista\AppData\Local\D3DSCache 2018-10-16 14:25 - 2018-10-16 14:25 - 000000000 ____D C:\Users\Didista\AppData\Local\DBG 2018-10-16 14:12 - 2018-10-16 20:59 - 000000000 ____D C:\Users\Didista\Autodesk 2018-10-16 14:12 - 2018-10-16 14:12 - 000000000 ____D C:\Users\Didista\AppData\Roaming\NVIDIA 2018-10-16 14:08 - 2018-10-16 14:08 - 000000000 ____D C:\ProgramData\FLEXnet 2018-10-16 13:55 - 2018-10-16 20:48 - 000000000 ____D C:\Users\Didista\AppData\Local\Autodesk 2018-10-16 13:55 - 2018-10-16 14:10 - 000000000 ____D C:\Users\Didista\Documents\Autodesk Application Manager 2018-10-16 13:53 - 2018-10-16 20:47 - 000000000 ____D C:\Program Files (x86)\Autodesk 2018-10-16 13:50 - 2018-10-16 20:58 - 000000000 ____D C:\Users\Didista\Documents\3dsMax 2018-10-16 13:50 - 2018-10-16 20:44 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared 2018-10-16 13:50 - 2018-10-16 20:44 - 000000000 ____D C:\Program Files\Autodesk 2018-10-16 13:47 - 2018-10-16 13:47 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-10-16 13:47 - 2018-10-16 13:47 - 000000000 ____D C:\Program Files\MSBuild 2018-10-16 13:47 - 2018-10-16 13:47 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2018-10-16 13:47 - 2018-10-16 13:47 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-10-16 13:47 - 2018-03-05 15:07 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2018-10-16 13:47 - 2018-03-05 15:07 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2018-10-16 13:47 - 2018-03-05 15:07 - 000035456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2018-10-16 13:47 - 2018-02-14 15:21 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2018-10-16 13:47 - 2018-02-14 15:21 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2018-10-16 13:47 - 2018-02-14 15:21 - 000035456 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2018-10-16 13:47 - 2010-06-02 03:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2018-10-16 13:47 - 2010-06-02 03:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2018-10-16 13:47 - 2010-05-26 10:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2018-10-16 13:47 - 2010-05-26 10:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2018-10-16 13:47 - 2010-05-26 10:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2018-10-16 13:47 - 2010-05-26 10:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2018-10-16 13:45 - 2018-10-16 20:48 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Autodesk 2018-10-16 13:45 - 2018-10-16 20:47 - 000000000 ____D C:\ProgramData\Autodesk 2018-10-16 13:44 - 2018-04-10 20:11 - 004164608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0002.dll 2018-10-16 13:44 - 2018-04-10 20:11 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0002.dll 2018-10-16 13:44 - 2018-04-10 20:10 - 004164608 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0002.dll 2018-10-16 13:44 - 2018-04-10 20:08 - 001866752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MLS2.dll 2018-10-16 13:44 - 2018-04-10 20:08 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll 2018-10-16 13:44 - 2018-04-10 20:02 - 001914880 _____ (Microsoft Corporation) C:\Windows\system32\MLS2.dll 2018-10-16 13:40 - 2018-10-16 20:36 - 000000000 ____D C:\Autodesk 2018-10-16 13:35 - 2018-10-16 13:35 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-10-16 13:35 - 2018-10-16 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2018-10-16 13:35 - 2018-05-21 00:35 - 002495936 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2018-10-16 13:35 - 2018-05-21 00:35 - 002163648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2018-10-16 13:35 - 2018-05-21 00:35 - 001311680 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2018-10-16 13:35 - 2010-05-26 10:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2018-10-16 13:34 - 2018-05-20 22:30 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat 2018-10-16 13:34 - 2018-05-15 03:59 - 000217960 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2018-10-16 13:34 - 2018-05-15 03:59 - 000178024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2018-10-16 13:33 - 2018-10-17 21:57 - 000000000 ____D C:\ProgramData\Package Cache 2018-10-16 13:33 - 2018-05-15 03:59 - 000067432 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2018-10-16 13:33 - 2018-04-28 07:25 - 000068112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys 2018-10-16 13:29 - 2018-10-16 13:29 - 000000000 ____D C:\Program Files (x86)\Realtek 2018-10-16 13:29 - 2018-10-16 13:29 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information 2018-10-16 13:28 - 2018-11-09 22:04 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-10-16 13:28 - 2018-10-16 13:28 - 000000000 ____D C:\Users\Didista\AppData\Roaming\WinRAR 2018-10-16 13:28 - 2018-09-06 03:18 - 005947704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2018-10-16 13:28 - 2018-09-06 03:18 - 002612616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 008330242 _____ C:\Windows\system32\nvcoproc.bin 2018-10-16 13:28 - 2018-09-06 03:17 - 001767280 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 000634248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 000450416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 000124112 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2018-10-16 13:28 - 2018-09-06 03:17 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2018-10-16 13:27 - 2018-11-15 21:30 - 000000000 ____D C:\ProgramData\NVIDIA 2018-10-16 13:27 - 2018-11-09 22:05 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-10-16 13:27 - 2018-10-16 13:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-10-16 13:27 - 2018-10-16 13:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-10-16 13:27 - 2018-10-16 13:27 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2018-10-16 13:27 - 2018-09-05 20:12 - 000001951 _____ C:\Windows\NvContainerRecovery.bat 2018-10-16 13:27 - 2018-08-03 11:22 - 000552480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2018-10-16 13:22 - 2018-10-16 13:22 - 000003260 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice 2018-10-16 13:22 - 2018-10-16 13:22 - 000003216 _____ C:\Windows\System32\Tasks\RTKCPL 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\Windows\system32\DAX3 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\Windows\system32\DAX2 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek 2018-10-16 13:22 - 2018-10-16 13:22 - 000000000 ____D C:\Program Files\Realtek 2018-10-16 13:21 - 2018-11-15 22:19 - 000002484 _____ C:\Users\Didista\Desktop\Zlatin - Chrome.lnk 2018-10-16 13:21 - 2018-10-16 13:21 - 000002440 _____ C:\Users\Didista\Desktop\Дияна - Chrome.lnk 2018-10-16 13:20 - 2018-10-16 13:20 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Google 2018-10-16 13:18 - 2018-11-15 22:18 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-10-16 13:18 - 2018-11-15 21:34 - 000838560 _____ C:\Windows\system32\PerfStringBackup.INI 2018-10-16 13:18 - 2018-10-16 13:26 - 000000000 ____D C:\Users\Didista\AppData\Local\Google 2018-10-16 13:18 - 2018-10-16 13:18 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-10-16 13:18 - 2018-10-16 13:18 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-10-16 13:18 - 2018-10-16 13:18 - 000000000 ____D C:\Program Files (x86)\Google 2018-10-16 13:16 - 2018-11-15 21:32 - 000003382 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2793308117-3191825222-1732375903-1001 2018-10-16 13:16 - 2018-10-16 13:16 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-10-16 13:16 - 2018-10-16 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-10-16 13:16 - 2018-10-16 13:16 - 000000000 ____D C:\Program Files\WinRAR 2018-10-16 13:15 - 2018-10-20 20:49 - 000000000 ____D C:\Users\Didista\AppData\Local\PlaceholderTileLogoFolder 2018-10-16 13:15 - 2018-10-16 13:15 - 000000000 ___HD C:\Users\Didista\MicrosoftEdgeBackups 2018-10-16 13:15 - 2018-10-16 13:15 - 000000000 ____D C:\Windows\system32\Intel 2018-10-16 13:07 - 2018-10-16 13:07 - 000000000 ____D C:\Users\Didista\AppData\Local\Comms 2018-10-16 12:52 - 2018-11-15 21:32 - 000000000 ___RD C:\Users\Didista\OneDrive 2018-10-16 12:52 - 2018-10-16 12:52 - 000000000 ____D C:\ProgramData\USOShared 2018-10-16 12:52 - 2018-10-16 12:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2018-10-16 12:51 - 2018-10-16 13:17 - 000000000 ____D C:\Users\Didista\AppData\Local\MicrosoftEdge 2018-10-16 12:51 - 2018-10-16 12:51 - 000001417 _____ C:\Users\Didista\Desktop\Microsoft Edge.lnk 2018-10-16 12:51 - 2018-10-16 12:51 - 000000000 ____D C:\Windows\CSC 2018-10-16 12:51 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2018-10-16 12:50 - 2018-11-15 21:32 - 000002373 _____ C:\Users\Didista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-16 12:50 - 2018-11-15 21:27 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-10-16 12:50 - 2018-11-15 21:27 - 000000000 ___RD C:\Users\Didista\3D Objects 2018-10-16 12:50 - 2018-10-28 20:06 - 000000000 ____D C:\Users\Didista\AppData\Roaming\Adobe 2018-10-16 12:50 - 2018-10-20 23:23 - 000000000 ____D C:\Users\Didista 2018-10-16 12:50 - 2018-10-19 13:04 - 000000000 ____D C:\Users\Didista\AppData\Local\Packages 2018-10-16 12:50 - 2018-10-16 17:56 - 000000000 ____D C:\Users\Didista\AppData\Local\ConnectedDevicesPlatform 2018-10-16 12:50 - 2018-10-16 12:50 - 000000020 ___SH C:\Users\Didista\ntuser.ini 2018-10-16 12:50 - 2018-10-16 12:50 - 000000000 ____D C:\Users\Didista\AppData\Local\VirtualStore 2018-10-16 12:50 - 2018-10-16 12:50 - 000000000 ____D C:\Users\Didista\AppData\Local\Publishers 2018-10-16 12:47 - 2018-11-15 21:27 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-10-16 12:47 - 2018-10-25 09:28 - 000000000 ____D C:\Windows\system32\Drivers\wd 2018-10-16 12:46 - 2018-11-15 21:27 - 004968528 _____ C:\Windows\system32\FNTCACHE.DAT 2018-10-16 12:46 - 2018-11-11 21:14 - 000000000 ____D C:\Windows\system32\SleepStudy 2018-10-16 12:46 - 2018-10-16 12:46 - 000000000 ____D C:\Windows\ServiceProfiles ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-11-15 22:39 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-11-15 22:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\GroupPolicy 2018-11-15 21:34 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF 2018-11-15 21:33 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-11-15 21:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness 2018-11-15 21:27 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\ShellExperiences 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences 2018-11-13 22:27 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr 2018-11-13 22:27 - 2018-04-11 23:04 - 000262144 _____ C:\Windows\system32\config\BBI 2018-11-05 19:34 - 2018-04-12 01:40 - 000835168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-11-05 19:34 - 2018-04-12 01:40 - 000179808 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-10-29 18:13 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports 2018-10-25 11:13 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2018-10-20 22:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2018-10-20 21:06 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\PolicyDefinitions 2018-10-17 21:22 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\appcompat 2018-10-16 20:47 - 2018-04-12 01:38 - 000017742 _____ C:\Windows\system32\Drivers\etc\services 2018-10-16 19:57 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender 2018-10-16 19:46 - 2018-04-12 18:35 - 000000000 ____D C:\Windows\Containers 2018-10-16 19:46 - 2018-04-12 18:19 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\vi-VN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ur-PK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ug-CN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\tt-RU 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\tk-TM 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\te-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ta-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\sw-KE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\sq-AL 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\si-LK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\quz-PE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\prs-AF 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\pa-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\or-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\nn-NO 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ne-NP 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mt-MT 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mr-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mn-MN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ml-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mk-MK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\lo-LA 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\lb-LU 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ky-KG 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\kok-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\kn-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\km-KH 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ka-GE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\is-IS 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\id-ID 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\hy-AM 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\gu-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\gd-GB 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\ga-IE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\fil-PH 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\fa-IR 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\cy-GB 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\bn-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\bn-BD 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\be-BY 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\as-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\am-ET 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\SysWOW64\af-ZA 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\vi-VN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ur-PK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ug-CN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\tt-RU 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\tk-TM 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\te-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\sw-KE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\sq-AL 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\quz-PE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\prs-AF 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\pa-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\or-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\nn-NO 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ne-NP 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mt-MT 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mr-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mn-MN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ml-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mk-MK 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\mi-NZ 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\lo-LA 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\lb-LU 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ky-KG 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\kok-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\kn-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\km-KH 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\kk-KZ 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ka-GE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\is-IS 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\id-ID 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\hy-AM 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\gu-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\gd-GB 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\ga-IE 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\fil-PH 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\fa-IR 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\cy-GB 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\bn-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\bn-BD 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\be-BY 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\as-IN 2018-10-16 19:46 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\system32\af-ZA 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\PrintDialog 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\setup 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\oobe 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Dism 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\ta-in 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\si-lk 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\setup 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\am-et 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Provisioning 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2018-10-16 19:46 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2018-10-16 19:46 - 2018-04-11 23:04 - 000000000 ____D C:\Windows\system32\Dism 2018-10-16 18:04 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-10-16 15:46 - 2018-04-12 01:38 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2018-10-16 13:44 - 2018-04-12 18:18 - 000000000 ____D C:\Windows\OCR 2018-10-16 13:28 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Help 2018-10-16 12:52 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate 2018-10-16 12:51 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\spool 2018-10-16 12:51 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\FxsTmp 2018-10-16 12:47 - 2018-04-11 23:04 - 000032768 _____ C:\Windows\system32\config\ELAM ==================== Files in the root of some directories ======= 2018-11-15 22:18 - 2018-11-15 22:18 - 025260414 _____ (TigerTrade ) C:\ProgramData\lzxhod.exe 2018-11-15 22:18 - 2018-11-15 22:18 - 007809024 _____ () C:\Users\Didista\AppData\Local\agent.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000070896 _____ () C:\Users\Didista\AppData\Local\Config.xml 2018-11-15 22:18 - 2018-11-15 22:17 - 001995264 _____ (TODO: <Company name>) C:\Users\Didista\AppData\Local\Doubledax.exe 2018-11-15 22:18 - 2018-11-15 22:18 - 002024475 _____ () C:\Users\Didista\AppData\Local\Doubledax.tst 2018-11-15 22:17 - 2018-11-15 22:18 - 000017664 _____ () C:\Users\Didista\AppData\Local\InstallationConfiguration.xml 2018-11-15 22:17 - 2018-11-15 22:17 - 000140800 _____ () C:\Users\Didista\AppData\Local\installer.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000018432 _____ () C:\Users\Didista\AppData\Local\Main.dat 2018-11-15 22:18 - 2018-11-15 22:18 - 000005568 _____ () C:\Users\Didista\AppData\Local\md.xml 2018-11-15 22:18 - 2018-11-15 22:18 - 000126464 _____ () C:\Users\Didista\AppData\Local\noah.dat 2018-10-22 15:04 - 2018-10-22 15:04 - 000000000 _____ () C:\Users\Didista\AppData\Local\oobelibMkey.log 2018-10-16 21:02 - 2018-10-16 21:02 - 000007597 _____ () C:\Users\Didista\AppData\Local\Resmon.ResmonCfg 2018-11-15 22:17 - 2018-11-15 22:18 - 000722944 _____ () C:\Users\Didista\AppData\Local\sham.db 2018-11-15 22:18 - 2018-11-15 22:18 - 000032038 _____ () C:\Users\Didista\AppData\Local\uninstall_temp.ico Files to move or delete: ==================== C:\Program Files (x86)\uhlkclz42dn\MXVO6R4NL5PR3EY.exe Some files in TEMP: ==================== 2018-11-15 22:20 - 2018-11-15 22:20 - 000375522 _____ ( ) C:\Users\Didista\AppData\Local\Temp\10yja3o40a5.exe 2018-11-15 22:17 - 2018-11-15 22:18 - 002741576 _____ (BitTorrent Inc.) C:\Users\Didista\AppData\Local\Temp\Office_2010_Activator_Full_Version_100_Working_Free.exe 2018-11-15 22:18 - 2018-11-15 22:18 - 000460353 _____ (ZRFXRD ) C:\Users\Didista\AppData\Local\Temp\pixel.exe 2018-11-15 22:17 - 2018-11-15 22:17 - 001995264 _____ (TODO: <Company name>) C:\Users\Didista\AppData\Local\Temp\setup.exe 2018-11-15 22:19 - 2018-11-15 22:19 - 003737869 _____ () C:\Users\Didista\AppData\Local\Temp\ybiaq.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-10-16 12:46 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.11.2018 Ran by Didista (15-11-2018 22:45:45) Running from C:\Users\Didista\Downloads Windows 10 Pro N Version 1803 17134.407 (X64) (2018-10-16 10:48:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2793308117-3191825222-1732375903-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2793308117-3191825222-1732375903-503 - Limited - Disabled) Didista (S-1-5-21-2793308117-3191825222-1732375903-1001 - Administrator - Enabled) => C:\Users\Didista Guest (S-1-5-21-2793308117-3191825222-1732375903-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2793308117-3191825222-1732375903-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated) Adobe Reader 9.4.0 Lite (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS) Autodesk 3ds Max 2017 (HKLM\...\{52B37EC7-D836-0410-0664-3C24BCED2010}) (Version: 19.1.129.0 - Autodesk) Hidden Autodesk 3ds Max 2017 (HKLM\...\Autodesk 3ds Max 2017) (Version: 19.1.129.0 - Autodesk) Autodesk 3ds Max 2017 Populate Data (HKLM\...\{2B07E17E-A072-43BD-9DCC-369B56C16698}) (Version: 19.0.0.0 - Autodesk) Autodesk 3ds Max 2017 SP1 (HKLM\...