Премини към съдържанието
 • Добре дошли!

  Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

  Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

   

cdna@

Загуба на файлове следствие вирус активиран от отваряне на файл получен от имейл

Препоръчан отговор


Здравейте!

Получихме файл по имейл изпратен все едно от нашата поща. За съжаление го отворихме и вследствие на това всички файлове от компютъра (word, pdf, gpeg) се изгубиха. Заглавията на отделните файлове се промениха с цифри.

Изпращам информацията от FRST и Addition файловете.

Моля за съвет!

Благодаря предварително!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by MitrevG (administrator) on MITREVG-PC (25-03-2016 14:39:10)
Running from C:\Users\MitrevG\Desktop\Файлове от пощата
Loaded Profiles: MitrevG (Available Profiles: MitrevG)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Английски (Съединени щати)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(charismathics GmbH) C:\Windows\System32\cmEvtSrv64.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABFSWK.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(IObit) C:\Program Files (x86)\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5361440 2016-02-26] (IObit)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-866752721-1448422713-3629417032-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50593408 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-866752721-1448422713-3629417032-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-866752721-1448422713-3629417032-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E21A947D-200B-4AAF-B490-3C5EB46F8B1C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-28] (Oracle Corporation)
DPF: HKLM-x32 {97EA2A5E-A821-48A1-B0F9-DEDB5E0E62A2} hxxps://inetdec.nra.bg/cabs/SignCOM.cab
DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://e-fibank.bg/EBank/CAPICOM/capicom.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\MitrevG\AppData\Roaming\Mozilla\Firefox\Profiles\d4w5d9oa.default
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\MitrevG\AppData\Roaming\Mozilla\Firefox\Profiles\d4w5d9oa.default\user.js [2016-03-25]

Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\MitrevG\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.108\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\MitrevG\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Документи) - C:\Users\MitrevG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Диск) - C:\Users\MitrevG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\MitrevG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Търсене) - C:\Users\MitrevG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Документи офлайн) - C:\Users\MitrevG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\MitrevG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\MitrevG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 cmevtsrv; C:\Windows\system32\cmEvtSrv64.exe [80416 2011-11-09] (charismathics GmbH)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [955168 2016-02-26] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 A38CCID; C:\Windows\System32\DRIVERS\a38ccid.sys [62592 2014-02-04] (Advanced Card Systems Ltd.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [22208 2015-12-22] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2012-07-27] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2012-07-27] (Microsoft Corporation) [File not signed]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-25 14:38 - 2016-03-25 14:39 - 00000000 ____D C:\FRST
2016-03-25 14:26 - 2016-03-25 14:28 - 00000000 ____D C:\AdwCleaner
2016-03-25 13:50 - 2016-03-25 14:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-25 13:50 - 2016-03-25 13:50 - 00000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
2016-03-25 13:49 - 2016-03-25 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-25 13:49 - 2016-03-25 13:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-25 13:49 - 2016-03-25 13:49 - 00001112 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-25 13:49 - 2016-03-25 13:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-25 13:49 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-25 13:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-25 13:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-24 16:17 - 2016-03-24 16:17 - 03400516 _____ C:\Users\MitrevG\537957F6B0F4BB23BACCE37B3B1B14DE.locky
2016-03-24 16:17 - 2016-03-24 16:17 - 00001154 _____ C:\Users\MitrevG\_HELP_instructions.txt
2016-03-24 16:14 - 2016-03-24 16:14 - 01608867 ____N C:\Users\MitrevG\Desktop\537957F6B0F4BB234ADA9E07CA162A66.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00772014 ____N C:\Users\MitrevG\Desktop\537957F6B0F4BB23C438080B36CE2E2A.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00415473 ____N C:\Users\MitrevG\Desktop\537957F6B0F4BB23C8E8B9EAD8A0B5C1.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00258263 ____N C:\Users\MitrevG\Desktop\537957F6B0F4BB23F33700F59C067FF0.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00212721 ____N C:\Users\MitrevG\Desktop\537957F6B0F4BB23A58D215DEA008CAF.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00210146 ____N C:\Users\MitrevG\Desktop\537957F6B0F4BB230D1A31F711B48EF6.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00146356 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB23C7B610B48BC57EDF.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00080254 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB2398E32101DE1F7F17.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00033546 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB235DF16D04C097F348.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00032278 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB23F48CF210B0ABFF34.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00030408 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB23F635A87F045EEE18.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00028777 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB238C47436AD4362393.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00027129 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB237AEDC7B609054AB9.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00026624 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB231B63E9BDBC14FA1E.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00019569 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB23F42CCB8620740B65.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00019235 _____ C:\Users\MitrevG\Documents\537957F6B0F4BB2365CE64CDB24BF592.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00016265 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB2325D91E79BB1ED80E.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00014996 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB23D788C76A5E24D07F.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00010820 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB23094B1B53DF2947B5.locky
2016-03-24 16:14 - 2016-03-24 16:14 - 00001154 _____ C:\Users\MitrevG\Documents\_HELP_instructions.txt
2016-03-24 16:14 - 2016-03-24 16:14 - 00000998 ____N C:\Users\MitrevG\Desktop\537957F6B0F4BB23918DE6D90E58A324.locky
2016-03-24 16:13 - 2016-03-24 16:13 - 00063812 ____N C:\Users\MitrevG\Desktop\537957F6B0F4BB2300BBCDABEB1D23FB.locky
2016-03-24 16:13 - 2016-03-24 16:13 - 00058692 ____N C:\Users\MitrevG\Desktop\537957F6B0F4BB23738318E5BD4D4782.locky
2016-03-24 16:13 - 2016-03-24 16:13 - 00041203 _____ C:\Users\MitrevG\Downloads\537957F6B0F4BB23CF2DB3E3010E883D.locky
2016-03-24 16:13 - 2016-03-24 16:13 - 00032562 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB237AAD6626EB720FD1.locky
2016-03-24 16:13 - 2016-03-24 16:13 - 00014545 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB238E6B7145540BCBFF.locky
2016-03-24 16:13 - 2016-03-24 16:13 - 00014304 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB231AB37968E52F7F2E.locky
2016-03-24 16:13 - 2016-03-24 16:13 - 00013802 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB23606C45430E0CBB64.locky
2016-03-24 16:13 - 2016-03-24 16:13 - 00011115 _____ C:\Users\MitrevG\Desktop\537957F6B0F4BB2337B07F00287E3E84.locky
2016-03-24 16:13 - 2016-03-24 16:13 - 00001154 _____ C:\Users\MitrevG\Downloads\_HELP_instructions.txt
2016-03-24 16:13 - 2016-03-24 16:13 - 00001154 _____ C:\Users\MitrevG\Desktop\_HELP_instructions.txt
2016-03-21 13:39 - 2016-03-21 13:39 - 00002829 _____ C:\Windows\diagerr.xml
2016-03-21 13:39 - 2016-03-21 13:39 - 00001908 _____ C:\Windows\diagwrn.xml
2016-03-16 08:34 - 2016-03-16 08:34 - 00000000 ____H C:\asc_rdflag
2016-03-11 08:21 - 2016-03-11 08:21 - 00001183 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-03-11 08:21 - 2016-03-11 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-03-09 08:40 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 08:40 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 08:40 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 08:40 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 08:40 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 08:40 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 08:40 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 08:40 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 08:40 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 08:40 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 08:40 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 08:40 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 08:40 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 08:40 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 08:40 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 08:40 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 08:40 - 2016-02-09 08:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 08:40 - 2016-02-09 08:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 08:40 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 08:40 - 2016-02-08 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 08:40 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 08:40 - 2016-02-08 22:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 08:40 - 2016-02-08 22:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 08:40 - 2016-02-08 22:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 08:40 - 2016-02-08 22:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 08:40 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 08:40 - 2016-02-08 22:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 08:40 - 2016-02-08 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 08:40 - 2016-02-08 22:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 08:40 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 08:40 - 2016-02-08 22:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 08:40 - 2016-02-08 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 08:40 - 2016-02-08 22:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 08:40 - 2016-02-08 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 08:40 - 2016-02-08 22:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 08:40 - 2016-02-08 22:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 08:40 - 2016-02-08 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 08:40 - 2016-02-08 22:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 08:40 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 08:40 - 2016-02-08 22:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 08:40 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 08:40 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 08:40 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 08:40 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 08:40 - 2016-02-08 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 08:40 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 08:40 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 08:40 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 08:40 - 2016-02-08 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 08:40 - 2016-02-08 20:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 08:40 - 2016-02-08 20:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 08:40 - 2016-02-08 20:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 08:40 - 2016-02-08 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 08:40 - 2016-02-08 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 08:40 - 2016-02-08 20:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 08:40 - 2016-02-08 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 08:40 - 2016-02-08 20:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 08:40 - 2016-02-08 20:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 08:40 - 2016-02-08 20:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 08:40 - 2016-02-08 20:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 08:40 - 2016-02-08 20:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 08:40 - 2016-02-08 20:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 08:40 - 2016-02-08 20:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 08:40 - 2016-02-08 20:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 08:40 - 2016-02-08 20:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 08:40 - 2016-02-08 20:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 08:40 - 2016-02-08 19:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 08:40 - 2016-02-08 19:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 08:40 - 2016-02-08 19:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 08:40 - 2016-02-08 19:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 08:40 - 2016-02-08 19:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 08:40 - 2016-02-08 19:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 08:40 - 2016-02-08 19:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 08:40 - 2016-02-08 19:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 08:40 - 2016-02-08 19:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 08:40 - 2016-02-08 19:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 08:40 - 2016-02-08 19:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 08:40 - 2016-02-08 19:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 08:40 - 2016-02-08 19:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 08:40 - 2016-02-08 19:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 08:40 - 2016-02-08 18:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 08:40 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 08:40 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 08:40 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 08:40 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 08:40 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 08:40 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 08:40 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 08:40 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 08:40 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 08:39 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 08:39 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 08:39 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 08:39 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 08:39 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 08:39 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 08:39 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 08:39 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 08:39 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 08:39 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 08:39 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 08:39 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 08:39 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 08:39 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 08:39 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 08:39 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 08:39 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 08:39 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 08:39 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 08:39 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 08:39 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 08:39 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 08:39 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 08:39 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 08:39 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 08:39 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 08:39 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 08:39 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 08:39 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 08:39 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 08:39 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 08:39 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 08:39 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 08:39 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 08:39 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 08:39 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 08:39 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 08:39 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 08:39 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 08:39 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 