\Autodesk 3ds Max 2017 SP1) (Version: 19.1.129.0 - Autodesk) Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk) Autodesk Backburner 2017.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D780}) (Version: 17.0.0.0 - Autodesk) Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.0.45.5 - Autodesk) Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk) Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk) BitTorrent (HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\BitTorrent) (Version: 7.8.1.29813 - BitTorrent Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0637 - Disc Soft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Lightscreen (HKLM-x32\...\Lightscreen) (Version: - ) Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: - Malwarebytes Corporation) Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARDR) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg) Multitimer version 1.0 (HKLM-x32\...\Multitimer_is1) (Version: 1.0 - ) NVIDIA 3D Vision Driver 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.24 - NVIDIA Corporation) NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation) NVIDIA Graphics Driver 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.24 - NVIDIA Corporation) NVIDIA mental ray and IRay feature plugins for 3ds Max 2017 (HKLM\...\{6ABEC32F-B90F-4499-B3A3-FF8A00948178}) (Version: 19.0.0.0 - Autodesk) NVIDIA mental ray and IRay rendering plugins for 3ds Max 2017 (HKLM\...\{4B889650-52DC-49E0-AB9C-F501B91002E3}) (Version: 19.0.0.0 - Autodesk) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) publicHotsp version 1.0 (HKLM-x32\...\publicHotsp_is1) (Version: 1.0 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8443 - Realtek Semiconductor Corp.) Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0027 - REALTEK Semiconductor Corp.) SafeFinder (HKLM-x32\...\{6BD702B4-7463-400B-A7BC-6FBF8CB5FA0A}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION TigerTrade Setup 4.3.1 (HKLM-x32\...\TigerTrade Setup 4.3.1) (Version: 4.3.1 - TigerTrade) V-Ray for 3dsmax 2017 for x64 (HKLM\...\V-Ray for 3dsmax 2017 for x64) (Version: 3.60.03 - Chaos Software Ltd) Windows Driver Package - ASUS (AsusSGDrv) Mouse (06/18/2015 8.0.0.16) (HKLM\...\545B999BD5E2E239335F95C2AF9BED5D511CEC95) (Version: 06/18/2015 8.0.0.16 - ASUS) Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.) WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) YoutubeAdBlock (HKLM-x32\...\1655C0CA-7AE7-4012-8502-970C8675E5F8) (Version: 2.0.0.688 - Company Inc.) <==== ATTENTION ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File CustomCLSID: HKU\S-1-5-21-2793308117-3191825222-1732375903-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2016\Inventor Server\Bin\TestServer.dll => No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-04] (Disc Soft Ltd) ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2009-02-11] (Malwarebytes Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation) ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2009-02-11] (Malwarebytes Corporation) ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal) ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {022D78E0-ACA5-471C-8750-036F3A42753E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-10] (Realtek Semiconductor) Task: {05C34D65-68EF-4BCD-956A-13FA91FEAF32} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation) Task: {0A046499-167D-4F23-8F7D-ED1557CBC609} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-25] (Microsoft Corporation) Task: {0FBE6B1D-5FAB-446A-8256-C18FE7503D2F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {14D99739-2EF1-48A3-A198-73390886E5E6} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation) Task: {23C125B4-BBB3-4953-9F39-FF74994D04BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-25] (Microsoft Corporation) Task: {282ADA53-EB2B-40CF-8D1D-F16F82201825} - System32\Tasks\qdxgajDnKqmDPrtzQ2 => rundll32 "C:\Program Files (x86)\BHXQvOBMsgKdEntstUR\NRTwhNj.dll",#1 Task: {29333DA4-2BA9-467E-84EE-5D79593A7628} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-25] (Microsoft Corporation) Task: {3519E043-A696-44A1-B8A0-7CCAC0079B7D} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation) Task: {3FD079B2-02AA-45A0-9DA0-2AAF512DE504} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd) Task: {41AC1F7B-7DD9-4457-8D5E-FD47536F7B5F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-21] (NVIDIA Corporation) Task: {4D3D49AB-C227-40C3-9D2F-A5D1CFE0B012} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-16] (Google Inc.) Task: {5B3A8611-55E9-4F67-AB5C-74CB80C2BB62} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd) Task: {5E2AB3A6-F256-4C88-91DD-FB9732411C1E} - System32\Tasks\EGDwIDfrVjLvW2 => C:\Windows\system32\wscript.exe "C:\ProgramData\zTXZmVxyKBKDhdVB\RSpcqfM.wsf" Task: {5ED84C8E-8E7E-41A5-BB13-66905DF9CA8F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-25] (Microsoft Corporation) Task: {7B75339B-1C00-4FBD-88E1-C0853FFC298A} - System32\Tasks\OqUgsIhoyVOixP => rundll32 "C:\Program Files (x86)\pbjpUXEkQjxU2\AaKgGYwAgBBEZ.dll",#1 Task: {8081BD9F-5D6F-4473-99AD-96617B894B58} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-DSKVSP2-Didista => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated) Task: {845E1F90-16DD-4093-B0D6-A639629D1FAE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-21] (NVIDIA Corporation) Task: {8D69B77B-213B-49D2-B1F5-9878FBF7877A} - System32\Tasks\yKlRUxrwnsuFpeUeBWz2 => rundll32 "C:\Program Files (x86)\UmTwpSvRUOfSC\XvUbOZe.dll",#1 Task: {922768A4-0CF1-4287-9AC4-06C013781642} - System32\Tasks\niYEcWwYibJfLQX2 => rundll32 "C:\Program Files (x86)\eEvEEOxmU\agYABE.dll",#1 Task: {934E7795-D33C-409F-86A3-07A8115DDA2D} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation) Task: {9D4AE2A5-8373-4E8A-BD41-5BB09F844B7D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-21] (NVIDIA Corporation) Task: {A4DECBF0-0B25-4E65-8F0D-321DD4927AA8} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-06-30] (AsusTek) Task: {B06872CE-7513-4DFD-8816-696C6DC8D18C} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-05-10] (Realtek Semiconductor) Task: {BA82538D-0C34-41DA-BD7F-35A585A50031} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-21] (NVIDIA Corporation) Task: {BED3F8C3-DCF5-4335-8B0C-311AE63020CA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-21] (NVIDIA Corporation) Task: {CE4A136C-0D00-4CC1-B274-50E38CE429D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-10-16] (Google Inc.) Task: {EF3F23F6-763C-474E-991E-5F2CD1DE999C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-21] (NVIDIA Corporation) Task: {FC83D3C7-9F48-42BC-B8A6-799FF01D8511} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-21] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Didista\Desktop\Zlatin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\Didista\Desktop\Дияна - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default" ShortcutWithArgument: C:\Users\Didista\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> %SNP% ==================== Loaded Modules (Whitelisted) ============== 2018-10-16 13:35 - 2018-05-21 00:35 - 001314752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-05-02 23:44 - 2018-05-02 23:44 - 000174248 _____ () C:\Windows\system32\IntelWifiIhv06.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll 2018-04-12 01:33 - 2018-04-12 01:33 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-11-13 21:44 - 2018-11-01 08:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-11-15 21:31 - 2018-11-15 21:32 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-11-15 21:31 - 2018-11-15 21:32 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-11-15 21:31 - 2018-11-15 21:31 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-10-16 20:05 - 2018-10-16 20:07 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-11-15 22:18 - 2018-11-15 22:18 - 000745472 _____ () C:\Users\Didista\AppData\Local\Temp\is-TU326.tmp\swr2ab1i3na.tmp 2018-11-15 22:19 - 2018-11-15 22:19 - 000745472 _____ () C:\Users\Didista\AppData\Local\Temp\is-A480T.tmp\jnt3mero1bx.tmp 2018-11-15 22:18 - 2018-11-15 22:18 - 000342528 _____ () C:\ProgramData\Kolnixo\Holdzuntip.dll 2018-11-15 21:31 - 2018-11-09 00:14 - 002669400 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\swiftshader\libglesv2.dll 2018-11-15 21:31 - 2018-11-09 00:14 - 000151384 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\swiftshader\libegl.dll 2018-10-16 20:47 - 2016-01-19 07:15 - 000055304 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll 2018-10-16 20:47 - 2016-01-19 07:15 - 000103944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll 2018-10-16 13:35 - 2018-05-21 00:35 - 001032640 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-10-16 20:47 - 2013-09-23 19:52 - 000043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll 2018-10-16 20:47 - 2013-09-23 19:52 - 000052616 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll 2018-10-16 20:47 - 2013-09-23 19:52 - 000195976 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll 2018-10-16 20:47 - 2013-09-23 19:51 - 000742792 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll 2018-10-16 20:47 - 2016-01-19 06:12 - 000277440 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\en-US\AdWingManRes.dll 2018-10-16 20:47 - 2015-09-08 08:31 - 040640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll 2018-10-16 20:47 - 2014-09-03 02:29 - 000950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll 2018-11-15 22:18 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\Didista\AppData\Local\Temp\is-UH1QD.tmp\itdownload.dll 2018-11-15 22:19 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\Didista\AppData\Local\Temp\is-N5IK8.tmp\itdownload.dll 2018-11-15 22:27 - 2009-02-11 10:19 - 000077968 _____ () C:\Program Files (x86)\Malwarebytes' Anti-Malware\zlib.DLL ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\Drivers\erenopno.sys:changelist [1318] AlternateDataStreams: C:\Windows\system32\Drivers\nyutbnzk.sys:changelist [1538] AlternateDataStreams: C:\Windows\system32\Drivers\rxhodcdr.sys:changelist [1482] AlternateDataStreams: C:\Windows\system32\Drivers\wgbxphjl.sys:changelist [2566] AlternateDataStreams: C:\Windows\system32\Drivers\xrsjazsk.sys:changelist [986] AlternateDataStreams: C:\Windows\system32\Drivers\xwhjuavh.sys:changelist [986] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-04-12 01:38 - 2018-11-15 22:18 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2793308117-3191825222-1732375903-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{3F40B8D4-763C-4561-8755-C854590746D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{61F35CD4-3069-4699-A5E2-BAABFC403FA1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{30A98317-CB3B-4306-A6D8-DECCEFE6FCDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{682D7720-0D49-4C21-B75C-BAF04383BC8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{717541FD-03D6-4F1F-97D9-71C196B5F192}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F92CD008-85AC-4F3A-AB36-9F4CBFA3DCFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4CEA6664-1E44-4A2D-9C79-B26B9A73E669}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe FirewallRules: [{42B002DA-47D4-4AE8-B2FC-FA21E0DE9011}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe FirewallRules: [{9AE2A895-A4D9-4D86-A710-0A2EBF42E05A}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe FirewallRules: [{62CD37B0-CC4A-43A6-832D-0C8C1B9647A8}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe FirewallRules: [{5D449BFA-5C54-47DE-889B-4C59CD90582D}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe FirewallRules: [{79B1A32E-78B4-4CBA-A01A-80AA15EA59AF}] => (Allow) C:\Users\Didista\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{097820C3-6056-456D-82FD-2D2991BB887A}] => (Allow) C:\Users\Didista\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{987E6063-3710-4172-AFDF-0DB03FB13C70}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{8D6BA1D2-B642-4ADC-84A3-F32652303713}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{4937C1A7-36A3-4BA9-B9CF-DF988E242023}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= Name: High Definition Audio Device Description: High Definition Audio Device Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HdAudAddService Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/15/2018 10:29:13 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code. Error: (11/15/2018 10:29:12 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (11/15/2018 10:19:24 PM) (Source: MsiInstaller) (EventID: 11321) (User: DESKTOP-DSKVSP2) Description: Product: WhiteClick -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Users\Didista\AppData\Local\WhiteClick\WhiteClick.dll. System Error 225. Error: (11/15/2018 10:18:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Engn7e-Reu.exe, version: 0.0.0.0, time stamp: 0x5bed8c43 Faulting module name: KERNELBASE.dll, version: 6.2.17134.407, time stamp: 0x99042cc0 Exception code: 0xe0434f4d Fault offset: 0x000000000003a388 Faulting process ID: 0x%9 Faulting application start time: 0xEngn7e-Reu.exe0 Faulting application path: Engn7e-Reu.exe1 Faulting module path: Engn7e-Reu.exe2 Report ID: Engn7e-Reu.exe3 Faulting package full name: Engn7e-Reu.exe4 Faulting package-relative application ID: Engn7e-Reu.exe5 Error: (11/15/2018 09:27:45 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY) Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-DSKVSP2$ via https://INTC-KeyId-17a00575d05e58e3881210bb98b1045bb4c30639.microsoftaik.azure.net/templates/Aik/scep failed: GetCACaps GetCACaps: Not Found {"Message":"The authority \"intc-keyid-17a00575d05e58e3881210bb98b1045bb4c30639.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Cache-Control: no-cache Date: Thu, 15 Nov 2018 19:27:49 GMT Pragma: no-cache Content-Length: 122 Content-Type: application/json; charset=utf-8 Expires: -1 x-ms-request-id: bbe776f3-cbe5-45bb-bbe2-3022d9b09deb Strict-Transport-Security: max-age=31536000;includeSubDomains X-Content-Type-Options: nosniff Method: GET(1031ms) Stage: GetCACaps Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (11/11/2018 09:14:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Microsoft.Photos.exe version 2018.18081.14710.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1ce0 Start Time: 01d479e2d6a33f73 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Report Id: 66159361-19f4-4583-9285-0991719628cf Faulting package full name: Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: App Error: (10/20/2018 09:07:37 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY) Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-DSKVSP2$ via https://INTC-KeyId-17a00575d05e58e3881210bb98b1045bb4c30639.microsoftaik.azure.net/templates/Aik/scep failed: GetCACaps GetCACaps: Not Found {"Message":"The authority \"intc-keyid-17a00575d05e58e3881210bb98b1045bb4c30639.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Cache-Control: no-cache Date: Sat, 20 Oct 2018 19:07:39 GMT Pragma: no-cache Content-Length: 122 Content-Type: application/json; charset=utf-8 Expires: -1 x-ms-request-id: 4f9f49f8-9436-48c0-916f-82028887fb32 Strict-Transport-Security: max-age=31536000;includeSubDomains X-Content-Type-Options: nosniff Method: GET(1016ms) Stage: GetCACaps Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (10/19/2018 06:31:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: 3dsmax.exe, version: 19.1.129.0, time stamp: 0x5748e7d7 Faulting module name: ucrtbase.dll, version: 10.0.17134.319, time stamp: 0x40b70dec Exception code: 0xc0000409 Fault offset: 0x000000000006e57e Faulting process ID: 0x1f04 Faulting application start time: 0x01d467ae28df1185 Faulting application path: C:\Program Files\Autodesk\3ds Max 2017\3dsmax.exe Faulting module path: C:\Windows\System32\ucrtbase.dll Report ID: 4e028d16-86c8-4b74-afdf-13ce5dbc45e8 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (11/15/2018 10:29:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:28:53 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:27:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:26:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:26:13 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:24:51 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DSKVSP2) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-DSKVSP2\Didista SID (S-1-5-21-2793308117-3191825222-1732375903-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:21:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/15/2018 10:20:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Background Logic Handler service terminated unexpectedly. It has done this 1 time(s). Windows Defender: =================================== Date: 2018-11-15 22:41:50.604 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Azden.A!cl&threatid=2147718745&enterprise=0 Name: Trojan:Win32/Azden.A!cl ID: 2147718745 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\is-CKJOO.tmp\SeacherMapp.exe; file:_C:\Users\Didista\AppData\Roaming\4bdykg2qirq\jnt3mero1bx.exe; file:_C:\Users\Didista\AppData\Roaming\xfyg1f23d4k\swr2ab1i3na.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-15 22:41:31.014 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Azden.A!cl&threatid=2147718745&enterprise=0 Name: Trojan:Win32/Azden.A!cl ID: 2147718745 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\is-CKJOO.tmp\SeacherMapp.exe; file:_C:\Users\Didista\AppData\Roaming\4bdykg2qirq\jnt3mero1bx.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-15 22:41:30.331 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.C!cl&threatid=2147723654&enterprise=0 Name: Trojan:Win32/Fuerboos.C!cl ID: 2147723654 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\IfZQtMFkz\IfZQtMFkz.exe; file:_C:\Users\Didista\AppData\Local\Temp\is-NVF6R.tmp\ins.exe; file:_C:\Users\Didista\AppData\Local\Temp\lnt0HDKR9\lnt0HDKR9.exe; file:_C:\Users\Didista\AppData\Local\Temp\setupGI.exe; file:_C:\Users\Didista\AppData\Local\Temp\ZHY3HFYUF3\SecondL.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-15 22:41:30.303 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!ac&threatid=2147684005&enterprise=0 Name: Trojan:Win32/Dynamer!ac ID: 2147684005 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\ZHY3HFYUF3\OneTwo.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-15 22:41:30.152 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuerboos.C!cl&threatid=2147723654&enterprise=0 Name: Trojan:Win32/Fuerboos.C!cl ID: 2147723654 Severity: Severe Category: Trojan Path: file:_C:\Users\Didista\AppData\Local\Temp\IfZQtMFkz\IfZQtMFkz.exe; file:_C:\Users\Didista\AppData\Local\Temp\is-NVF6R.tmp\ins.exe; file:_C:\Users\Didista\AppData\Local\Temp\lnt0HDKR9\lnt0HDKR9.exe; file:_C:\Users\Didista\AppData\Local\Temp\setupGI.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Signature Version: AV: 1.281.189.0, AS: 1.281.189.0, NIS: 1.281.189.0 Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz Percentage of memory in use: 62% Total physical RAM: 8046.7 MB Available physical RAM: 3022.72 MB Total Virtual: 15982.7 MB Available Virtual: 9181.43 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.64 GB) (Free:54.17 GB) NTFS Drive d: (300GB) (Fixed) (Total:289.31 GB) (Free:255.32 GB) NTFS Drive e: (630GB) (Fixed) (Total:641.6 GB) (Free:638.78 GB) NTFS \\?\Volume{d39ec11a-e6d6-4c10-9403-6f3d96f25732}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS \\?\Volume{ce416a5b-003f-48f5-93e1-3baaa16354c1}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS \\?\Volume{b9836aae-f3e4-4d6f-a7e8-ba60d5f47130}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{03531399-baad-4d81-9748-ed722137ba4d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================
  11. Здравейте! След като вчера и онзи ден инсталирах две различни версии на програмата CIMCO, компютъра ми май се зарази с разни "боклуци". Предполагам, че се случи, вследствие на използван крак, за програмата. На своя глава използвах Malwarebytes и изтрих това, което засече, но ако кажете, ще сканирам отново и ще пусна лог. Надявам се да получа помощ от вас, за което ще бъда много благодарен! По-долу копирам съдържанието на FRST.txt и прикачвам файла Addition.txt. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15.09.2018 Ran by user (administrator) on USER-PC (19-09-2018 21:03:57) Running from C:\Users\user\Desktop Loaded Profiles: user (Available Profiles: user & UpdatusUser & DefaultAppPool) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Български (България) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Dassault Systèmes SolidWorks Corp.) E:\Install\SolidWorks 2013\SolidWorks\sldworks_fs.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Autodata Limited) C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe (Mentor Graphics Corporation) E:\Install\SolidWorks 2013\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe (Mentor Graphics Corporation) E:\Install\SolidWorks 2013\SolidWorks Flow Simulation\binCFW\dispatcher.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2890759512-461326267-1525351829-1000\...\Policies\Explorer: [] HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk [2014-05-16] ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B85DDD77-4A6A-4811-B241-EDADBF996BD0}\NewShortcut2_F1630D75496847DD999177A077E0CA0F.exe (Flexera Software, Inc.) GroupPolicy: Restriction - Windows Defender <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog9 01 C:\Windows\system32\sslsp105.dll [73984 2015-07-13] (SumRando) Winsock: Catalog9 02 C:\Windows\system32\sslsp105.dll [73984 2015-07-13] (SumRando) Winsock: Catalog9 09 C:\Windows\system32\sslsp105.dll [73984 2015-07-13] (SumRando) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.11.2.1 Tcpip\..\Interfaces\{6D7A384E-CF67-4AC2-983B-FEE7D2A85FA9}: [DhcpNameServer] 10.11.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2890759512-461326267-1525351829-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2890759512-461326267-1525351829-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-23] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-23] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 35llrj8x.default-1417880167796 FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796 [2018-09-19] FF Homepage: Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796 -> hxxps://www.google.bg/ FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796\Extensions\[email protected] [2016-04-27] [Legacy] FF Extension: (Firefox Monitor) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796\features\{05b8e13e-849c-420a-9d82-d3552b5fd4c5}\[email protected] [2018-09-18] FF Extension: (Telemetry coverage) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\35llrj8x.default-1417880167796\features\{05b8e13e-849c-420a-9d82-d3552b5fd4c5}\[email protected] [2018-09-18] [Legacy] FF HKU\S-1-5-21-2890759512-461326267-1525351829-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\user\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Script) - C:\Users\user\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2017-10-10] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-16] () FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-23] (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File] FF Plugin: @t.garena.com/garenatalk -> E:\Games\Стратегии\Warcraft III 1.26\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2890759512-461326267-1525351829-1000: @acestream.net/acestreamplugin,version=3.1.20.1 -> C:\Users\user\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.bg/" CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2018-09-17] CHR Extension: (Презентации) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17] CHR Extension: (Документи) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17] CHR Extension: (Google Диск) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31] CHR Extension: (Google Търсене) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31] CHR Extension: (Adobe Acrobat) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04] CHR Extension: (Avira Browser Safety) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-27] CHR Extension: (Google Документи офлайн) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-30] CHR Extension: (Ace Script) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2017-10-25] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-31] CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-14] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2890759512-461326267-1525351829-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [895056 2018-09-04] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1148568 2018-09-04] (Avira Operations GmbH & Co. KG) R2 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2017-09-13] (Autodata Limited) [File not signed] R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed] R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG) S3 CoordinatorServiceHost; E:\Install\SolidWorks 2013\SolidWorks\swScheduler\DTSCoordinatorService.exe [76904 2012-09-28] (Dassault Systèmes SolidWorks Corp.) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2015-10-30] (Flexera Software LLC) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation) R2 RemoteSolverDispatcher; E:\Install\SolidWorks 2013\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [46728 2012-09-13] (Mentor Graphics Corporation) [File not signed] S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-05-16] (SolidWorks) [File not signed] S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) S4 WinGateEngine; E:\Install\VPN\WinGate.exe [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] () S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38984 2014-09-05] (The OpenVPN Project) S3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-14] (Atheros Communications, Inc.) S0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [46440 2017-06-17] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [132448 2018-07-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [147880 2018-07-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35840 2017-03-02] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [59000 2017-03-02] (Avira Operations GmbH & Co. KG) R2 cpuz132; C:\Windows\system32\drivers\cpuz132_x32.sys [12672 2009-03-27] (Windows (R) Codename Longhorn DDK provider) [File not signed] R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] () S1 QbikHkVista; C:\Windows\System32\DRIVERS\QbikHkVista32.sys [303264 2015-10-13] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2012-04-06] () S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) U3 a0i415en; C:\Windows\system32\Drivers\a0i415en.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder) S3 GGSAFERDriver; \??\E:\Games\Стратегии\Warcraft III 1.26\Garena Plus\Room\safedrv.sys [X] S3 gkernel; \??\C:\Users\user\AppData\Local\Temp\gkernel.sys [X] <==== ATTENTION S3 taphss6; system32\DRIVERS\taphss6.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-19 21:03 - 2018-09-19 21:04 - 000015877 _____ C:\Users\user\Desktop\FRST.txt 2018-09-19 19:54 - 2018-09-19 19:54 - 001774080 _____ (Farbar) C:\Users\user\Desktop\FRST.exe 2018-09-19 18:59 - 2018-09-19 18:59 - 000000000 ____D C:\Users\user\AppData\Local\mbam 2018-09-19 18:55 - 2018-09-19 18:55 - 000000000 ____D C:\Program Files\Malwarebytes 2018-09-18 23:01 - 2018-09-19 18:35 - 000000000 ____D C:\Windows\{F3C70089-653A-40EE-A681-9499F3097E6A} 2018-09-18 22:32 - 2018-09-18 22:32 - 000000290 __RSH C:\Users\user\ntuser.pol 2018-09-18 21:28 - 2018-09-18 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CIMCO V8 2018-09-18 21:12 - 2018-09-18 21:19 - 000000000 ____D C:\Users\user\AppData\Local\WhiteClick 2018-09-18 21:11 - 2018-09-19 18:35 - 000000000 ____D C:\Users\user\AppData\Roaming\dnlgxlauhck 2018-09-18 21:11 - 2018-09-18 21:11 - 000003676 __RSH C:\ProgramData\ntuser.pol 2018-09-18 21:11 - 2018-09-18 21:11 - 000000003 _____ C:\Users\user\AppData\Local\wbem.ini 2018-09-16 19:12 - 2018-09-16 19:13 - 000000000 ____D C:\Users\user\Desktop\Sicario_Day_Of_The_Soldado.(subs.sab.bz) 2018-09-16 19:12 - 2018-09-16 19:13 - 000000000 ____D C:\Users\user\Desktop\SC 2018-09-16 18:39 - 2018-09-16 18:39 - 000023220 _____ C:\Users\user\Desktop\Sicario_Day_Of_The_Soldado.(subs.sab.bz).zip 2018-09-16 12:50 - 2018-09-17 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CIMCO 7 2018-09-16 12:37 - 2018-09-16 12:44 - 000000000 ____D C:\ProgramData\btscService 2018-09-16 12:24 - 2018-09-16 12:24 - 000030375 _____ C:\Users\user\AppData\Local\3C6F3B2ED1664B0EC90A 2018-09-16 12:24 - 2018-09-16 12:24 - 000017012 _____ C:\Users\user\AppData\Roaming\C53563B5E2C653F11250 2018-09-16 12:20 - 2018-09-16 12:40 - 000000000 ____D C:\ProgramData\CIMCO AS 2018-09-10 21:23 - 2018-09-10 21:23 - 000000000 ____D C:\Users\user\Desktop\Seal.Team.S01E02.(subs.sab.bz) 2018-09-10 21:22 - 2018-09-10 21:23 - 000000000 ____D C:\Users\user\Desktop\ST 2018-09-10 21:20 - 2018-09-10 21:20 - 000107506 _____ C:\Users\user\Desktop\Seal.Team.S01E02.(subs.sab.bz).zip 2018-08-20 22:09 - 2018-08-20 23:37 - 000000000 ___HD C:\_acestream_cache_ 2018-08-20 22:08 - 2018-09-17 19:55 - 000000000 ____D C:\Users\user\AppData\Roaming\.ACEStream 2018-08-20 22:06 - 2018-08-20 22:07 - 000000000 ____D C:\Users\user\AppData\Roaming\ACEStream ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-09-19 21:03 - 2015-10-10 14:23 - 000000000 ____D C:\FRST 2018-09-19 21:02 - 2012-02-27 16:40 - 000000000 ____D C:\ProgramData\NVIDIA 2018-09-19 21:02 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-09-19 20:59 - 2009-07-14 07:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-09-19 20:59 - 2009-07-14 07:34 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-09-19 20:50 - 2012-02-27 20:22 - 000000000 ____D C:\Users\user\Desktop\Games 2018-09-19 20:09 - 2016-11-15 23:11 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla 2018-09-19 18:55 - 2012-08-05 12:18 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-09-18 21:22 - 2018-05-25 14:43 - 000000000 ____D C:\Users\user\AppData\LocalLow\uTorrent 2018-09-18 21:22 - 2014-09-16 12:33 - 000000000 ____D C:\Users\user\AppData\Roaming\uTorrent 2018-09-18 21:11 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\system32\GroupPolicy 2018-09-18 18:26 - 2015-10-31 13:13 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-09-18 18:26 - 2015-10-31 13:13 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-09-16 19:13 - 2017-09-09 13:04 - 000000000 ____D C:\Users\user\AppData\Local\SmartView2 2018-09-16 12:50 - 2014-02-21 13:34 - 000000000 ____D C:\ProgramData\Package Cache 2018-09-16 11:51 - 2014-12-21 01:21 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2018-09-16 11:51 - 2014-12-21 01:21 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2018-09-16 11:51 - 2014-08-20 15:57 - 000000000 ____D C:\Users\user\AppData\Local\Adobe 2018-09-16 11:51 - 2012-02-27 16:33 - 000000000 ____D C:\Windows\system32\Macromed 2018-09-06 18:05 - 2017-04-20 19:14 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-09-06 18:05 - 2014-12-06 18:32 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2018-09-04 20:32 - 2016-07-26 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2018-08-31 22:34 - 2014-08-15 23:06 - 000000000 ____D C:\Users\user\AppData\Roaming\Skype 2018-08-28 18:04 - 2014-05-31 14:34 - 000000000 ____D C:\Users\user\Documents\Outlook Files ==================== Files in the root of some directories ======= 2018-09-16 12:24 - 2018-09-16 12:24 - 000017012 _____ () C:\Users\user\AppData\Roaming\C53563B5E2C653F11250 2012-08-05 14:53 - 2015-12-29 20:28 - 000045270 _____ () C:\Users\user\AppData\Roaming\room_v3.dat 2018-09-16 12:24 - 2018-09-16 12:24 - 000030375 _____ () C:\Users\user\AppData\Local\3C6F3B2ED1664B0EC90A 2013-06-22 12:26 - 2013-06-22 12:43 - 000001456 _____ () C:\Users\user\AppData\Local\Adobe Save for Web 12.0 Prefs 1601-01-03 21:33 - 1601-01-03 21:33 - 000073216 ____N (Microsoft Corporation) C:\Users\user\AppData\Local\kxaPASjRAC.exe 2016-08-07 13:37 - 2016-08-07 13:40 - 000000156 _____ () C:\Users\user\AppData\Local\prepatch.log 2014-10-12 12:30 - 2018-07-30 09:49 - 000007592 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg 2018-09-18 21:11 - 2018-09-18 21:11 - 000000003 _____ () C:\Users\user\AppData\Local\wbem.ini 2016-05-27 18:39 - 2016-05-27 18:39 - 000000000 _____ () C:\Users\user\AppData\Local\{1646A5E3-C87D-4217-9458-D830E5C491DF} 2012-02-27 18:27 - 2012-02-27 18:27 - 000000000 _____ () C:\Users\user\AppData\Local\{1722D3AE-A621-4943-B344-E181F8BD6C9D} ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-09-15 19:46 ==================== End of FRST.txt ============================ Addition.txt
  12. Здравейте, След Reset на лаптопа се оказа, че без да е включван в мрежата, без да е инсталирано нещо на компютъра въобще и дори без да е включван, батерията се изтощи от 100% на 59% след като се включи САМ !!! преди няколко дни. От тогава всеки ден след изключването на лаптопа през нощта изразходва 3-4% от батерията, при положение, че няма инсталирани програми. За съжаление не ми дава възможност да копирам съдържанието на FRST.txt файла, както и да опитвам. Озадачих се, че на D drivе има 160 МВ заети с нещо, затова прикачам снимки. Благодаря предварително! Addition.txt FRST.txt Съдържанието на FRST.txt го качвам в 11 jpegs чрез prt sc, защото по никакъв друг начин не мога да го копирам! Още 3 jpgs
  13. Препратиха ме тук,ето предната тема: Ето и първата тема,съдържаща информация за проблема: Разполагам с инсталационен диск за моя Windows 7 64bit.Моля помогнете с решаването на проблема,благодаря. Addition.txt FRST.txt
  14. Здравейте! Не знам дали пиша в правилната тема, но моята тема е сходна на тази тук. Искам да попитам някой вещ, който разбира повече от компютри какво е "pandoratv" ? Тъй като днес се поразрових в настолния компютър и видях в Program files, въпросната pandora (мисля че е вирус и ако е застрашава ли животеца на компа? ) Благодаря предварително!
  15. Здравейте екип, моля за помощ свалих уж крак програма но се оказа вирус той си инсталира някакъв браузер от там почнаха да изкачат реклами на китайски език дефендер не ще да се отваря пробвах да пусна Авира анти виросна тя забива моля за помощ с Win 10 sym Addition.txt FRST.txt Shortcut.txt
  16. Здравейте, току-що се сдобих с въпросната гад и искам да попитам има ли смисъл да се опитвам да възстановя файловете или да трия всичко и да преинсталирам. Криптирани са офис документите, pdf и снимките(но, без папките на кирилица и без видеото)
  17. В другата тема писах, че флашката е повредена след включването и в телевизор Самсунг. Има файл с име СМ0013 който си мисля, че е вируса според прояетеното в нета. Бях помолен да пусна тема тук и да прикача логовете за проверка: Addition.txt
  18. Проблемът ми е, когато пускам компютъра и след зареждане(може би дори първият приорите от персоналните програми) е да зареди google chrome със сайт(руски). Вероятно не е моя вината(брат ми си играе също)... Но до сега такъв проблем не съм имал-да не мога да намеря проблема. Ползвам дребни но ефикасни трикчета за справяне с такива неща, ако ли не използвам програми. Пробвах Iobit malware fighter 5.5, но явно(предполагах че) проблема е за професионалисти. Веднъж май хванах самият процес в "процесите"(task manager) и намирам същото име като на сайта в папката на Steam.
  19. Ето събщението, което получава всеки изпратил имейл до нас: This message was created automatically by mail delivery software. A message that you sent has not yet been delivered to one or more of its recipients after more than 24 hours on the queue on hemus.superhosting.bg. The message identifier is: 1eJa1Z-003lh9-9Y The subject of the message is: =?utf-8?B?Rlc6INC80LDQvdC+0LzQtdGC0YrRgA==?= The date of the message is: Tue, 28 Nov 2017 09:09:44 +0200 The address to which the message has not yet been delivered is: [email protected] (ultimately generated from [email protected]) host alt4.gmail-smtp-in.l.google.com [74.125.28.27] Delay reason: SMTP error from remote mail server after RCPT TO:<[email protected]>: 452-4.2.2 The email account that you tried to reach is over quota. Please direct 452-4.2.2 the recipient to 452 4.2.2 https://support.google.com/mail/?p=OverQuotaTemp h72si2628468pfj.20 - gsmtp No action is required on your part. Delivery attempts will continue for some time, and this warning may be repeated at intervals if the message remains undelivered. Eventually the mail delivery software will give up, and when that happens, the message will be returned to you. Това съобщение го получават изпращащите мейли към този домейн. Събщенията се получават без проблем. Няма проблем и със сървърното място. Не разбирам и каква е връзката с gmail и google след като домейнът е частен. Също нямам никаква идея чий е този имейл: [email protected] Възможно ли е да е вирус? Сканирани са всички служебни машини. Имаше разни гадини, които уж обезвредихме, но проблемът не се оправи. Сменихме и паролите на всички мейли - нищо. Ето информацията от FRST: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-11-2017 Ran by pc (administrator) on PC1 (30-11-2017 14:23:09) Running from C:\Documents and Settings\pc.PC1\Desktop Loaded Profiles: pc (Available Profiles: pc & Administrator & Guest) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe (HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe (HP) C:\WINDOWS\system32\HPSIsvc.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Viber Media S.Ã r.l.) C:\Documents and Settings\pc.PC1\Local Settings\Application Data\Viber\Viber.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe () C:\2017\wsklad.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDCPL] => C:\Windows\RTHDCPL.EXE [16859648 2008-01-09] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\Windows\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-10-31] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [302744 2017-11-16] (AVG Technologies CZ, s.r.o.) HKU\S-1-5-20\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation) HKU\S-1-5-21-329068152-1604221776-1801674531-1003\...\Run: [Viber] => C:\Documents and Settings\pc.PC1\Local Settings\Application Data\Viber\Viber.exe [69268048 2016-04-13] (Viber Media S.Ã r.l.) HKU\S-1-5-21-329068152-1604221776-1801674531-1003\...\MountPoints2: {260473e8-84c9-11e3-a542-001cf0d5a2b8} - G:\SISetup.exe HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation) Startup: C:\Documents and Settings\pc.PC1\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk [2017-11-30] ShortcutTarget: Microsoft Office Outlook 2007.lnk -> C:\WINDOWS\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe () Startup: C:\Documents and Settings\pc.PC1\Start Menu\Programs\Startup\Skype.lnk [2017-03-06] ShortcutTarget: Skype.lnk -> C:\WINDOWS\Installer\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}\Skype.ico (No File) GroupPolicy: Restriction ? <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{E7E61260-FB73-4F9E-B467-F1870B906C7C}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-329068152-1604221776-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKU\S-1-5-21-329068152-1604221776-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-22] (Sun Microsystems, Inc.) BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-22] (Sun Microsystems, Inc.) DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} hxxp://dl-ak.solidworks.com/nonsecure/edrawings/e2012sp02/12.2.0.110/cab//eModelsStandard.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies) FireFox: ======== FF DefaultProfile: 07ckpc18.default-1412315343695 FF ProfilePath: C:\Documents and Settings\pc.PC1\Application Data\Mozilla\Firefox\Profiles\07ckpc18.default-1412315343695 [2017-11-30] FF Extension: (YouTube Video and Audio Downloader) - C:\Documents and Settings\pc.PC1\Application Data\Mozilla\Firefox\Profiles\07ckpc18.default-1412315343695\Extensions\[email protected] [2017-05-22] [Lagacy] FF Extension: (Google Search by Image) - C:\Documents and Settings\pc.PC1\Application Data\Mozilla\Firefox\Profiles\07ckpc18.default-1412315343695\Extensions\[email protected] [2016-05-03] [Lagacy] FF Extension: (signTextJS) - C:\Documents and Settings\pc.PC1\Application Data\Mozilla\Firefox\Profiles\07ckpc18.default-1412315343695\Extensions\[email protected] [2017-06-15] [Lagacy] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF Extension: (Java Quick Starter) - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-22] [Lagacy] [not signed] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-01-27] [Lagacy] [not signed] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Lagacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll [2013-09-04] () FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [282536 2017-11-16] (AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5954792 2017-11-16] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-10-31] (AVG Technologies CZ, s.r.o.) R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [247712 2012-07-25] (HP) S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2009-06-22] (Sun Microsystems, Inc.) S4 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [65536 2003-10-22] (HP) [File not signed] S4 rcp_service; C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe [558592 2007-11-30] (ReaSoft) [File not signed] R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2006-10-18] (Microsoft Corporation) [File not signed] S2 APNMCP; "C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe" [X] S2 HP LaserJet Service; "C:\Program Files\hp\HPLaserJetService\HPLaserJetService.exe" [X] S0 MBAMService; no ImagePath ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [20624 2012-10-31] (AVAST Software) R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [149592 2017-11-16] (AVG Technologies CZ, s.r.o.) R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiskx.sys [135872 2017-11-16] (AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriverx.sys [249232 2017-11-16] (AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidshx.sys [151024 2017-11-16] (AVG Technologies CZ, s.r.o.) R0 avgblog; C:\WINDOWS\System32\drivers\avgblogx.sys [270344 2017-11-16] (AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbunivx.sys [43992 2017-11-16] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [35264 2017-11-16] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [117368 2017-11-16] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [63280 2017-11-16] (AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [775552 2017-11-16] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [381184 2017-11-16] (AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [290776 2017-11-16] (AVG Technologies CZ, s.r.o.