08:39 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 08:39 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 08:39 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 08:39 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 08:39 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 08:39 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 08:39 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 08:39 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 08:39 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 08:39 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 08:39 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 08:39 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 08:39 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 08:39 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 08:39 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 08:39 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 08:39 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 08:39 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 08:39 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 08:39 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 08:39 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 08:39 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 08:39 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 08:39 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 08:39 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 08:39 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 08:39 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 08:39 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 08:39 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 08:39 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 08:39 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 08:39 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 08:39 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 08:39 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 08:39 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 08:39 - 2016-02-08 22:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 08:39 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 08:39 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 08:39 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 08:39 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 08:39 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 08:39 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 08:39 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 08:39 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 08:39 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 08:39 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 08:39 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 08:39 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 08:39 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 08:39 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 08:39 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-25 14:39 - 2014-04-25 12:55 - 00000000 ____D C:\Users\MitrevG\Desktop\Файлове от пощата
2016-03-25 14:37 - 2009-07-14 06:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-25 14:37 - 2009-07-14 06:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-25 14:33 - 2009-07-14 07:13 - 00786622 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-25 14:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-03-25 14:30 - 2015-02-26 08:50 - 00002860 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2016-03-25 14:29 - 2014-07-01 16:12 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-25 14:29 - 2014-05-12 13:11 - 00000000 ____D C:\Users\MitrevG\AppData\Roaming\Skype
2016-03-25 14:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-25 14:11 - 2014-07-01 16:12 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-25 14:00 - 2014-03-28 15:57 - 00000000 ____D C:\Users\MitrevG\AppData\Roaming\uTorrent
2016-03-25 09:13 - 2014-07-01 16:13 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-25 09:13 - 2014-07-01 16:13 - 00002191 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-24 16:50 - 2014-03-28 16:10 - 00000000 ____D C:\ProgramData\ProductData
2016-03-24 16:48 - 2015-03-31 10:36 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 16:48 - 2015-03-31 10:36 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-24 16:17 - 2016-02-09 12:10 - 00000000 ____D C:\Users\MitrevG\Desktop\Нова папка
2016-03-24 16:17 - 2015-11-11 14:44 - 00000000 ____D C:\Users\MitrevG\Desktop\Папка Данко
2016-03-24 16:17 - 2015-06-08 09:58 - 00000000 ____D C:\Users\MitrevG\Desktop\Снимки Тони
2016-03-24 16:17 - 2014-03-20 14:35 - 00000000 ____D C:\Users\MitrevG
2016-03-24 16:14 - 2016-02-16 16:39 - 00000000 ____D C:\Users\MitrevG\Desktop\НТН 2011 заличаване
2016-03-24 16:14 - 2016-02-13 16:21 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-24 16:14 - 2016-01-14 13:29 - 00000000 ____D C:\Users\MitrevG\Desktop\Сашо-търг.обект
2016-03-24 16:14 - 2016-01-08 13:20 - 00000000 ____D C:\Users\MitrevG\Desktop\ДОК. СУХА РЕКА
2016-03-24 16:14 - 2015-11-24 13:12 - 00000000 ____D C:\Users\MitrevG\Desktop\оферти
2016-03-24 16:14 - 2015-11-24 13:07 - 00000000 ____D C:\Users\MitrevG\Desktop\Документи на имоти
2016-03-24 16:14 - 2015-11-17 10:27 - 00000000 ____D C:\Users\MitrevG\Desktop\Документи Суха река за сделка -  сградата
2016-03-24 16:14 - 2015-11-12 12:07 - 00000000 ____D C:\Users\MitrevG\Desktop\А 34 - фонтаните
2016-03-24 16:14 - 2014-04-17 10:24 - 00000000 ____D C:\Users\MitrevG\Desktop\Almani
2016-03-21 14:41 - 2011-04-12 10:28 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-03-21 13:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-03-21 13:38 - 2014-03-21 00:20 - 00000000 ____D C:\Windows\Panther
2016-03-21 09:25 - 2014-03-20 15:14 - 00000000 ____D C:\Users\MitrevG\AppData\Local\ElevatedDiagnostics
2016-03-16 08:34 - 2014-03-31 07:45 - 91451392 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2016-03-16 08:34 - 2014-03-31 07:45 - 44679168 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2016-03-16 08:34 - 2014-03-31 07:45 - 00282624 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2016-03-16 08:34 - 2014-03-31 07:45 - 00061440 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2016-03-16 08:34 - 2014-03-31 07:45 - 00028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2016-03-11 08:22 - 2014-03-28 16:09 - 00000000 ____D C:\Users\MitrevG\AppData\Roaming\IObit
2016-03-11 08:21 - 2014-03-28 16:10 - 00000000 ____D C:\Users\MitrevG\AppData\LocalLow\IObit
2016-03-11 08:21 - 2014-03-28 16:10 - 00000000 ____D C:\ProgramData\IObit
2016-03-11 08:21 - 2014-03-28 16:10 - 00000000 ____D C:\Program Files (x86)\IObit
2016-03-10 10:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-10 08:40 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-10 08:39 - 2009-07-14 06:45 - 00409520 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-09 16:49 - 2014-03-20 18:07 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 16:46 - 2014-12-11 07:57 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-09 16:46 - 2014-03-20 18:07 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-09 08:12 - 2014-05-12 13:11 - 00000000 ____D C:\ProgramData\Skype
2016-02-24 17:38 - 2014-03-20 15:26 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-24 17:38 - 2014-03-20 15:26 - 00001945 _____ C:\Windows\epplauncher.mif
2016-02-24 17:37 - 2014-03-20 15:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-24 17:37 - 2014-03-20 15:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