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S3 dg_ssudbus; C:\WINDOWS\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.) S3 HP1210FAX; C:\WINDOWS\System32\Drivers\HPM1210FAX.sys [13824 2010-04-28] () [File not signed] R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation) R3 m4cxw2k3; C:\WINDOWS\System32\DRIVERS\m4cxw2k3.sys [250752 2007-02-15] (D-Link Corporation) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2009-08-03] (VSO Software) [File not signed] R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation) S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [721904 2009-07-13] (Duplex Secure Ltd.) S3 ssudmdm; C:\WINDOWS\System32\DRIVERS\ssudmdm.sys [146048 2016-07-22] (Samsung Electronics Co., Ltd.) S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed] S2 adfs; no ImagePath S3 BOCDRIVE; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys [X] S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X] S3 FXDrv32; \??\D:\FXDrv32.sys [X] S4 IntelIde; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-30 14:23 - 2017-11-30 14:23 - 000012709 _____ C:\Documents and Settings\pc.PC1\Desktop\FRST.txt 2017-11-30 14:22 - 2017-11-30 14:23 - 000000000 ____D C:\FRST 2017-11-30 14:22 - 2017-11-30 14:22 - 001752064 _____ (Farbar) C:\Documents and Settings\pc.PC1\Desktop\FRST.exe 2017-11-30 10:49 - 2017-11-30 10:49 - 000025377 _____ C:\Documents and Settings\pc.PC1\Local Settings\Application Data\recently-used.xbel 2017-11-24 14:34 - 2017-11-24 14:34 - 000000000 ____D C:\Program Files\Quester 2017-11-24 14:34 - 2017-11-24 14:34 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\QMailFilter 2017-11-24 14:32 - 2017-11-24 14:32 - 000000000 ____D C:\Documents and Settings\Administrator.PC1\Local Settings\Application Data\CEF 2017-11-24 14:32 - 2017-11-24 14:32 - 000000000 ____D C:\Documents and Settings\Administrator.PC1\Application Data\AVG 2017-11-24 14:31 - 2017-11-24 14:31 - 000000000 ____D C:\Documents and Settings\Administrator.PC1\Local Settings\Application Data\Avg 2017-11-24 14:21 - 2017-11-24 14:21 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\PCHealth 2017-11-20 12:24 - 2017-11-20 12:40 - 000065536 _____ C:\WINDOWS\system32\config\Doctor Web.evt 2017-11-20 12:24 - 2017-11-20 12:24 - 000000000 ____D C:\Documents and Settings\pc.PC1\Doctor Web 2017-11-20 12:24 - 2017-11-20 12:24 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Doctor Web 2017-11-16 14:45 - 2017-11-16 14:45 - 000087203 _____ C:\Documents and Settings\pc.PC1\My Documents\Untitled.pdf 2017-11-16 14:45 - 2017-11-16 14:45 - 000087203 _____ C:\Documents and Settings\pc.PC1\Desktop\Untitled.pdf 2017-11-16 13:03 - 2017-11-16 13:05 - 000000000 ____D C:\EEK 2017-11-16 13:02 - 2017-11-16 13:02 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\Temp 2017-11-16 10:11 - 2017-11-16 10:11 - 000001608 _____ C:\Documents and Settings\All Users\Desktop\AVG AntiVirus FREE.lnk 2017-11-16 10:11 - 2017-11-16 10:11 - 000000000 ____D C:\Documents and Settings\pc.PC1\Application Data\AVG 2017-11-16 10:10 - 2017-11-30 10:10 - 000000288 ____H C:\WINDOWS\Tasks\Antivirus Emergency Update.job 2017-11-16 10:10 - 2017-11-16 10:10 - 000775552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000381184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000306448 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2017-11-16 10:10 - 2017-11-16 10:10 - 000290776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblogx.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000249232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriverx.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidshx.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000149592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiskx.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000117368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbunivx.sys 2017-11-16 10:10 - 2017-11-16 10:10 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys 2017-11-16 10:08 - 2017-11-16 10:11 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2017-11-16 10:08 - 2017-11-16 10:08 - 000000629 _____ C:\Documents and Settings\All Users\Desktop\AVG.lnk 2017-11-16 10:06 - 2017-11-30 11:06 - 000000314 ____H C:\WINDOWS\Tasks\AVG EUpdate Task.job 2017-11-16 10:06 - 2017-11-16 10:08 - 000000000 ____D C:\Program Files\AVG 2017-11-16 09:51 - 2017-11-16 09:51 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\CEF 2017-11-16 09:50 - 2017-11-16 11:23 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Avg 2017-11-16 09:50 - 2017-11-16 10:11 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\Avg 2017-11-16 09:50 - 2017-11-16 10:08 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\AvgSetupLog ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-30 14:23 - 2013-08-02 12:50 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Temp 2017-11-30 14:20 - 2015-08-03 07:23 - 000271360 _____ C:\Documents and Settings\pc.PC1\My Documents\Outlook_Archive.pst 2017-11-30 14:16 - 2016-12-27 11:00 - 000000000 ____D C:\2017 2017-11-30 10:49 - 2014-01-15 10:08 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\gtk-2.0 2017-11-30 10:49 - 2013-08-02 12:55 - 000000000 ____D C:\Documents and Settings\pc.PC1\.gimp-2.8 2017-11-30 07:55 - 2016-08-12 14:25 - 000000000 ____D C:\Documents and Settings\pc.PC1\Application Data\ViberPC 2017-11-30 07:52 - 2014-03-28 08:20 - 000000216 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job 2017-11-30 07:52 - 2008-09-12 18:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-11-30 07:52 - 2008-04-14 14:00 - 000011936 _____ C:\WINDOWS\system32\wpa.dbl 2017-11-29 16:54 - 2013-08-02 12:50 - 000000178 ___SH C:\Documents and Settings\pc.PC1\ntuser.ini 2017-11-29 16:54 - 2013-08-02 12:50 - 000000000 ____D C:\Documents and Settings\pc.PC1 2017-11-29 16:54 - 2008-09-12 18:28 - 000032520 _____ C:\WINDOWS\SchedLgU.Txt 2017-11-28 11:37 - 2011-12-19 11:25 - 000000000 ____D C:\Program Files\The KMPlayer 2017-11-24 14:40 - 2013-08-02 13:09 - 000211496 _____ C:\Documents and Settings\pc.PC1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2017-11-24 14:37 - 2013-11-01 13:09 - 000000178 ___SH C:\Documents and Settings\Administrator.PC1\ntuser.ini 2017-11-24 14:36 - 2010-03-25 10:10 - 000979370 _____ C:\WINDOWS\ntbtlog.txt 2017-11-24 14:35 - 2013-11-01 13:09 - 000000000 ____D C:\Documents and Settings\Administrator.PC1\Local Settings\Temp 2017-11-24 14:28 - 2008-09-12 21:12 - 002469912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-11-24 14:25 - 2013-08-02 14:23 - 000065536 _____ C:\WINDOWS\system32\config\ODiag.evt 2017-11-24 14:15 - 2008-09-13 10:13 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help 2017-11-24 14:12 - 2008-04-14 14:00 - 000000668 _____ C:\WINDOWS\win.ini 2017-11-24 11:47 - 2016-08-12 14:25 - 000000000 ____D C:\Documents and Settings\pc.PC1\My Documents\ViberDownloads 2017-11-22 16:05 - 2013-12-11 14:52 - 000000000 ____D C:\2014 2017-11-22 16:04 - 2010-12-03 14:28 - 000000000 ____D C:\2011 2017-11-22 16:03 - 2011-12-09 14:39 - 000000000 ____D C:\2012 2017-11-22 15:40 - 2013-08-02 13:28 - 000002515 _____ C:\Documents and Settings\pc.PC1\Desktop\Microsoft Office Word 2007.lnk 2017-11-22 14:28 - 2014-12-29 16:42 - 000000000 ____D C:\2015 2017-11-22 14:25 - 2015-12-23 11:32 - 000000000 ____D C:\2016 2017-11-16 10:55 - 2014-10-02 15:34 - 000000000 ____D C:\Documents and Settings\pc.PC1\Application Data\istartsurf 2017-11-16 10:48 - 2012-12-20 13:57 - 000000000 ____D C:\2013 2017-11-16 10:38 - 2014-10-02 15:34 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\IePluginServices 2017-11-16 09:28 - 2010-09-30 15:57 - 000000000 ____D C:\Program Files\ough 2017-11-16 09:01 - 2013-09-23 15:54 - 002755382 ___SH C:\Documents and Settings\pc.PC1\Desktop\Thumbs.db 2017-11-10 13:23 - 2013-08-02 13:49 - 000000000 ____D C:\Documents and Settings\pc.PC1\Application Data\Skype 2017-11-08 15:00 - 2014-03-28 08:20 - 000000210 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job ==================== Files in the root of some directories ======= 2015-08-17 11:04 - 2015-08-17 11:08 - 000304492 _____ (AYURvmkth8) C:\Documents and Settings\pc.PC1\Application Data\adobe.exe 2013-10-07 13:55 - 2014-04-09 12:28 - 000000531 _____ () C:\Documents and Settings\pc.PC1\Application Data\burnaware.ini 2013-08-02 13:31 - 2017-08-18 12:25 - 000036352 _____ () C:\Documents and Settings\pc.PC1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-27 17:15 - 2014-02-28 09:48 - 000000600 _____ () C:\Documents and Settings\pc.PC1\Local Settings\Application Data\PUTTY.RND 2017-11-30 10:49 - 2017-11-30 10:49 - 000025377 _____ () C:\Documents and Settings\pc.PC1\Local Settings\Application Data\recently-used.xbel 2011-03-11 09:28 - 2011-03-11 09:28 - 000000016 _____ () C:\Documents and Settings\All Users\Application Data\.7486160831680234 2008-10-31 09:19 - 2008-10-31 09:19 - 000000041 ___SH () C:\Documents and Settings\All Users\Application Data\.zreglib 2008-09-13 13:47 - 2016-04-26 08:08 - 000001669 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log 2014-08-15 11:57 - 2010-03-30 10:12 - 000024772 _____ () C:\Documents and Settings\All Users\Application Data\P1210DEF.css 2014-08-15 11:57 - 2016-01-22 14:22 - 000015499 _____ () C:\Documents and Settings\All Users\Application Data\P1210OS.HTM 2014-08-15 11:57 - 2010-03-30 10:12 - 000002944 _____ () C:\Documents and Settings\All Users\Application Data\P1210SIG.GIF Some files in TEMP: ==================== 2017-10-13 09:08 - 2011-12-29 11:44 - 001275396 _____ (NCH Software) C:\Documents and Settings\pc.PC1\Local Settings\Temp\uninst.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ Addition.txt
  20. компютъра ми ускорява говора на телевизията Нетера тв и от време на време спира картината въпреки добрия нет FRST.txt
  21. Здравеите проблема е следния след използване на uTorrent след извесно време рамта се покачва до 90% някои пъти и нагоре неможе да се изклучи компютъра и единствения вариянт е от щепсела. някои документи ми се копират сами. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016 Ran by user (administrator) on DESKTOP-IT9GN2C (10-09-2016 12:56:55) Running from C:\Users\user\Downloads Loaded Profiles: user (Available Profiles: user) Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x64__8wekyb3d8bbwe\Video.UI.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [38528 2013-07-04] (Creative Technology Ltd.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-05-02] (NVIDIA Corporation) HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2112512 2015-06-12] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-01] (AVAST Software) HKU\S-1-5-21-393832760-2790156869-1528677353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-20] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-05-31] ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-06-01] ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{e543dcf9-3a16-4837-a1f9-9d76bc8c2a73}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12] (Microsoft Corporation) FireFox: ======== FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-20] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-20] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-01] CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-01] CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-01] CHR Extension: (Avast SafePrice) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-09-10] CHR Extension: (Google Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-01] CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-02] CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-02] CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-01] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-01] CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-01] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-20] (AVAST Software) S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-06-01] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-06-01] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-15] (Creative Technology Ltd) [File not signed] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation) R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-02-12] (Rivet Networks) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-16] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-20] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-20] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-20] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-20] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-08-20] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-20] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-20] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-20] (AVAST Software) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [144456 2016-02-12] (Rivet Networks, LLC.) R3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] () R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [162456 2016-02-12] (Qualcomm Atheros, Inc.) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-10 12:56 - 2016-09-10 12:57 - 00013879 _____ C:\Users\user\Downloads\FRST.txt 2016-09-10 12:56 - 2016-09-10 12:56 - 02397696 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2016-09-10 12:56 - 2016-09-10 12:56 - 00000000 ____D C:\FRST 2016-09-10 12:55 - 2016-09-10 12:55 - 01747968 _____ (Farbar) C:\Users\user\Downloads\FRST.exe 2016-09-10 12:13 - 2016-09-10 12:14 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-09-10 12:13 - 2016-09-10 12:13 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-09-10 12:13 - 2016-09-10 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-09-10 12:13 - 2016-09-10 12:13 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-09-10 12:13 - 2016-09-10 12:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-09-10 12:13 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-09-10 12:13 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-09-10 12:13 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-09-10 12:12 - 2016-09-10 12:12 - 22851472 _____ (Malwarebytes ) C:\Users\user\Downloads\mbam-setup-2.2.1.1043.exe 2016-09-09 18:06 - 2016-09-09 18:06 - 00222117 _____ C:\Users\user\Downloads\nrdb_4_00_preduchilishtno_obr.pdf 2016-09-09 17:56 - 2016-09-09 17:56 - 00270376 _____ C:\Users\user\Downloads\nrdb_8_23.082016_dokumenti.pdf 2016-09-09 17:55 - 2016-09-09 17:55 - 00211511 _____ C:\Users\user\Downloads\naredba_9_19.08.2016_institucii_v_obrazovanieto.pdf 2016-08-31 20:52 - 2016-08-27 08:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-08-31 20:52 - 2016-08-27 08:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-08-31 20:52 - 2016-08-27 07:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-08-31 20:52 - 2016-08-27 07:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-08-31 20:52 - 2016-08-27 07:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2016-08-31 20:52 - 2016-08-27 07:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2016-08-31 20:52 - 2016-08-27 07:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-08-31 20:52 - 2016-08-27 07:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2016-08-31 20:52 - 2016-08-27 07:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2016-08-31 20:52 - 2016-08-20 09:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-08-31 20:52 - 2016-08-20 08:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-31 20:52 - 2016-08-20 08:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-31 20:52 - 2016-08-20 08:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys 2016-08-31 20:52 - 2016-08-20 08:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-08-31 20:52 - 2016-08-20 08:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-08-31 20:52 - 2016-08-20 08:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2016-08-31 20:52 - 2016-08-20 08:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-08-31 20:52 - 2016-08-20 08:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-08-31 20:52 - 2016-08-20 08:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-08-31 20:52 - 2016-08-20 08:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-08-31 20:52 - 2016-08-20 08:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-08-31 20:52 - 2016-08-20 08:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-08-31 20:52 - 2016-08-20 08:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-08-31 20:52 - 2016-08-20 08:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2016-08-31 20:52 - 2016-08-20 08:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2016-08-31 20:52 - 2016-08-20 08:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2016-08-31 20:52 - 2016-08-20 08:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2016-08-31 20:52 - 2016-08-20 08:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-08-31 20:52 - 2016-08-20 08:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-31 20:52 - 2016-08-20 08:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-08-31 20:52 - 2016-08-20 08:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2016-08-31 20:52 - 2016-08-20 08:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-08-31 20:52 - 2016-08-20 08:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-08-31 20:52 - 2016-08-20 08:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-08-31 20:52 - 2016-08-20 08:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-08-31 20:52 - 2016-08-20 08:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2016-08-31 20:52 - 2016-08-20 08:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-08-31 20:52 - 2016-08-20 08:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-08-31 20:52 - 2016-08-20 08:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-08-31 20:52 - 2016-08-20 08:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-08-31 20:52 - 2016-08-20 08:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-31 20:52 - 2016-08-20 08:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-08-31 20:52 - 2016-08-20 08:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-08-31 20:52 - 2016-08-20 08:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-08-31 20:52 - 2016-08-20 08:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-31 20:52 - 2016-08-20 07:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2016-08-31 20:52 - 2016-08-20 07:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-31 20:52 - 2016-08-20 07:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-08-31 20:52 - 2016-08-20 07:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-31 20:52 - 2016-08-20 07:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-08-31 20:51 - 2016-08-27 15:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll 2016-08-31 20:51 - 2016-08-27 12:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll 2016-08-31 20:51 - 2016-08-27 07:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll 2016-08-31 20:51 - 2016-08-27 07:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll 2016-08-31 20:51 - 2016-08-20 09:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-08-31 20:51 - 2016-08-20 09:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-08-31 20:51 - 2016-08-20 09:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-08-31 20:51 - 2016-08-20 09:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-08-31 20:51 - 2016-08-20 09:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-31 20:51 - 2016-08-20 09:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2016-08-31 20:51 - 2016-08-20 09:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-31 20:51 - 2016-08-20 09:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-08-31 20:51 - 2016-08-20 09:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-08-31 20:51 - 2016-08-20 09:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-08-31 20:51 - 2016-08-20 08:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-08-31 20:51 - 2016-08-20 08:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-31 20:51 - 2016-08-20 08:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-08-31 20:51 - 2016-08-20 08:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-08-31 20:51 - 2016-08-20 08:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-31 20:51 - 2016-08-20 08:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2016-08-31 20:51 - 2016-08-20 08:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-08-31 20:51 - 2016-08-20 08:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-08-31 20:51 - 2016-08-20 08:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-08-31 20:51 - 2016-08-20 08:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-08-31 20:51 - 2016-08-20 08:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-31 20:51 - 2016-08-20 08:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2016-08-31 20:51 - 2016-08-20 08:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-31 20:51 - 2016-08-20 08:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-08-31 20:51 - 2016-08-20 08:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-08-31 20:51 - 2016-08-20 08:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-31 20:51 - 2016-08-20 08:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2016-08-31 20:51 - 2016-08-20 08:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-08-31 20:51 - 2016-08-20 08:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-08-31 20:51 - 2016-08-20 08:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-08-31 20:51 - 2016-08-20 08:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-31 20:51 - 2016-08-20 08:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-08-31 20:51 - 2016-08-20 08:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-31 20:51 - 2016-08-20 08:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2016-08-31 20:51 - 2016-08-20 08:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll 2016-08-31 20:51 - 2016-08-20 08:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL 2016-08-31 20:51 - 2016-08-20 08:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2016-08-31 20:51 - 2016-08-20 08:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL 2016-08-31 20:51 - 2016-08-20 08:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2016-08-31 20:51 - 2016-08-20 08:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2016-08-31 20:51 - 2016-08-20 08:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-08-31 20:51 - 2016-08-20 08:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL 2016-08-31 20:51 - 2016-08-20 08:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2016-08-31 20:51 - 2016-08-20 08:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2016-08-31 20:51 - 2016-08-20 08:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2016-08-31 20:51 - 2016-08-20 08:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-31 20:51 - 2016-08-20 08:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2016-08-31 20:51 - 2016-08-20 08:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2016-08-31 20:51 - 2016-08-20 08:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-31 20:51 - 2016-08-20 08:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll 2016-08-31 20:51 - 2016-08-20 08:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2016-08-31 20:51 - 2016-08-20 08:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-08-31 20:51 - 2016-08-20 08:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll 2016-08-31 20:51 - 2016-08-20 08:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2016-08-31 20:51 - 2016-08-20 08:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2016-08-31 20:51 - 2016-08-20 08:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2016-08-31 20:51 - 2016-08-20 08:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL 2016-08-31 20:51 - 2016-08-20 08:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2016-08-31 20:51 - 2016-08-20 08:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2016-08-31 20:51 - 2016-08-20 08:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2016-08-31 20:51 - 2016-08-20 08:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2016-08-31 20:51 - 2016-08-20 08:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL 2016-08-31 20:51 - 2016-08-20 08:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL 2016-08-31 20:51 - 2016-08-20 08:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll 2016-08-31 20:51 - 2016-08-20 08:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-08-31 20:51 - 2016-08-20 08:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-08-31 20:51 - 2016-08-20 08:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-31 20:51 - 2016-08-20 08:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-08-31 20:51 - 2016-08-20 08:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-08-31 20:51 - 2016-08-20 08:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-08-31 20:51 - 2016-08-20 08:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-08-31 20:51 - 2016-08-20 08:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-08-31 20:51 - 2016-08-20 08:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-08-31 20:51 - 2016-08-20 08:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-08-31 20:51 - 2016-08-20 08:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-08-31 20:51 - 2016-08-20 08:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-31 20:51 - 2016-08-20 08:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-08-31 20:51 - 2016-08-20 08:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2016-08-31 20:51 - 2016-08-20 08:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-08-31 20:51 - 2016-08-20 08:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2016-08-31 20:51 - 2016-08-20 08:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2016-08-31 20:51 - 2016-08-20 08:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-08-31 20:51 - 2016-08-20 08:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll 2016-08-31 20:51 - 2016-08-20 08:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll 2016-08-31 20:51 - 2016-08-20 08:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-08-31 20:51 - 2016-08-20 08:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2016-08-31 20:51 - 2016-08-20 08:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2016-08-31 20:51 - 2016-08-20 08:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll 2016-08-31 20:51 - 2016-08-20 08:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll 2016-08-31 20:51 - 2016-08-20 08:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2016-08-31 20:51 - 2016-08-20 08:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-08-31 20:51 - 2016-08-20 08:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2016-08-31 20:51 - 2016-08-20 08:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2016-08-31 20:51 - 2016-08-20 08:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-08-31 20:51 - 2016-08-20 08:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-08-31 20:51 - 2016-08-20 08:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll 2016-08-31 20:51 - 2016-08-20 08:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2016-08-31 20:51 - 2016-08-20 08:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-08-31 20:51 - 2016-08-20 08:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-08-31 20:51 - 2016-08-20 08:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-08-31 20:51 - 2016-08-20 08:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-08-31 20:51 - 2016-08-20 08:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2016-08-31 20:51 - 2016-08-20 08:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-31 20:51 - 2016-08-20 08:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2016-08-31 20:51 - 2016-08-20 08:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll 2016-08-31 20:51 - 2016-08-20 07:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-08-31 20:51 - 2016-08-20 07:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2016-08-31 20:51 - 2016-08-20 07:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-08-31 20:51 - 2016-08-20 07:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-08-31 20:51 - 2016-08-20 07:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2016-08-31 20:51 - 2016-08-20 07:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll 2016-08-31 20:51 - 2016-08-20 07:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-08-31 20:51 - 2016-08-20 07:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll 2016-08-31 20:51 - 2016-08-20 07:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-31 20:51 - 2016-08-20 07:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-31 20:51 - 2016-08-20 07:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2016-08-31 20:51 - 2016-08-20 07:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2016-08-31 20:51 - 2016-08-20 07:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-31 20:51 - 2016-08-20 07:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-08-31 20:51 - 2016-08-20 07:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2016-08-31 20:51 - 2016-08-20 07:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2016-08-31 20:51 - 2016-08-20 07:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-08-31 20:51 - 2016-08-20 07:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-31 20:51 - 2016-08-20 07:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll 2016-08-31 20:51 - 2016-08-20 07:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-31 20:51 - 2016-08-20 07:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-08-31 20:51 - 2016-08-20 07:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2016-08-31 20:51 - 2016-08-20 07:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-31 20:51 - 2016-08-20 07:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2016-08-31 20:51 - 2016-08-20 07:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-08-31 20:51 - 2016-08-20 07:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-08-31 20:51 - 2016-08-20 07:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-31 20:51 - 2016-08-20 07:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-08-31 20:51 - 2016-08-20 07:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2016-08-31 20:51 - 2016-08-19 04:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS 2016-08-26 20:50 - 2016-08-26 20:50 - 00044673 _____ C:\Users\user\Desktop\305362.pdf 2016-08-26 20:50 - 2016-08-26 20:50 - 00044672 _____ C:\Users\user\Desktop\305361.pdf 2016-08-24 14:10 - 2016-08-06 07:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-08-24 14:10 - 2016-08-06 07:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2016-08-24 14:10 - 2016-08-06 07:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-08-24 14:10 - 2016-08-06 07:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-08-24 14:10 - 2016-08-06 07:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-08-24 14:10 - 2016-08-06 07:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-08-24 14:10 - 2016-08-06 07:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-24 14:10 - 2016-08-06 07:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-24 14:10 - 2016-08-06 06:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2016-08-24 14:10 - 2016-08-06 06:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2016-08-24 14:10 - 2016-08-06 06:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-08-24 14:10 - 2016-08-06 06:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-08-24 14:10 - 2016-08-06 06:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-08-24 14:10 - 2016-08-06 06:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-08-24 14:10 - 2016-08-06 06:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll 2016-08-24 14:10 - 2016-08-06 06:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-24 14:10 - 2016-08-06 06:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll 2016-08-24 14:10 - 2016-08-06 06:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-08-24 14:10 - 2016-08-06 06:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-24 14:10 - 2016-08-06 06:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-08-24 14:10 - 2016-08-06 06:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-24 14:10 - 2016-08-06 06:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-08-24 14:10 - 2016-08-06 06:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-24 14:10 - 2016-08-06 06:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-08-24 14:10 - 2016-08-06 06:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-08-24 14:10 - 2016-08-06 06:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2016-08-24 14:10 - 2016-08-05 12:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2016-08-24 14:10 - 2016-08-05 12:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2016-08-24 14:10 - 2016-08-05 12:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll 2016-08-24 14:10 - 2016-08-05 12:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe 2016-08-24 14:10 - 2016-08-05 11:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll 2016-08-24 14:10 - 2016-08-05 11:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll 2016-08-24 14:10 - 2016-08-05 11:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2016-08-24 14:10 - 2016-08-05 11:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll 2016-08-24 14:09 - 2016-08-06 07:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2016-08-24 14:09 - 2016-08-06 07:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2016-08-24 14:09 - 2016-08-06 07:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2016-08-24 14:09 - 2016-08-06 07:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-24 14:09 - 2016-08-06 07:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-24 14:09 - 2016-08-06 07:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-24 14:09 - 2016-08-06 07:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2016-08-24 14:09 - 2016-08-06 07:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-24 14:09 - 2016-08-06 07:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2016-08-24 14:09 - 2016-08-06 07:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-08-24 14:09 - 2016-08-06 07:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2016-08-24 14:09 - 2016-08-06 07:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-08-24 14:09 - 2016-08-06 07:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2016-08-24 14:09 - 2016-08-06 07:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-24 14:09 - 2016-08-06 07:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2016-08-24 14:09 - 2016-08-06 07:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-24 14:09 - 2016-08-06 07:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-24 14:09 - 2016-08-06 07:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-24 14:09 - 2016-08-06 07:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-08-24 14:09 - 2016-08-06 07:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2016-08-24 14:09 - 2016-08-06 07:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-24 14:09 - 2016-08-06 07:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2016-08-24 14:09 - 2016-08-06 07:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2016-08-24 14:09 - 2016-08-06 07:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-08-24 14:09 - 2016-08-06 07:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-08-24 14:09 - 2016-08-06 07:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2016-08-24 14:09 - 2016-08-06 07:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2016-08-24 14:09 - 2016-08-06 07:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-24 14:09 - 2016-08-06 06:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-08-24 14:09 - 2016-08-06 06:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2016-08-24 14:09 - 2016-08-06 06:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll 2016-08-24 14:09 - 2016-08-06 06:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll 2016-08-24 14:09 - 2016-08-06 06:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll 2016-08-24 14:09 - 2016-08-06 06:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2016-08-24 14:09 - 2016-08-06 06:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll 2016-08-24 14:09 - 2016-08-06 06:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2016-08-24 14:09 - 2016-08-06 06:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2016-08-24 14:09 - 2016-08-06 06:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx 2016-08-24 14:09 - 2016-08-06 06:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll 2016-08-24 14:09 - 2016-08-06 06:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2016-08-24 14:09 - 2016-08-06 06:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL 2016-08-24 14:09 - 2016-08-06 06:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe 2016-08-24 14:09 - 2016-08-06 06:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe 2016-08-24 14:09 - 2016-08-06 06:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-08-24 14:09 - 2016-08-06 06:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2016-08-24 14:09 - 2016-08-06 06:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll 2016-08-24 14:09 - 2016-08-06 06:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll 2016-08-24 14:09 - 2016-08-06 06:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2016-08-24 14:09 - 2016-08-06 06:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2016-08-24 14:09 - 2016-08-06 06:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2016-08-24 14:09 - 2016-08-06 06:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe 2016-08-24 14:09 - 2016-08-06 06:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2016-08-24 14:09 - 2016-08-06 06:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe 2016-08-24 14:09 - 2016-08-06 06:44 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys 2016-08-24 14:09 - 2016-08-06 06:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2016-08-24 14:09 - 2016-08-06 06:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll 2016-08-24 14:09 - 2016-08-06 06:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll 2016-08-24 14:09 - 2016-08-06 06:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll 2016-08-24 14:09 - 2016-08-06 06:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-08-24 14:09 - 2016-08-06 06:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-08-24 14:09 - 2016-08-06 06:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-24 14:09 - 2016-08-06 06:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-24 14:09 - 2016-08-06 06:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-08-24 14:09 - 2016-08-06 06:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2016-08-24 14:09 - 2016-08-06 06:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2016-08-24 14:09 - 2016-08-06 06:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2016-08-24 14:09 - 2016-08-06 06:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-24 14:09 - 2016-08-06 06:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll 2016-08-24 14:09 - 2016-08-06 06:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll 2016-08-24 14:09 - 2016-08-06 06:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2016-08-24 14:09 - 2016-08-06 06:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2016-08-24 14:09 - 2016-08-06 06:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll 2016-08-24 14:09 - 2016-08-06 06:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-24 14:09 - 2016-08-06 06:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-24 14:09 - 2016-08-06 06:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll 2016-08-24 14:09 - 2016-08-06 06:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-08-24 14:09 - 2016-08-06 06:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-08-24 14:09 - 2016-08-06 06:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2016-08-24 14:09 - 2016-08-06 06:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-08-24 14:09 - 2016-08-06 06:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-24 14:09 - 2016-08-06 06:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-08-24 14:09 - 2016-08-06 06:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-24 14:09 - 2016-08-06 06:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-08-24 14:09 - 2016-08-06 06:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2016-08-24 14:09 - 2016-08-06 06:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-08-24 14:09 - 2016-08-06 06:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-08-24 14:09 - 2016-08-06 06:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2016-08-24 14:09 - 2016-08-06 06:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-08-24 14:09 - 2016-08-06 06:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll 2016-08-24 14:09 - 2016-08-06 06:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-24 14:09 - 2016-08-06 06:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-24 14:09 - 2016-08-06 06:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll 2016-08-24 14:09 - 2016-08-06 06:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-24 14:09 - 2016-08-06 06:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-24 14:09 - 2016-08-06 06:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-24 14:09 - 2016-08-06 06:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-24 14:09 - 2016-08-06 06:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-24 14:09 - 2016-08-06 06:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-24 14:09 - 2016-08-06 06:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-08-24 14:09 - 2016-08-06 06:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-08-24 14:09 - 2016-08-06 06:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll 2016-08-24 14:09 - 2016-08-06 06:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2016-08-24 14:09 - 2016-08-06 06:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2016-08-24 14:09 - 2016-08-05 11:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll 2016-08-24 14:09 - 2016-08-05 11:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll 2016-08-24 14:09 - 2016-08-05 11:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2016-08-24 14:09 - 2016-08-05 11:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll 2016-08-20 04:14 - 2016-08-20 04:14 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2016-08-20 04:14 - 2016-08-20 04:14 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2016-08-20 00:13 - 2016-08-19 13:19 - 00000000 ___DC C:\WINDOWS\Panther 2016-08-20 00:11 - 2016-08-20 00:11 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2016-08-20 00:11 - 2016-08-20 00:11 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-08-20 00:11 - 2016-08-20 00:11 - 00000000 ____D C:\Program Files\CMAK 2016-08-20 00:11 - 2016-08-20 00:11 - 00000000 ____D C:\Program Files (x86)\CMAK 2016-08-20 00:11 - 2016-07-16 06:29 - 04164608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0002.dll 2016-08-20 00:11 - 2016-07-16 06:26 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0002.dll 2016-08-20 00:11 - 2016-07-16 06:25 - 01915392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS2.dll 2016-08-20 00:11 - 2016-07-16 05:45 - 04164608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0002.dll 2016-08-20 00:11 - 2016-07-16 05:42 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0002.dll 2016-08-20 00:11 - 2016-07-16 05:39 - 01868800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MLS2.dll 2016-08-20 00:10 - 2016-08-20 00:10 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-08-19 13:21 - 2016-08-19 13:21 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-08-19 13:20 - 2016-08-19 13:20 - 00000000 ____D C:\ProgramData\USOShared 2016-08-19 13:19 - 2016-08-19 17:39 - 00000000 ____D C:\Users\user\AppData\Local\ConnectedDevicesPlatform 2016-08-19 13:19 - 2016-08-19 13:19 - 00007623 _____ C:\WINDOWS\diagwrn.xml 2016-08-19 13:19 - 2016-08-19 13:19 - 00007623 _____ C:\WINDOWS\diagerr.xml 2016-08-19 13:19 - 2016-08-19 13:19 - 00000020 ___SH C:\Users\user\ntuser.ini 2016-08-19 13:19 - 2016-08-19 13:19 - 00000000 _SHDL C:\Users\Default\My Documents 2016-08-19 13:19 - 2016-08-19 13:19 - 00000000 _SHDL C:\Users\Default\Documents\My Videos 2016-08-19 13:19 - 2016-08-19 13:19 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures 2016-08-19 13:19 - 2016-08-19 13:19 - 00000000 _SHDL C:\Users\Default\Documents\My Music 2016-08-19 13:19 - 2016-08-19 13:19 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos 2016-08-19 13:19 - 2016-08-19 13:19 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures 2016-08-19 13:19 - 2016-08-19 13:19 - 00000000 _SHDL C:\Users\Default User\Documents\My Music 2016-08-19 13:18 - 2016-09-10 01:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-19 13:18 - 2016-08-20 04:15 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-08-19 13:18 - 2016-08-19 13:18 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-08-19 13:18 - 2016-08-19 13:18 - 00003450 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-08-19 13:18 - 2016-08-19 13:18 - 00003226 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-08-19 13:18 - 2016-08-19 13:18 - 00002820 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-08-19 13:18 - 2016-08-19 13:18 - 00002398 _____ C:\WINDOWS\System32\Tasks\OC GURU II Auto Run 2016-08-19 13:16 - 2016-08-19 13:16 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-08-19 13:15 - 2016-08-19 13:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-08-19 13:15 - 2016-08-19 13:15 - 00000000 _SHDL C:\Users\user\My Documents 2016-08-19 13:15 - 2016-08-19 13:15 - 00000000 _SHDL C:\Users\user\Documents\My Videos 2016-08-19 13:15 - 2016-08-19 13:15 - 00000000 _SHDL C:\Users\user\Documents\My Pictures 2016-08-19 13:15 - 2016-08-19 13:15 - 00000000 _SHDL C:\Users\user\Documents\My Music 2016-08-19 13:15 - 2016-07-16 14:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-08-19 13:14 - 2016-09-10 11:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-08-19 13:14 - 2016-09-10 01:59 - 00000000 ____D C:\ProgramData\NVIDIA 2016-08-19 13:14 - 2016-08-19 13:15 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-08-19 13:14 - 2016-08-19 13:15 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-08-19 13:14 - 2016-08-19 13:15 - 00000000 ____D C:\Program Files\Intel 2016-08-19 13:14 - 2016-08-19 13:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-08-19 13:14 - 2016-08-19 13:14 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-08-19 13:14 - 2016-08-19 13:14 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2016-08-19 13:14 - 2016-05-27 15:50 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-08-19 13:14 - 2015-11-05 18:08 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-08-19 13:14 - 2015-11-05 18:08 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-08-19 13:14 - 2015-11-05 18:08 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-08-19 13:14 - 2015-11-05 18:08 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-08-19 13:14 - 2015-11-05 18:08 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-08-19 13:14 - 2015-11-05 18:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-08-19 13:14 - 2015-10-28 16:49 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-08-19 13:13 - 2016-09-10 12:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-08-19 13:13 - 2016-09-01 02:28 - 00340720 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-08-19 13:13 - 2016-08-19 13:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-08-17 15:36 - 2016-08-17 15:36 - 00312333 _____ C:\Users\user\Downloads\naredba_5_2016_preduchilishtno_obr.pdf 2016-08-17 15:36 - 2016-08-17 15:36 - 00126599 _____ C:\Users\user\Downloads\zakon_obr_minimum_uch_plan.pdf 2016-08-16 00:48 - 2016-08-16 00:48 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-10 11:58 - 2016-06-20 00:19 - 00000000 ____D C:\Program Files (x86)\Steam 2016-09-10 11:57 - 2016-06-01 20:23 - 00000000 ____D C:\Users\user\Documents\temp 2016-09-10 11:57 - 2016-05-31 16:34 - 00000000 __SHD C:\Users\user\IntelGraphicsProfiles 2016-09-10 03:19 - 2016-06-03 23:29 - 00000000 ____D C:\Users\user\AppData\Roaming\uTorrent 2016-09-10 02:05 - 2016-06-01 03:54 - 01195458 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-10 01:58 - 2016-07-16 09:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-09-09 17:39 - 2016-07-16 14:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-09 17:39 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-03 20:35 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\rescache 2016-09-02 00:00 - 2016-07-16 14:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-01 02:30 - 2016-07-16 14:45 - 00000000 ____D C:\WINDOWS\INF 2016-09-01 02:30 - 2016-06-01 03:58 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-09-01 02:27 - 2016-07-16 17:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\es-MX 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\Provisioning 2016-09-01 02:27 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-08-31 21:04 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-08-31 20:47 - 2016-07-16 14:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-08-31 20:47 - 2016-07-16 14:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-08-31 20:47 - 2016-07-16 14:43 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2016-08-31 20:47 - 2016-07-16 14:43 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2016-08-31 20:47 - 2016-07-16 14:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2016-08-31 20:47 - 2016-07-16 14:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-08-31 20:47 - 2016-07-16 14:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-08-31 20:47 - 2016-07-16 14:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-08-31 20:47 - 2016-07-16 14:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-08-31 20:47 - 2016-07-16 14:42 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2016-08-31 20:47 - 2016-07-16 14:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-08-31 20:47 - 2016-07-16 14:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-08-31 20:47 - 2016-07-16 14:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-08-31 20:47 - 2016-07-16 14:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2016-08-31 20:47 - 2016-07-16 14:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2016-08-31 20:47 - 2016-07-16 14:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-08-31 20:47 - 2016-07-16 14:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-08-31 20:47 - 2016-07-16 14:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-08-28 16:18 - 2016-07-06 02:10 - 00000000 ____D C:\Users\user\Desktop\snimki 2016-08-26 08:43 - 2016-07-16 14:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-08-26 08:43 - 2016-07-16 14:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-08-26 03:07 - 2016-06-01 03:58 - 00000000 ____D C:\Users\user\AppData\Local\Packages 2016-08-24 22:09 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-20 19:06 - 2016-07-16 09:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-08-20 04:14 - 2016-06-01 23:57 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2016-08-20 04:14 - 2016-06-01 23:57 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2016-08-20 04:14 - 2016-06-01 23:57 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2016-08-20 04:14 - 2016-06-01 23:57 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2016-08-20 04:14 - 2016-06-01 23:57 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2016-08-20 04:14 - 2016-06-01 23:57 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2016-08-20 04:14 - 2016-06-01 23:57 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2016-08-20 04:14 - 2016-06-01 23:57 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2016-08-20 00:13 - 2016-07-16 14:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-08-20 00:11 - 2016-07-16 17:15 - 00000000 ____D C:\WINDOWS\OCR 2016-08-19 13:22 - 2016-06-01 04:00 - 00002360 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-19 13:22 - 2016-06-01 04:00 - 00000000 ___RD C:\Users\user\OneDrive 2016-08-19 13:20 - 2016-07-16 14:47 - 00000000 ____D C:\ProgramData\USOPrivate 2016-08-19 13:19 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\Registration 2016-08-19 13:18 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-08-19 13:18 - 2015-10-30 10:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2016-08-19 13:17 - 2016-07-16 14:47 - 00000000 __RHD C:\Users\Public\Libraries 2016-08-19 13:16 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-08-19 13:16 - 2016-07-16 14:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-08-19 13:16 - 2016-06-20 00:39 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-08-19 13:16 - 2016-06-20 00:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-08-19 13:16 - 2016-06-05 23:57 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetWin365 Pro 2016-08-19 13:16 - 2016-06-05 00:12 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-19 13:16 - 2016-06-05 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-08-19 13:16 - 2016-06-01 04:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2016-08-19 13:16 - 2016-05-31 17:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-08-19 13:16 - 2016-05-31 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-08-19 13:16 - 2015-10-30 12:07 - 00000000 ____D C:\WINDOWS\ShellNew 2016-08-19 13:16 - 2015-10-30 09:28 - 00000000 ____D C:\Users\Default.migrated 2016-08-19 13:15 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\spool 2016-08-19 13:15 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-08-19 13:15 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-08-19 13:15 - 2016-06-01 07:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking 2016-08-19 13:15 - 2016-05-31 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2016-08-19 13:14 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-08-19 13:14 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-08-19 13:14 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\Help 2016-08-19 03:09 - 2016-06-01 23:53 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-08-18 19:09 - 2016-06-01 23:53 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job ==================== Files in the root of some directories ======= 2016-06-01 04:10 - 2016-06-01 07:15 - 0000000 _____ () C:\Users\user\AppData\Local\Driver_LOM_8161Present.flag ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-09-01 18:49 ==================== End of FRST.txt ============================ Addition.txt
  22. Случайно забелязах папка със непознато ми име RarVault в дял С. В нея има три файла - един текстови, един линк към страница и един svhost.exe Веднага изгасих компютъра и пуснах kaspersry reskue cd да сканира. папката я архивирах и качих тук http://tranzit.dir.b...41QGPuu22731467 ако някой иска да види за какво става дума, естествено на негова отговорност. Та какво да правя сега и как да махна нещото, дали само като изтрия папката ще си махне? Касперски сканира и каза че съм чист, но щом пуснах уиндоуса и влязох в С папката сама се появи пак. Май по-рано днес цъкнах на линк от един приятел по скайп ето логовете Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016 Ran by Valio (06-09-2016 22:36:23) Running from C:\Documents and Settings\Valio\Desktop Microsoft Windows XP Professional Service Pack 3 (X86) (2010-11-07 17:20:38) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2052111302-630328440-1801674531-500 - Administrator - Enabled) Guest (S-1-5-21-2052111302-630328440-1801674531-501 - Limited - Disabled) HelpAssistant (S-1-5-21-2052111302-630328440-1801674531-1000 - Limited - Disabled) SUPPORT_388945a0 (S-1-5-21-2052111302-630328440-1801674531-1002 - Limited - Disabled) Valio (S-1-5-21-2052111302-630328440-1801674531-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Valio ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Panda Free Antivirus (Enabled - Up to date) {5AD27692-540A-464E-B625-78275FA38393} FW: Panda Firewall (Disabled) {1337562C-110A-4AF8-B12B-750C0B30E802} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM\...\uTorrent) (Version: 2.0.3 - ) Acronis MigrateEasy (HKLM\...\MigrateEasy) (Version: - Acronis) Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Ashampoo Burning Studio 6 FREE (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.7.7 - ashampoo GmbH & Co. KG) Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.40 - Atheros Communications Inc.) ATI Catalyst Install Manager (HKLM\...\{B000FB7B-A489-25FC-EA84-1AA54AAD55BB}) (Version: 3.0.790.0 - ATI Technologies, Inc.) ATI Catalyst Registration (Version: 3.00.0000 - ATI Technologies Inc.) Hidden Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.16(T) - TOSHIBA CORPORATION) ccc-core-static (Version: 2010.0910.2122.36517 - ATI) Hidden CryptoPrevent (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC) FormatFactory 2.80 (HKLM\...\FormatFactory) (Version: 2.80 - Free Time) Foxit Reader (HKLM\...\Foxit Reader) (Version: 4.0.0.619 - Foxit Software Company) Free Video Editor version 1.4.13.805 (HKLM\...\Free Video Editor_is1) (Version: 1.4.13.805 - DVDVideoSoft Ltd.) Hard Disk Sentinel (HKLM\...\Hard Disk Sentinel_is1) (Version: - HDS) HDDlife (HKLM\...\{8A142E1E-0B3A-459D-9908-BF77F284297F}) (Version: 2.9.105 - BinarySense) K-Lite Codec Pack 12.0.5 Standard (HKLM\...\KLiteCodecPack_is1) (Version: 12.0.5 - KLCP) Malwarebytes Anti-Malware, версия 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) MozBackup 1.4.10 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 43.0.1 (x86 bg) (HKLM\...\Mozilla Firefox 43.0.1 (x86 bg)) (Version: 43.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla) NitroFamily (HKLM\...\{008E8741-8888-4BEE-89B6-5AECB5FB9611}) (Version: - ) Opera 11.10 (HKLM\...\Opera 11.10.2092) (Version: 11.10.2092 - Opera Software ASA) Panda Devices Agent (Version: 1.03.08 - Panda Security) Hidden Panda Devices Agent (Version: 1.08.00 - Panda Security) Hidden Panda Free Antivirus (HKLM\...\Panda Universal Agent Endpoint) (Version: 17.00.01.0000 - Panda Security) Panda Free Antivirus (Version: 8.31.00 - Panda Security) Hidden PIXresizer 2.0.1 (HKLM\...\PIXresizer_is1) (Version: - Bluefive software) Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden Ralink RT7x Wireless LAN Card (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.5.4.0 - Ralink) Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) Skype 7.0.0.102 (HKLM\...\Skype 7.0.0.102) (Version: - ) Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) The Lord of the Rings FREE Trial (Version: 1.00.0000 - ATI Technologies Inc.) Hidden VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Viber (HKU\S-1-5-21-2052111302-630328440-1801674531-1003\...\{acc83058-83b0-41e2-b372-266672a1af16}) (Version: 6.0.1.5 - Viber Media Inc.) Viber (Version: 6.0.1.5 - Viber Media Inc.) Hidden WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WhoCrashed 3.05 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) Windows Bulgarian Interface Pack (HKLM\...\{C408D81A-CB17-4CDF-98AF-2E64036B3F32}) (Version: 1.0.0.2600 - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows Media Player 10 (HKLM\...\Windows Media Player) (Version: - ) XviD MPEG-4 Video Codec (HKLM\...\xvid) (Version: - XviD Development Team) Архиватор WinRAR (HKLM\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2052111302-630328440-1801674531-1003_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File CustomCLSID: HKU\S-1-5-21-2052111302-630328440-1801674531-1003_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File CustomCLSID: HKU\S-1-5-21-2052111302-630328440-1801674531-1003_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\klcp_update.job => CMD /C sc create KLCPU binPath CMD /V /C SET \FILE \ ProgramFiles \ Lite Codec Pack Tools CodecTweakTool exe\\ IF EXIST FILE START \CTT\ FILE /verysilent /update /freq 30 type own type interact net start KLCPU sc delete KLCPU CMD Valio ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\VMware\ThinApp Help.lnk -> hxxp://www.vmware.com/info?id=766 ==================== Loaded Modules (Whitelisted) ============== 2010-11-07 21:00 - 2006-12-03 15:53 - 00126464 _____ () C:\Program Files\WinRAR\rarext.dll 2005-08-13 21:03 - 2005-08-13 21:03 - 00124928 _____ () C:\Program Files\BinarySense\HDDlife\crashrpt.dll 2015-12-15 20:17 - 2015-12-15 20:17 - 00618544 _____ () C:\Program Files\Panda Security\Panda Security Protection\SQLite3.dll 2010-03-16 13:22 - 2010-03-16 13:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll 2010-08-04 16:58 - 2010-08-04 16:58 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-09-10 22:21 - 2010-09-10 22:21 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Documents and Settings\Valio\My Documents\Shareaza Downloads:Shareaza.GUID [16] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %* ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2008-04-14 15:00 - 2008-04-14 15:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2052111302-630328440-1801674531-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Valio\Local Settings\Application Data\Microsoft\Wallpaper1.bmp DNS Servers: 192.168.137.1 Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) StandardProfile\AuthorizedApplications: [C:\Program Files\uTorrent\uTorrent.exe] => Enabled:µTorrent StandardProfile\AuthorizedApplications: [C:\Program Files\NitroFamily\NitroFamily.exe] => Enabled:NitroFamily StandardProfile\AuthorizedApplications: [C:\Program Files\ASUS\GamerOSD\GamerOSD.exe] => Enabled:ASUS GamerOSD APP StandardProfile\AuthorizedApplications: [G:\instal\INTERNET\DC++\sdc222\StrongDC.exe] => G:\instal\INTERNET\DC++\sdc222\StrongDC.exe:*:Enabled:StrongDC++ StandardProfile\AuthorizedApplications: [C:\Program Files\BitComet\BitComet.exe] => Enabled:BitComet - a BitTorrent Client StandardProfile\AuthorizedApplications: [C:\Program Files\Opera\opera.exe] => Enabled:Opera Internet Browser StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Valio\Desktop\Sky38i.exe] => Enabled:Skype StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox) StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype StandardProfile\GloballyOpenPorts: [16752:TCP] => Enabled:BitComet 16752 TCP StandardProfile\GloballyOpenPorts: [16752:UDP] => Enabled:BitComet 16752 UDP ==================== Restore Points ========================= 16-03-2016 22:26:03 Installed ASUS Smart Doctor 20-03-2016 22:11:27 Installed ASUS Gamer OSD 21-03-2016 01:35:46 Removed ASUS Gamer OSD 21-03-2016 01:39:25 Configured ASUS Smart Doctor 26-03-2016 11:17:33 Configured ASUS Smart Doctor 26-03-2016 11:18:34 Configured ASUS Smart Doctor 26-03-2016 11:19:04 Configured ASUS Smart Doctor 02-04-2016 22:05:47 Installed VMware ThinApp 10-08-2016 20:05:30 Операция за възстановяване 06-09-2016 14:51:26 Installed HDDlife 06-09-2016 16:22:09 Installed Windows Internet Explorer 8. 06-09-2016 18:36:30 Installed WIDCOMM Bluetooth Software 06-09-2016 19:02:53 Removed WIDCOMM Bluetooth Software 06-09-2016 19:36:40 Премахнат Skype™ 7.26 06-09-2016 19:37:17 Installed Skype™ 6.14 06-09-2016 20:27:32 Installed Bluetooth Stack for Windows by Toshiba. ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/06/2016 10:33:24 PM) (Source: .NET Runtime 2.0 Error Reporting) (EventID: 5000) (User: ) Description: EventType clr20r3, P1 006C0073043000730073, P2 5.1.1600.5512, P3 566ff9da, P4 microsoft.visualbasic, P5 8.0.0.0, P6 4889f422, P7 349, P8 4f, P9 system.invalidcastexception, P10 NIL. Error: (09/06/2016 10:17:47 PM) (Source: .NET Runtime 2.0 Error Reporting) (EventID: 5000) (User: ) Description: EventType clr20r3, P1 006C0073043000730073, P2 5.1.1600.5512, P3 566ff9da, P4 microsoft.visualbasic, P5 8.0.0.0, P6 4889f422, P7 349, P8 4f, P9 system.invalidcastexception, P10 NIL. Error: (09/06/2016 08:53:35 PM) (Source: .NET Runtime 2.0 Error Reporting) (EventID: 5000) (User: ) Description: EventType clr20r3, P1 006C0073043000730073, P2 5.1.1600.5512, P3 566ff9da, P4 microsoft.visualbasic, P5 8.0.0.0, P6 4889f422, P7 349, P8 4f, P9 system.invalidcastexception, P10 NIL. Error: (09/06/2016 08:47:30 PM) (Source: .NET Runtime 2.0 Error Reporting) (EventID: 5000) (User: ) Description: EventType clr20r3, P1 006C0073043000730073, P2 5.1.1600.5512, P3 566ff9da, P4 microsoft.visualbasic, P5 8.0.0.0, P6 4889f422, P7 349, P8 4f, P9 system.invalidcastexception, P10 NIL. Error: (09/06/2016 08:23:07 PM) (Source: .NET Runtime 2.0 Error Reporting) (EventID: 5000) (User: ) Description: EventType clr20r3, P1 006C0073043000730073, P2 5.1.1600.5512, P3 566ff9da, P4 microsoft.visualbasic, P5 8.0.0.0, P6 4889f422, P7 349, P8 4f, P9 system.invalidcastexception, P10 NIL. Error: (09/06/2016 08:14:16 PM) (Source: .NET Runtime 2.0 Error Reporting) (EventID: 5000) (User: ) Description: EventType clr20r3, P1 006C0073043000730073, P2 5.1.1600.5512, P3 566ff9da, P4 microsoft.visualbasic, P5 8.0.0.0, P6 4889f422, P7 349, P8 4f, P9 system.invalidcastexception, P10 NIL. Error: (09/06/2016 07:35:56 PM) (Source: MsiInstaller) (EventID: 1013) (User: VALIO-PC) Description: Product: Skype™ 6.14 -- A later version of Skype™ 6.14 is already installed. System errors: ============= Error: (09/06/2016 08:20:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Windows Installer service terminated unexpectedly. It has done this 1 time(s). Error: (09/06/2016 08:20:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (09/06/2016 08:20:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s). Error: (09/06/2016 08:20:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Windows User Mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). Error: (09/06/2016 08:20:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The SAMSUNG Mobile Connectivity Service service terminated unexpectedly. It has done this 1 time(s). Error: (09/06/2016 08:20:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Panda Devices Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service. Error: (09/06/2016 08:20:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s). Error: (09/06/2016 07:47:33 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Generate Activation Context failed for C:\Program Files\DVDVideoSoft\Free Video Editor\FreeVideoEditor.exe. Reference error message: The operation completed successfully. . Error: (09/06/2016 07:47:33 PM) (Source: SideBySide) (EventID: 58) (User: ) Description: Syntax error in manifest or policy file "C:\Program Files\DVDVideoSoft\Free Video Editor\FreeVideoEditor.exe" on line 0. Error: (09/06/2016 06:55:37 PM) (Source: System Error) (EventID: 1003) (User: ) Description: Error code 000000ea, parameter1 88f00a58, parameter2 89b947a0, parameter3 8a4883f0, parameter4 00000001. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz Percentage of memory in use: 16% Total physical RAM: 3071.11 MB Available physical RAM: 2549.96 MB Total Virtual: 4956.19 MB Available Virtual: 4432.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:149.05 GB) (Free:46.37 GB) NTFS ==>[drive with boot components (Windows XP)] Drive d: (ADATA UFD) (Removable) (Total:28.89 GB) (Free:4.55 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: A21C08DC) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=28.9 GB) - (Type=0C) ==================== End of Addition.txt ============================ Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016 Ran by Valio (administrator) on VALIO-PC (06-09-2016 22:34:59) Running from C:\Documents and Settings\Valio\Desktop Loaded Profiles: Valio (Available Profiles: Valio) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe (BinarySense, Ltd.) C:\Program Files\BinarySense\HDDlife\HDDlifePro.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [33673216 2009-08-28] (VIA Technologies, Inc.) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-10] (Advanced Micro Devices, Inc.) HKLM\...\Run: [ATICustomerCare] => C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.) HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [109824 2016-08-05] (Panda Security, S.L.) HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION) HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.js <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.jse <====== ATTENTION HKLM Group Policy restriction on software: ** <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION HKLM Group Policy restriction on software: *:\RECYCLER <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.js <====== ATTENTION HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.js <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.js <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.cmd <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\*.jse <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\viber\updater.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\viber\viber.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\viber\qtwebengineprocess.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\viber\linkparser.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\viber\qtwebengineprocess.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\viber\updater.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\viber\viber.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\viber\updater.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\viber\updater.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\viber\qtwebengineprocess.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\viber\updater.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\viber\linkparser.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\viber\viber.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\viber\linkparser.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\viber\qtwebengineprocess.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Application Data\viber\linkparser.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\viber\viber.exe <====== ATTENTION HKLM Group Policy restriction on software: %appdata%\viber\linkparser.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\Application Data\viber\qtwebengineprocess.exe <====== ATTENTION HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\viber\viber.exe <====== ATTENTION Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2010-09-11] (ATI Technologies Inc.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2016-09-06] ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe (TOSHIBA CORPORATION.) Startup: C:\Documents and Settings\Valio\Start Menu\Programs\Startup\HDDlife.lnk [2016-09-06] ShortcutTarget: HDDlife.lnk -> C:\Program Files\BinarySense\HDDlife\HDDlifePro.exe (BinarySense, Ltd.) Startup: C:\Documents and Settings\Valio\Start Menu\Programs\Startup\LocalSystem.lnk [2016-09-06] ShortcutTarget: LocalSystem.lnk -> C:\WINDOWS\system32\lsаss.exe (Microsoft Corporation) GroupPolicyScripts: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.137.1 Tcpip\..\Interfaces\{06CABE20-480A-4AA0-9CC1-AA36453BEC30}: [DhcpNameServer] 192.168.137.1 Tcpip\..\Interfaces\{799F7017-7406-4F39-919E-BB864845E776}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{A252AF90-EA63-4EC7-B1E1-457811249394}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{C5DBAAF7-1739-484D-AE2D-C517657F1640}: [DhcpNameServer] 192.168.137.1 Tcpip\..\Interfaces\{CA100D9E-F1C7-4A77-A69D-963437D8BDCA}: [DhcpNameServer] 192.168.137.1 Tcpip\..\Interfaces\{F19BF960-CE76-4F20-BD48-BE12EAA8AC0E}: [DhcpNameServer] 192.168.137.1 Tcpip\..\Interfaces\{FAE64C97-ECD7-4296-8BD4-603BEEC607B1}: [DhcpNameServer] 192.168.137.1 Internet Explorer: ================== HKU\S-1-5-21-2052111302-630328440-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.bg/ HKU\S-1-5-21-2052111302-630328440-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch FireFox: ======== FF ProfilePath: C:\Documents and Settings\Valio\Application Data\Mozilla\Firefox\Profiles\tbt07bz3.default FF DefaultSearchEngine: Google Custom Search FF Homepage: hxxps://google.bg FF Keyword.URL: hxxp://search.musicfrost.com/results.php?q= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-09-06] () FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2016-09-06] (Foxit Software Company) FF SearchPlugin: C:\Documents and Settings\Valio\Application Data\Mozilla\Firefox\Profiles\tbt07bz3.default\searchplugins\daemon-search.xml [2010-09-13] FF SearchPlugin: C:\Documents and Settings\Valio\Application Data\Mozilla\Firefox\Profiles\tbt07bz3.default\searchplugins\MFGSearch.xml [2011-01-29] FF Extension: (Forecastfox) - C:\Documents and Settings\Valio\Application Data\Mozilla\Firefox\Profiles\tbt07bz3.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2016-09-06] FF Extension: (oldbar) - C:\Documents and Settings\Valio\Application Data\Mozilla\Firefox\Profiles\tbt07bz3.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}.xpi [2016-09-06] FF Extension: (Forecastfox (fix version)) - C:\Documents and Settings\Valio\Application Data\Mozilla\Firefox\Profiles\tbt07bz3.default\extensions\[email protected]_fix_version.xpi [2016-09-06] FF Extension: (Bulgarian Dictionary) - C:\Documents and Settings\Valio\Application Data\Mozilla\Firefox\Profiles\tbt07bz3.default\Extensions\[email protected] [2016-03-06] [not signed] FF Extension: (YouTube™ Flash® Player) - C:\Documents and Settings\Valio\Application Data\Mozilla\Firefox\Profiles\tbt07bz3.default\Extensions\[email protected] [2016-09-06] FF Extension: (Firefox Hello Beta) - C:\Documents and Settings\Valio\Application Data\Mozilla\Firefox\Profiles\tbt07bz3.default\Extensions\[email protected] [2016-09-06] FF Extension: (Модул за сканиране на уеб адреси) - C:\Program Files\Mozilla Firefox\extensions\[email protected]_bak [2011-02-13] [not signed] FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\[email protected] => not found ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [153096 2016-08-05] (Panda Security, S.L.) R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.) R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [48584 2016-08-05] (Panda Security, S.L.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2013-06-29] (Atheros Communications, Inc.) S3 asusgsb; C:\WINDOWS\System32\drivers\asusgsb.sys [12416 2009-02-17] (ASUSTeK Computer Inc.) [File not signed] R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [101904 2010-07-21] (ATI Technologies, Inc.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R2 EIO_XP; C:\WINDOWS\system32\drivers\EIO_XP.sys [14336 2009-07-30] (ASUSTeK Computer Inc.) [File not signed] S3 es1371; C:\WINDOWS\System32\drivers\es1371mp.sys [40704 2001-08-17] (Creative Technology Ltd.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2016-09-06] (REALiX(tm)) R3 L1e; C:\WINDOWS\System32\DRIVERS\l1e51x86.sys [39424 2009-08-05] (Atheros Communications, Inc.) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [87032 2015-12-04] (Panda Security, S.L.) R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [202104 2015-12-04] (Panda Security, S.L.) R1 NNSHTTPS; C:\WINDOWS\System32\DRIVERS\NNSHttps.sys [109688 2015-12-04] (Panda Security, S.L.) R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [121720 2015-12-04] (Panda Security, S.L.) R3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [46480 2015-04-27] (Panda Security, S.L.) R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [102392 2015-12-04] (Panda Security, S.L.) R1 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [52088 2015-12-04] (Panda Security, S.L.) R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [120568 2015-12-04] (Panda Security, S.L.) R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [281720 2015-12-04] (Panda Security, S.L.) R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [216208 2016-02-17] (Panda Security, S.L.) R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [108408 2015-12-04] (Panda Security, S.L.) R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [247568 2016-02-17] (Panda Security, S.L.) R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [94968 2015-12-04] (Panda Security, S.L.) R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [148496 2016-08-05] (Panda Security, S.L.) R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [109456 2016-08-05] (Panda Security, S.L.) R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [180112 2016-08-05] (Panda Security, S.L.) R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [121872 2016-08-05] (Panda Security, S.L.) R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [133520 2016-08-05] (Panda Security, S.L.) R2 PSINReg; C:\WINDOWS\System32\DRIVERS\PSINReg.sys [107920 2016-08-05] (Panda Security, S.L.) U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [58288 2016-08-08] (Panda Security, S.L.) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [17160 2015-03-05] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [13064 2015-03-05] () R3 RT73; C:\WINDOWS\System32\DRIVERS\rt73.sys [451968 2007-10-01] (Ralink Technology, Corp.) R0 snapman; C:\WINDOWS\System32\DRIVERS\snapman.sys [65856 2016-09-06] (Acronis) [File not signed] R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2016-03-06] () [File not signed] R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361344 2010-11-07] (Microsoft Corporation) [File not signed] S3 VBoxNetAdp; C:\WINDOWS\System32\DRIVERS\VBoxNetAdp.sys [95376 2009-10-29] (Sun Microsystems, Inc.) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [32016 2009-10-29] (Sun Microsystems, Inc.) R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [1390976 2009-08-17] (VIA Technologies, Inc.) S4 IntelIde; no ImagePath S3 SNP325; system32\DRIVERS\snp325.sys [X] S3 StarOpen; no ImagePath S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] S3 Video3D; System32\Drivers\Video3D32.sys [X] U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-07 00:07 - 2016-09-07 01:14 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2016-09-06 22:34 - 2016-09-06 22:35 - 00042908 _____ C:\Documents and Settings\Valio\Desktop\FRST.txt 2016-09-06 22:34 - 2016-09-06 22:34 - 00000000 ____D C:\FRST 2016-09-06 22:34 - 2016-09-06 22:29 - 01747968 _____ (Farbar) C:\Documents and Settings\Valio\Desktop\FRST.exe 2016-09-06 22:33 - 2016-08-08 12:00 - 00058288 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys 2016-09-06 22:17 - 2016-09-06 22:33 - 00000000 ____D C:\RarVault 2016-09-06 21:02 - 2016-09-06 21:02 - 02307616 _____ (Kaspersky Lab) C:\Documents and Settings\Valio\Desktop\kts17.0.0.611en_10781.exe 2016-09-06 20:58 - 2016-09-06 20:58 - 00000400 __RSH C:\Documents and Settings\All Users\ntuser.pol 2016-09-06 20:58 - 2016-09-06 20:58 - 00000067 _____ C:\Documents and Settings\Valio\Desktop\rufus.ini 2016-09-06 20:54 - 2016-09-06 20:58 - 291952640 _____ C:\Documents and Settings\Valio\Desktop\kav_rescue_10.iso 2016-09-06 20:49 - 2016-09-06 20:49 - 02619784 _____ (Foolish IT LLC ) C:\Documents and Settings\Valio\Desktop\CryptoPreventSetup.exe 2016-09-06 20:49 - 2016-09-06 20:49 - 00000865 _____ C:\Documents and Settings\All Users\Desktop\CryptoPrevent.lnk 2016-09-06 20:49 - 2016-09-06 20:49 - 00000000 ____D C:\Program Files\Foolish IT 2016-09-06 20:49 - 2016-09-06 20:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Foolish IT 2016-09-06 20:47 - 2016-09-06 20:47 - 00458652 _____ C:\RarVault.rar 2016-09-06 20:46 - 2016-09-06 20:46 - 00000000 ____D C:\Documents and Settings\Valio\Local Settings\Application Data\Toshiba 2016-09-06 20:46 - 2016-09-06 20:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TOSHIBA 2016-09-06 20:38 - 2016-09-06 20:38 - 00002419 _____ C:\Documents and Settings\Valio\Local Settings\Temp2.html 2016-09-06 20:29 - 2016-09-06 20:29 - 00000882 _____ C:\Documents and Settings\All Users\Desktop\Revo Uninstaller.lnk 2016-09-06 20:29 - 2016-09-06 20:29 - 00000000 ____D C:\Program Files\VS Revo Group 2016-09-06 20:29 - 2016-09-06 20:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller 2016-09-06 20:27 - 2016-09-06 20:27 - 00000000 ____D C:\Program Files\Toshiba 2016-09-06 20:27 - 2016-09-06 20:27 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TOSHIBA 2016-09-06 20:27 - 2009-07-28 20:01 - 00069480 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\tosrfcom.sys 2016-09-06 20:27 - 2009-06-17 11:59 - 00046984 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\Drivers\tosporte.sys 2016-09-06 20:17 - 2016-09-06 20:20 - 00000000 ____D C:\AdwCleaner 2016-09-06 20:15 - 2016-09-06 20:15 - 00000000 ____D C:\Program Files\Common Files\Skype 2016-09-06 20:15 - 2016-09-06 20:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype 2016-09-06 19:48 - 2016-09-06 19:48 - 00000917 _____ C:\Documents and Settings\All Users\Desktop\Free Video Editor.lnk 2016-09-06 19:47 - 2016-09-06 19:47 - 00000000 ____D C:\Program Files\DVDVideoSoft 2016-09-06 19:47 - 2016-09-06 19:47 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft 2016-09-06 19:47 - 2016-09-06 19:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\DVDVideoSoft 2016-09-06 19:37 - 2016-09-06 20:29 - 00002265 _____ C:\Documents and Settings\All Users\Desktop\Skype.lnk 2016-09-06 19:37 - 2016-09-06 20:15 - 00000000 ___RD C:\Program Files\Skype 2016-09-06 19:37 - 2016-09-06 19:37 - 00000000 ____D C:\Documents and Settings\Valio\Local Settings\Application Data\Skype 2016-09-06 19:28 - 2016-09-06 19:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ProductData 2016-09-06 19:28 - 2016-09-06 19:28 - 00000000 ____D C:\WINDOWS\IObit 2016-09-06 19:27 - 2016-09-06 19:27 - 00023840 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO32.SYS 2016-09-06 19:27 - 2016-09-06 19:27 - 00000000 ____D C:\Documents and Settings\Valio\Application Data\IObit 2016-09-06 19:27 - 2016-09-06 19:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\IObit 2016-09-06 19:23 - 2016-09-06 19:24 - 15206472 _____ (IObit ) C:\Documents and Settings\Valio\Desktop\driver_booster_setup.exe 2016-09-06 19:08 - 2016-09-06 19:08 - 00007385 _____ C:\Documents and Settings\Valio\Local Settings\Temp6.html 2016-09-06 19:08 - 2016-09-06 19:08 - 00000000 __SHD C:\Documents and Settings\Valio\PrivacIE 2016-09-06 18:54 - 2016-09-06 18:52 - 00068000 ____H C:\WINDOWS\Minidump\Mini090616-01.dmp 2016-09-06 18:53 - 2016-09-06 18:53 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat 2016-09-06 18:51 - 2016-09-06 18:51 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\TOSHIBA Bluetooth Stack 7.00.16 (x86) 2016-09-06 18:51 - 2016-09-06 18:51 - 00000000 ____D C:\Documents and Settings\Val\Desktop\Femanic 2016-09-06 18:35 - 2016-09-06 18:35 - 00000000 ____D C:\Program Files\WhoCrashed 2016-09-06 18:35 - 2016-09-06 18:35 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\WhoCrashed 2016-09-06 18:31 - 2001-08-17 12:12 - 00117760 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\e100b325.sys 2016-09-06 18:31 - 2001-08-17 12:12 - 00117760 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e100b325.sys 2016-09-06 16:47 - 2016-09-06 16:47 - 00000000 __SHD C:\Documents and Settings\Valio\IETldCache 2016-09-06 16:47 - 2016-09-06 16:47 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache 2016-09-06 16:22 - 2016-09-06 16:45 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt 2016-09-06 16:22 - 2009-01-07 18:21 - 00026144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spupdsvc.exe 2016-09-06 16:22 - 2009-01-07 18:20 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll 2016-09-06 16:21 - 2016-09-06 16:22 - 00000000 __HDC C:\WINDOWS\ie8 2016-09-06 14:51 - 2016-09-06 14:51 - 00000000 ____D C:\Program Files\BinarySense 2016-09-06 14:51 - 2016-09-06 14:51 - 00000000 ____D C:\Documents and Settings\Valio\Application Data\BinarySense 2016-09-06 14:51 - 2016-09-06 14:51 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HDDlife 2016-09-06 14:43 - 2016-09-06 14:43 - 00000000 ____D C:\Documents and Settings\Val\Local Settings\Application Data\Opera 2016-09-06 14:43 - 2016-09-06 14:43 - 00000000 ____D C:\Documents and Settings\Val 2016-09-06 14:42 - 2016-09-06 14:42 - 00001498 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk 2016-09-06 14:42 - 2016-09-06 14:42 - 00000000 ____D C:\Program Files\Opera 2016-09-06 14:41 - 2016-09-06 14:43 - 00000000 ____D C:\Documents and Settings\Valio\Application Data\Opera 2016-09-06 14:41 - 2016-09-06 14:41 - 00000000 ____D C:\Documents and Settings\Valio\Local Settings\Application Data\Opera 2016-09-06 13:53 - 2016-09-06 13:53 - 00000000 ____D C:\Program Files\Foxit Software 2016-09-06 13:53 - 2016-09-06 13:53 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Foxit Reader 2016-09-06 13:47 - 2016-09-06 16:49 - 00000000 ____D C:\Documents and Settings\Valio\Application Data\ViberPC 2016-09-06 13:46 - 2016-09-06 13:46 - 00000875 _____ C:\Documents and Settings\Valio\Start Menu\Viber.lnk 2016-09-06 13:46 - 2016-09-06 13:46 - 00000000 ____D C:\Documents and Settings\Valio\Start Menu\Programs\Viber 2016-09-06 13:45 - 2016-09-06 13:46 - 00000000 ____D C:\Documents and Settings\Valio\Local Settings\Application Data\Viber 2016-09-06 13:45 - 2016-09-06 13:45 - 00000000 ____D C:\Documents and Settings\Valio\Local Settings\Application Data\Package Cache 2016-09-06 13:32 - 2016-09-06 13:33 - 00000000 ____D C:\Program Files\RevConnect 2016-09-06 13:25 - 2016-09-06 18:51 - 00000000 ____D C:\Documents and Settings\Valio\Application Data\uTorrent 2016-09-06 13:19 - 2016-09-06 20:38 - 00001667 _____ C:\Documents and Settings\Valio\Local Settings\Temp1.html 2016-09-06 13:18 - 2016-09-06 13:18 - 00000000 ____D C:\Program Files\PIXresizer 