==================== Files in the root of some directories =======

2014-03-28 16:00 - 2011-08-18 23:07 - 0283136 _____ () C:\Program Files (x86)\1026.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0351232 _____ () C:\Program Files (x86)\1028.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0172032 _____ () C:\Program Files (x86)\1029.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0148992 _____ () C:\Program Files (x86)\1030.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0165376 _____ () C:\Program Files (x86)\1031.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0320512 _____ () C:\Program Files (x86)\1032.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0003584 _____ () C:\Program Files (x86)\1033.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0161280 _____ () C:\Program Files (x86)\1034.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0165376 _____ () C:\Program Files (x86)\1036.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0177664 _____ () C:\Program Files (x86)\1038.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0159232 _____ () C:\Program Files (x86)\1040.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0082944 _____ () C:\Program Files (x86)\1041.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 1124352 _____ () C:\Program Files (x86)\1042.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0154112 _____ () C:\Program Files (x86)\1043.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0173056 _____ () C:\Program Files (x86)\1045.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0155136 _____ () C:\Program Files (x86)\1046.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0289280 _____ () C:\Program Files (x86)\1049.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0175104 _____ () C:\Program Files (x86)\1051.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0146432 _____ () C:\Program Files (x86)\1053.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0171520 _____ () C:\Program Files (x86)\1055.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0239616 _____ () C:\Program Files (x86)\1058.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0103936 _____ () C:\Program Files (x86)\1061.mst
2014-03-28 16:00 - 2011-08-18 23:07 - 0351232 _____ () C:\Program Files (x86)\2052.mst
2014-03-28 16:00 - 2011-08-18 23:20 - 8025600 _____ () C:\Program Files (x86)\ABBYY FineReader 11.msi
2014-03-28 16:00 - 2011-08-18 22:57 - 1136904 _____ (ABBYY) C:\Program Files (x86)\AutoRun.exe
2014-03-28 16:00 - 2011-05-17 20:16 - 0000093 _____ () C:\Program Files (x86)\AutoRun.inf
2014-03-28 16:00 - 2011-08-18 23:07 - 84303222 _____ () C:\Program Files (x86)\Bin.cab
2014-03-28 16:00 - 2011-08-18 23:06 - 32332722 _____ () C:\Program Files (x86)\DictLang.cab
2014-03-28 16:00 - 2009-07-07 18:12 - 1822520 _____ (Microsoft Corporation) C:\Program Files (x86)\instmsiw.exe
2014-03-28 16:00 - 2011-07-21 14:55 - 0000563 _____ () C:\Program Files (x86)\setup.ini
2014-03-28 16:00 - 2009-07-07 18:12 - 0245408 _____ (Microsoft Corporation) C:\Program Files (x86)\unicows.dll
2014-03-28 15:58 - 2014-03-28 15:58 - 1043536 _____ (BitTorrent Inc.) C:\Program Files (x86)\uTorrent.exe
2014-06-19 07:16 - 2014-06-19 07:16 - 0000024 _____ () C:\Users\MitrevG\AppData\Roaming\temp.ini

Some files in TEMP:
====================
C:\Users\MitrevG\AppData\Local\Temp\pkcs11wrapper5669190542113875118.dll
C:\Users\MitrevG\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-21 12:19

==================== End of FRST.txt ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Голяма грешка сте направили...да отваряте прикачен файл в писмо предполагам дори от непознат подател...файловете са криптирани от Ransomware Locky и спасение за тях няма. Вируса може да се изчисти, но предполагам на вас файловете ви трябват, а те не могат да се възстановят без заплащане на злосторниците (нещо, което не е препоръчително, защото само ги мотивира още повече, но ако са действително толкова важни само това е решението). Другия път просто внимавайте повече!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

На пръв поглед не се виждат активни зарази освен криптираните файлове и остатъците от инструкциите как да платите на злосторниците. Ако не ви трябват можем да ги махнем със скрипт. Иначе видях, че ползвате системата за онлайн банкиране...добре е да проверите системата си с Kaspersky Virus Removal Tool и да смените всичките си пароли за достъп до сайтове съдържащи чувствителна информация. Въздържайте се и от използването на нелегален софтуер...казвам го, защото видях наличието на пиратска версия на Malwarebytes Anti-Malware и други програми...само главоболие ще си докарате от използването на пиратски програми за защита.

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ще приложим съветите ви! По-голямата част от информацията я имаме. Затова нека премахнем всички заразени файлове, с цел изчистване на харда. Ще сме благодарни ако ни предоставите скрипта за изчистване!


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ами ето го и него...той ще премахне остатъците от гадината и всички криптирани копия (ако ви трябват не го изпълнявайте, ако не го изпълнете).

Изтеглете edit-text.giffixlist.txt и го запазете на десктопа.
Стартирайте FRST.exe и натиснете бутона Fix веднъж!
След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.
 
Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

Поздрави!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Би трябвало да сме ги почистили според лог файла.

Имате ли други въпроси и проблеми преди да маркирам темата като приключена?

Поздрави!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

И за следващия път да си знаете какви са последствията , че онзи ден четох по кораварен крипто вирус идва дето криптирва целия твърд диск . Непознати emaili направо в коша .

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.


 • Разглеждащи това в момента   0 потребители

  Няма регистрирани потребители разглеждащи тази страница.

 • Горещи теми в момента

 • Подобни теми

  • от Brightdaylight
   Здравейте, 
   Получих спам имейл в АБВ пощата ми, който ме изнудваше за 1100 лв в биткойн валута срещу изтриване на потенциален мой клип с нецензурно съдържание. Порчетох, че е измама, но все пак има риск за троянки кон в системата. Изпълних инструкциите от темата, но не мога да ги разчета, затова ги прикачвам тук
   Благодаря предварително!
    
   FRST.txt Addition.txt
  • от plamen10
   здравейте моля и в тази тема специалистите за помощ,проблемът е следният последно си спомням че имах няколко имейла от които единият отворих и на следващият ден при включване на компютъра таск менаджера показва 100% и непрекъснат сигнал след което се изключва сам, с много мъки успях да инсталирам Kaspersky и в момента е по добре,но все още ми товари много без да има основание предимно при гледане на клип в ютуб,качвам ви резултата от сканирането