2016-09-06 13:18 - 2016-09-06 13:18 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\PIXresizer 2016-09-06 13:18 - 2007-04-15 01:05 - 00991232 _____ (Viscom Software ) C:\WINDOWS\system32\imageviewer2.ocx 2016-09-06 13:18 - 2004-03-09 00:00 - 00224016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabctl32.ocx 2016-09-06 13:18 - 2002-08-29 20:00 - 01703936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdiplus.dll 2016-09-06 13:18 - 2000-07-09 19:15 - 00106496 _____ (Marco Bellinaso) C:\WINDOWS\system32\mbprgbar.ocx 2016-09-06 13:18 - 2000-05-22 01:00 - 00608448 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.ocx 2016-09-06 13:18 - 2000-05-02 00:02 - 00110592 _____ (Common Controls Replacement Project (CCRP)) C:\WINDOWS\system32\ccrpbds6.dll 2016-09-06 13:18 - 1999-09-16 10:04 - 00151552 _____ (Domenico Statuto - CCRP) C:\WINDOWS\system32\ccrpfd6.ocx 2016-09-06 13:18 - 1998-06-24 01:00 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\system32\comct232.ocx 2016-09-06 13:18 - 1996-01-12 01:00 - 00200704 _____ (Sheridan Software Systems, Inc.) C:\WINDOWS\system32\threed32.ocx 2016-09-06 13:15 - 2016-09-06 22:18 - 00196608 _____ C:\WINDOWS\system32\config\Nano.evt 2016-09-06 13:15 - 2016-09-06 13:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Panda Free Antivirus 2016-09-06 11:46 - 2016-09-06 12:30 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\wetandpissy 2016-09-06 11:46 - 2016-09-06 11:49 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\old 2016-09-06 11:46 - 2016-09-06 11:46 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\Нова папка 2016-09-06 11:42 - 2016-09-06 20:58 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\WinSetupFromUSB-1-7 2016-09-06 11:40 - 2016-09-06 11:41 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\turk 2016-09-06 11:40 - 2016-09-06 11:40 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\TeamViewerPortable 2016-09-06 11:39 - 2016-09-06 11:40 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\simbian 2016-09-06 11:29 - 2016-09-06 18:46 - 00000000 ____D C:\Program Files\Hard Disk Sentinel 2016-09-06 11:29 - 2016-09-06 11:29 - 00000690 _____ C:\Documents and Settings\Valio\Desktop\Hard Disk Sentinel.lnk 2016-09-06 11:29 - 2016-09-06 11:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Hard Disk Sentinel 2016-09-06 11:25 - 2016-09-06 11:28 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\Sophia E 2016-09-06 11:22 - 2016-09-06 11:22 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\sharewareonsale_giveaway_hdsentinel_setup 2016-09-06 11:20 - 2016-09-06 11:20 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\NOVI 2016-09-06 11:20 - 2016-09-06 11:20 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\muziki 2016-09-06 11:15 - 2016-09-06 11:17 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\MPLMay 2016-09-06 11:12 - 2016-09-06 11:14 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\MPLFevral 2016-09-06 11:09 - 2016-09-06 11:12 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\MPLAvgust 2016-09-06 11:07 - 2016-09-06 11:07 - 00000000 ____D C:\Program Files\BitComet 2016-09-06 11:07 - 2016-02-06 23:29 - 00069824 _____ C:\Documents and Settings\Valio\My Documents\Антивирусни програми Софтуер.htm 2016-09-06 11:07 - 2016-01-13 19:29 - 00220776 _____ C:\Documents and Settings\Valio\My Documents\arhiv abonati v skaip valio_andonov.vcf 2016-09-06 11:07 - 2016-01-04 19:00 - 00001022 _____ C:\Documents and Settings\Valio\My Documents\indexfile.txt 2016-09-06 11:07 - 2015-12-16 20:51 - 00144594 _____ C:\Documents and Settings\Valio\My Documents\otmetki ot opera .adr 2016-09-06 11:07 - 2011-01-01 15:29 - 03022787 _____ C:\Documents and Settings\Valio\My Documents\ASYA12LGC%20-%20AOYR12LGC%20-%20Technical.pdf 2016-09-06 11:07 - 2010-09-06 16:31 - 01034741 _____ C:\Documents and Settings\Valio\My Documents\whirlpool.pdf 2016-09-06 11:07 - 2010-05-15 19:52 - 00069167 _____ C:\Documents and Settings\Valio\My Documents\bookmarks.html 2016-09-06 11:07 - 2010-03-06 16:52 - 44193796 _____ C:\Documents and Settings\Valio\My Documents\Todor Jivkov.mpeg 2016-09-06 11:07 - 2009-12-27 20:13 - 00444098 _____ C:\Documents and Settings\Valio\My Documents\staq.sh3d 2016-09-06 11:07 - 2009-03-29 20:25 - 01036150 _____ C:\Documents and Settings\Valio\My Documents\AquariumV11.rar 2016-09-06 11:05 - 2016-09-06 11:05 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\Изтегляния 2016-09-06 11:05 - 2016-09-06 11:05 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\ViberDownloads 2016-09-06 11:04 - 2016-09-06 11:04 - 00000000 ___RD C:\Documents and Settings\Valio\My Documents\Shareaza Downloads 2016-09-06 11:04 - 2016-09-06 11:04 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\sdc222 2016-09-06 11:04 - 2016-09-06 11:04 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\MusicFrost 2016-09-06 11:04 - 2016-09-06 11:04 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\ICQ Lite 2016-09-06 11:04 - 2016-09-06 11:04 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\gegl-0.0 2016-09-06 11:04 - 2016-09-06 11:04 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\FFOutput 2016-09-06 11:03 - 2016-09-06 13:26 - 00000000 ___RD C:\Documents and Settings\Valio\Desktop\Program Files 2016-09-06 11:03 - 2016-09-06 11:04 - 00000000 ___RD C:\Documents and Settings\Valio\My Documents\Dropbox 2016-09-06 11:03 - 2016-09-06 11:03 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\Bluetooth Exchange Folder 2016-09-06 11:03 - 2016-09-06 11:03 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\AquariumV11 2016-09-06 11:03 - 2016-09-06 11:03 - 00000000 ____D C:\Documents and Settings\Valio\My Documents\alia 2016-09-06 11:01 - 2016-09-06 11:01 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\MPL - 2011-07 Video 2016-09-06 10:55 - 2016-09-06 11:00 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\MET-ART 11 - 20 June 2015 2016-09-06 10:55 - 2016-09-06 10:55 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\lv6tboxhda2 notonly на vali преминават на стендбай - Страница 16 - Digital TV Forums - БЪЛГАРСКИЯТ ФОРУМ ЗА ЦИФРОВА ТЕЛЕВИЗИЯ_files 2016-09-06 10:53 - 2016-09-06 10:55 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\Lena pics 2016-09-06 10:53 - 2016-09-06 10:53 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\king 2016-09-06 10:53 - 2016-09-06 10:53 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\ireland 2016-09-06 10:52 - 2016-09-06 10:52 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\delux mouse 2016-09-06 10:52 - 2016-09-06 10:52 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\DCIM 2016-09-06 10:52 - 2016-09-06 10:52 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\Barbara_Pease_-_Zashto_myzhete_ne_ch1.txt 2016-09-06 10:50 - 2016-09-06 10:51 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\antivirus 2016-09-06 10:50 - 2016-09-06 10:50 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\2015 2016-09-06 10:50 - 2016-09-06 10:50 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\2014 2016-09-06 10:50 - 2016-09-06 10:50 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\2013 2016-09-06 10:50 - 2016-09-06 10:50 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\2012 2016-09-06 10:50 - 2016-09-06 10:50 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\2011 2016-09-06 10:47 - 2015-08-11 12:22 - 02895360 _____ C:\WINDOWS\system32\pwNative.exe 2016-09-06 10:47 - 2015-03-05 10:15 - 00017160 ____N C:\WINDOWS\system32\pwdrvio.sys 2016-09-06 10:47 - 2015-03-05 10:15 - 00013064 ____N C:\WINDOWS\system32\pwdspio.sys 2016-09-06 10:46 - 2016-09-06 10:47 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1 2016-09-06 10:46 - 2016-09-06 10:46 - 00000854 _____ C:\Documents and Settings\All Users\Desktop\MiniTool Partition Wizard Free.lnk 2016-09-06 10:46 - 2016-09-06 10:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\MiniTool Partition Wizard Free 9.1 2016-09-06 09:55 - 2016-09-06 09:55 - 00373248 _____ (Acronis) C:\WINDOWS\system32\autoprnt.exe 2016-09-06 09:55 - 2016-09-06 09:55 - 00102400 _____ (Acronis) C:\WINDOWS\system32\snapapi.dll 2016-09-06 09:55 - 2016-09-06 09:55 - 00065856 _____ (Acronis) C:\WINDOWS\system32\Drivers\snapman.sys 2016-09-06 09:55 - 2016-09-06 09:55 - 00037888 _____ C:\WINDOWS\system32\setupnt.dll 2016-09-06 09:55 - 2016-09-06 09:55 - 00000936 _____ C:\Documents and Settings\Valio\Desktop\Acronis MigrateEasy.lnk 2016-09-06 09:55 - 2016-09-06 09:55 - 00000000 ____D C:\Program Files\Common Files\Acronis 2016-09-06 09:55 - 2016-09-06 09:55 - 00000000 ____D C:\Program Files\Acronis 2016-09-06 09:55 - 2016-09-06 09:55 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Acronis 2016-09-05 23:52 - 2016-09-05 23:53 - 41700480 _____ (Skype Technologies S.A.) C:\Documents and Settings\Valio\Desktop\SkypeSetupFullXp.exe 2016-09-05 20:50 - 2016-09-06 13:46 - 00000875 _____ C:\Documents and Settings\Valio\Desktop\Viber.lnk 2016-09-05 19:51 - 2016-09-05 19:51 - 00937080 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Documents and Settings\Valio\Desktop\rufus-2.10p.exe 2016-09-04 22:28 - 2012-03-17 19:07 - 259157272 _____ C:\Documents and Settings\Valio\Desktop\3123v_hi.avi 2016-09-04 20:19 - 2016-02-10 20:51 - 19057568 _____ (Microsoft) C:\Documents and Settings\Valio\Desktop\NokiaSoftwareRecoveryToolInstaller.exe 2016-09-02 22:39 - 2016-09-02 22:39 - 01038335 _____ C:\Documents and Settings\Valio\Desktop\[Guru3D.com]-DDU.zip 2016-09-02 21:42 - 2016-09-06 13:17 - 00000656 _____ C:\Documents and Settings\Valio\Desktop\Пряк път до Ultra Video Joiner.exe.lnk 2016-09-02 21:41 - 2016-09-02 21:41 - 00000706 _____ C:\Documents and Settings\Valio\Desktop\Пряк път до DCPlusPlus.exe.lnk 2016-09-02 21:36 - 2016-09-06 13:18 - 00000706 _____ C:\Documents and Settings\Valio\Desktop\PIXresizer.lnk 2016-09-02 21:30 - 2016-09-06 13:33 - 00000682 _____ C:\Documents and Settings\Valio\Desktop\Пряк път до BitComet.exe.lnk 2016-09-02 21:25 - 2016-09-02 21:25 - 03826240 _____ C:\Documents and Settings\Valio\Desktop\adwcleaner_6.010.exe 2016-09-02 21:01 - 2016-09-02 21:02 - 36580047 _____ (KLCP ) C:\Documents and Settings\Valio\Desktop\K-Lite_Codec_Pack_1235_Full.exe 2016-09-01 18:13 - 2016-08-27 21:44 - 06543984 _____ (IObit ) C:\Documents and Settings\Valio\Desktop\AWCSetup_Major.exe 2016-09-01 18:13 - 2016-03-05 18:57 - 31095938 _____ C:\Documents and Settings\Valio\Desktop\bg-science86.pdf 2016-09-01 18:13 - 2016-01-14 21:26 - 30984401 _____ C:\Documents and Settings\Valio\Desktop\bg-science84.pdf 2016-09-01 18:13 - 2015-12-18 21:59 - 19819451 ____R C:\Documents and Settings\Valio\Desktop\2015-12-18 Valio 2690.nbu 2016-09-01 18:13 - 2015-01-23 10:38 - 156129250 _____ C:\Documents and Settings\Valio\Desktop\95a14b0fd6153328c12fe1072b3f3be0.flv 2016-09-01 18:13 - 2010-04-17 14:28 - 56804132 _____ C:\Documents and Settings\Valio\Desktop\2DB06C3-48942980.avi 2016-09-01 18:13 - 2010-03-03 19:08 - 00921011 _____ C:\Documents and Settings\Valio\Desktop\ConnectifyInstaller.exe 2016-09-01 18:12 - 2016-09-06 13:17 - 00000620 _____ C:\Documents and Settings\Valio\Desktop\Sweet Home 3D.lnk 2016-09-01 18:12 - 2016-09-04 19:47 - 00000734 _____ C:\Documents and Settings\Valio\Desktop\Start Tor Browser.lnk 2016-09-01 18:12 - 2016-09-04 18:27 - 00000697 _____ C:\Documents and Settings\Valio\Desktop\StrongDC.lnk 2016-09-01 18:12 - 2016-08-26 21:21 - 02342176 _____ (Panda Security, S.L.) C:\Documents and Settings\Valio\Desktop\PANDAFREEAV.exe 2016-09-01 18:12 - 2016-03-25 22:22 - 00088238 _____ C:\Documents and Settings\Valio\Desktop\lv6tboxhda2 notonly на vali преминават на стендбай - Страница 16 - Digital TV Forums - БЪЛГАРСКИЯТ ФОРУМ ЗА ЦИФРОВА ТЕЛЕВИЗИЯ.htm 2016-09-01 18:12 - 2016-03-25 21:35 - 02603732 _____ C:\Documents and Settings\Valio\Desktop\J1300660_MC6379_LV6TBOXHDA2_V1.0.9_20131120-.rar 2016-09-01 18:12 - 2016-03-07 18:49 - 09553766 _____ C:\Documents and Settings\Valio\Desktop\rsload.net.HL.P.4.1.203.zip 2016-09-01 18:12 - 2016-03-04 22:55 - 01094289 _____ C:\Documents and Settings\Valio\Desktop\Psiloc_ir_remote_update_database_1.04-worked.rar 2016-09-01 18:12 - 2016-02-26 22:22 - 00000062 _____ C:\Documents and Settings\Valio\Desktop\listen.pls 2016-09-01 18:12 - 2016-01-09 15:19 - 02500096 _____ (rejetto) C:\Documents and Settings\Valio\Desktop\hfs.exe 2016-09-01 18:12 - 2015-11-05 19:46 - 00101811 _____ C:\Documents and Settings\Valio\Desktop\results-2015-11-04.pdf 2016-09-01 18:12 - 2015-09-25 22:33 - 13935966 _____ (Favorite-Games 2001-2013 © ) C:\Documents and Settings\Valio\Desktop\favorite-games_bg.exe 2016-09-01 18:12 - 2015-09-21 15:58 - 06930432 _____ C:\Documents and Settings\Valio\Desktop\SkypeWebPlugin.msi 2016-09-01 18:12 - 2015-09-04 23:46 - 24178176 _____ (SAMSUNG Electronics Co., Ltd.) C:\Documents and Settings\Valio\Desktop\samsung_android_usb_driver.exe 2016-09-01 18:12 - 2015-06-26 21:25 - 07332272 _____ C:\Documents and Settings\Valio\Desktop\MyPhoneExplorer_Setup_v1.8.6.exe 2016-09-01 18:12 - 2014-08-20 22:07 - 19531504 _____ (SAMSUNG Electronics Co., Ltd.) C:\Documents and Settings\Valio\Desktop\SAMSUNG_USB_Driver_for_Mobile_Phones.exe 2016-09-01 18:12 - 2014-08-20 08:51 - 21633320 _____ (Skype Technologies S.A.) C:\Documents and Settings\Valio\Desktop\Sky38i.exe 2016-09-01 18:12 - 2014-04-30 09:31 - 01954304 _____ (Topala Software Solutions) C:\Documents and Settings\Valio\Desktop\siw.exe 2016-09-01 18:12 - 2012-03-19 15:46 - 67735119 ____H (PortableAppZ.blogspot.com) C:\Documents and Settings\Valio\Desktop\Photoshop_Portable_12.0_en-fr-de-es-it-ru-zh-tw.paf.exe 2016-09-01 18:12 - 2010-08-15 14:16 - 02769333 _____ C:\Documents and Settings\Valio\Desktop\thebible.pdf 2016-09-01 18:12 - 2010-06-06 18:03 - 00320849 _____ C:\Documents and Settings\Valio\Desktop\standart_psihiatriq.pdf 2016-09-01 18:12 - 2010-03-05 12:07 - 00904704 _____ (KaKasoft) C:\Documents and Settings\Valio\Desktop\lockdir.exe 2016-09-01 18:12 - 2007-07-22 16:39 - 00032768 _____ (KenamicK Entertainment) C:\Documents and Settings\Valio\Desktop\opencd.exe 2016-09-01 18:12 - 2005-09-11 22:57 - 00331776 _____ () C:\Documents and Settings\Valio\Desktop\ShutdownTimer.exe 2016-09-01 18:11 - 2016-09-04 19:10 - 00000936 _____ C:\Documents and Settings\Valio\Desktop\Пряк път до GIMPPortable.exe.lnk 2016-09-01 18:11 - 2016-09-04 18:28 - 00000914 _____ C:\Documents and Settings\Valio\Desktop\Пряк път до FSViewer.exe.lnk 2016-09-01 18:11 - 2016-09-04 18:28 - 00000675 _____ C:\Documents and Settings\Valio\Desktop\Пряк път до Diction.exe.lnk 2016-09-01 18:11 - 2016-09-04 18:27 - 00000664 _____ C:\Documents and Settings\Valio\Desktop\Пряк път до WNetWatcher.exe.lnk 2016-09-01 18:11 - 2016-03-04 12:03 - 32047935 _____ C:\Documents and Settings\Valio\Desktop\Мега окончание.mp4 2016-09-01 18:11 - 2015-11-29 15:18 - 00000036 _____ C:\Documents and Settings\Valio\Desktop\Нов Текстов документ (3).txt 2016-09-01 18:11 - 2011-03-27 13:27 - 00000146 _____ C:\Documents and Settings\Valio\Desktop\Нов Текстов документ (2).txt 2016-09-01 18:11 - 2010-01-31 18:30 - 00000019 _____ C:\Documents and Settings\Valio\Desktop\Нов Текстов документ (4).bat 2016-09-01 18:11 - 2008-12-21 18:09 - 00146378 _____ C:\Documents and Settings\Valio\Desktop\Нов Текстов документ.txt 2016-08-31 21:15 - 2016-09-06 18:35 - 00000706 _____ C:\Documents and Settings\Valio\Desktop\WhoCrashed.lnk 2016-08-10 20:14 - 2016-08-10 20:14 - 00000000 ____D C:\Program Files\Samsung 2016-08-10 20:14 - 2016-08-10 20:14 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Samsung 2016-08-10 20:12 - 2016-08-10 20:12 - 00000000 ____D C:\Documents and Settings\Valio\Desktop\TL-WN721N_V1_140915 2016-08-10 20:12 - 2013-06-29 06:49 - 01763584 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athuw.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-06 22:35 - 2010-11-07 20:23 - 00000000 ____D C:\Documents and Settings\Valio\Local Settings\Temp 2016-09-06 22:32 - 2010-11-07 22:01 - 00000000 ___HD C:\WINDOWS\inf 2016-09-06 22:32 - 2010-11-07 20:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-06 22:18 - 2010-11-07 21:02 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt 2016-09-06 22:18 - 2010-11-07 20:23 - 00000178 ___SH C:\Documents and Settings\Valio\ntuser.ini 2016-09-06 22:18 - 2010-11-07 20:22 - 00029312 _____ C:\WINDOWS\SchedLgU.Txt 2016-09-06 22:17 - 2015-12-02 20:37 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\svсhоst.exe 2016-09-06 20:58 - 2014-08-13 17:05 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-09-06 20:58 - 2010-11-07 22:08 - 00000000 ____D C:\Documents and Settings\All Users 2016-09-06 20:56 - 2010-11-07 22:09 - 00464096 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-06 20:36 - 2013-06-29 21:20 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-09-06 20:36 - 2013-06-29 21:20 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-09-06 20:30 - 2011-01-30 20:58 - 00000000 ____D C:\Documents and Settings\Valio\Application Data\Skype 2016-09-06 20:21 - 2013-07-14 13:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-09-06 20:15 - 2011-01-30 20:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype 2016-09-06 19:27 - 2010-11-07 20:23 - 00000000 ____D C:\Documents and Settings\Valio 2016-09-06 19:21 - 2011-01-30 21:00 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-09-06 18:54 - 2002-01-01 01:12 - 00000000 ____D C:\WINDOWS\Minidump 2016-09-06 18:31 - 2010-11-07 22:01 - 00000000 RSHDC C:\WINDOWS\system32\dllcache 2016-09-06 16:47 - 2010-11-07 20:23 - 00000803 _____ C:\Documents and Settings\Valio\Start Menu\Programs\Internet Explorer.lnk 2016-09-06 16:47 - 2010-11-07 20:23 - 00000000 ___RD C:\Documents and Settings\Valio\My Documents\My Pictures 2016-09-06 16:47 - 2010-11-07 20:23 - 00000000 ___RD C:\Documents and Settings\Valio\My Documents\My Music 2016-09-06 16:47 - 2010-11-07 20:23 - 00000000 ___RD C:\Documents and Settings\Valio\My Documents 2016-09-06 16:47 - 2010-11-07 20:22 - 00000000 __SHD C:\Documents and Settings\LocalService 2016-09-06 16:46 - 2010-11-07 22:08 - 00100640 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-09-06 16:46 - 2010-11-07 22:01 - 00000000 ____D C:\WINDOWS\Help 2016-09-06 16:22 - 2010-11-07 22:01 - 00000000 ____D C:\WINDOWS\Media 2016-09-06 14:47 - 2016-03-20 22:30 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-09-06 14:43 - 2010-11-07 22:08 - 00000000 ____D C:\Documents and Settings 2016-09-06 14:38 - 2016-03-20 22:29 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-09-06 14:38 - 2016-03-20 22:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2016-09-06 14:38 - 2016-03-20 22:24 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2016-09-06 13:15 - 2014-04-14 22:56 - 00000000 ____D C:\Documents and Settings\Valio\Application Data\Panda Security 2016-09-06 13:15 - 2014-04-14 22:54 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Panda Security 2016-09-06 13:15 - 2010-11-07 20:54 - 00012800 _____ C:\Documents and Settings\Valio\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2016-09-06 13:14 - 2016-03-08 20:49 - 00000000 ____D C:\Program Files\Panda Security 2016-09-06 10:47 - 2010-11-07 22:07 - 00000211 ___SH C:\boot.ini 2016-09-06 09:46 - 2008-04-14 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2016-08-28 18:36 - 2010-11-07 20:16 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-08-10 20:06 - 2010-11-07 20:21 - 00000000 __SHD C:\Documents and Settings\NetworkService 2016-08-10 20:06 - 2010-11-07 20:15 - 00000000 ____D C:\WINDOWS\Registration 2016-08-10 20:04 - 2014-04-14 23:06 - 00227960 _____ C:\WINDOWS\ntbtlog.txt ==================== Files in the root of some directories ======= 2016-03-06 19:04 - 2016-03-06 19:04 - 0000000 _____ () C:\Documents and Settings\All Users\Application Data\0x0304A000.sfl Some files in TEMP: ==================== C:\Documents and Settings\Valio\Local Settings\Temp\libeay32.dll C:\Documents and Settings\Valio\Local Settings\Temp\lsаss.exe C:\Documents and Settings\Valio\Local Settings\Temp\msvcr120.dll C:\Documents and Settings\Valio\Local Settings\Temp\SkypeSetup.exe C:\Documents and Settings\Valio\Local Settings\Temp\Skype_7.0.0.102.exe C:\Documents and Settings\Valio\Local Settings\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================
  23. Моля за помощ! Имам проблем с драйвер ucguard. С нищо не се изтрива, опитах всичко, което знам. Набутал се е в C:\Windows\System32\DRIVERS\ucguard.sys Имам и лог файлове. Предварително благодаря за помощта! FRST.txt Addition.txt
  24. След инсталиране на програма Gameroom във Фейсбук спря да работи антивирусната.Деинсталирах тази програма,също и Avira,след това нова инсталация,но ми дава съобщение за corupted files и не тръгва.Пуснах и възстановяване на системата от преди да инсталацията на това недоразумение Gameroom,но резултата е същия. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01 Ran by kostadin (administrator) on KOSTADIN-PC (04-05-2017 09:40:48) Running from C:\Users\kostadin\Downloads Loaded Profiles: kostadin (Available Profiles: kostadin & UpdatusUser & _ashbackup_) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Английски (Съединени щати) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TorrentsTime) C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.5.6\WsAppService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\kostadin\Downloads\FRST64 (2).exe Addition.txt
×
×
  • Добави ново...