  • от мирослав24
   Здравейте,открих наличието на софтуер за дистанционен достъп до компютъра си ,след като видях курсора на мишката да се движи по екрана.Не знам дали има промяна в работата на компютъра,поне не съм забелязал.Прилагам файловете при сканиране с FRST 
   FRST.txt Addition.txt
  • от Rumen Velev
   Това е темата която ме насочи тук, с подробна информация, какво да правя сега?
  • от #Darth Vader
   Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
   Ran by NightRider (administrator) on OUTPOST (01-04-2020 15:19:27)
   Running from C:\Users\NightRider\Desktop
   Loaded Profiles: NightRider (Available Profiles: NightRider)
   Platform: Windows 10 Pro Version 1909 18363.753 (X64) Language: Български (България)
   Default browser: FF
   Boot Mode: Normal
   Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
   ==================== Processes (Whitelisted) =================
   (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
   (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe
   (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avpui.exe
   (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe
   (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe
   (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
   (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
   (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
   (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
   (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
   (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
   (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
   (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
   (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
   (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
   (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
   (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
   (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
   (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
   (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
   (Valve -> Valve Corporation) E:\Games\Steam\steam.exe
   (VoodooSoft, LLC -> VoodooSoft, LLC ) C:\Program Files\VoodooShield\VoodooShield.exe
   (VoodooSoft, LLC -> VoodooSoft, LLC ) C:\Program Files\VoodooShield\VoodooShieldService.exe
   ==================== Registry (Whitelisted) ===================
   (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
   HKLM\...\Run: [Malwarebytes Windows Firewall Control] => C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe [647856 2020-01-05] (Malwarebytes Inc -> Malwarebytes)
   HKU\S-1-5-21-1903147458-2263829336-249963103-1001\...\Run: [Steam] => E:\Games\Steam\steam.exe [3370272 2020-03-27] (Valve -> Valve Corporation)
   ==================== Scheduled Tasks (Whitelisted) ============
   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
   Task: {221E7CE6-5148-42C5-A220-9EF6F74E9A63} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [739624 2018-04-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
   Task: {B4A41E61-B4EE-4894-B34F-69ED2CD1A78C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
   Task: {B9473F12-BF68-46A8-ABB2-FCE28B5FCEC6} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
   Task: {DAE116B0-629E-4A4B-B509-24E39DF374CC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
   Task: {E2964865-E1B7-4E2C-B492-BC9EB0C98BEE} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-01-21] () [File not signed]
   (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
   Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
   ==================== Internet (Whitelisted) ====================
   (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
   Tcpip\Parameters: [DhcpNameServer] 217.10.251.114
   Tcpip\..\Interfaces\{9706d7e1-ab22-4a95-8faa-594f0f5e1d81}: [NameServer] 1.1.1.1,1.0.0.1
   Tcpip\..\Interfaces\{9706d7e1-ab22-4a95-8faa-594f0f5e1d81}: [DhcpNameServer] 217.10.251.114
   Internet Explorer:
   ==================
   HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
   HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
   HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
   HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
   HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
   HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
   HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
   HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
   Edge:
   ======
   DownloadDir: C:\Users\NightRider\Downloads
   FireFox:
   ========
   FF DefaultProfile: 84toqkl3.default
   FF ProfilePath: C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\84toqkl3.default [2020-01-17]
   FF ProfilePath: C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release [2020-04-01]
   FF Homepage: Mozilla\Firefox\Profiles\ujtk5yth.default-release -> about:blank
   FF Extension: (HTTPS Навсякъде) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\[email protected] [2020-03-28]
   FF Extension: (Privacy Badger) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\[email protected] [2020-02-20]
   FF Extension: (Kaspersky Protection) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\[email protected] [2020-02-15]
   FF Extension: (uBlock Origin) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\[email protected] [2020-03-10]
   FF Extension: (Black Pixel Firefox) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\{46f60d87-d458-4083-b2a6-d8165d1c296c}.xpi [2020-01-03]
   FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-01-03] <==== ATTENTION (Points to *.cfg file)
   FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-01-03] <==== ATTENTION
   Chrome:
   =======
   CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
   CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
   ==================== Services (Whitelisted) ===================
   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
   R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
   S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2020-01-04] (BattlEye Innovations e.K. -> )
   S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2020-01-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
   S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
   S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-02-28] (Malwarebytes Inc -> Malwarebytes)
   S3 mracsvc; C:\Windows\System32\mracsvc.exe [18997912 2020-01-05] (Mail.Ru LLC -> LLC Mail.Ru)
   S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
   R2 VoodooShieldService; C:\Program Files\VoodooShield\VoodooShieldService.exe [147968 2020-01-10] (VoodooSoft, LLC -> VoodooSoft, LLC )
   S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
   R2 wfcs; C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe [124592 2020-01-05] (Malwarebytes Inc -> Malwarebytes)
   S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
   R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
   ===================== Drivers (Whitelisted) ===================
   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
   S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2836840 2020-01-05] (BattlEye Innovations e.K. -> )
   R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
   R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
   R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
   R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [93312 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
   S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
   R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [251512 2019-11-01] (Kaspersky Lab -> AO Kaspersky Lab)
   R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [586496 2020-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
   R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1163216 2020-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
   R3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [203328 2020-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
   R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998296 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
   R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
   R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
   R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
   R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
   S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
   R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [251256 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
   R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [99152 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
   R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [306248 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
   R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [119744 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
   R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [204520 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
   S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
   R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [211048 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
   R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
   S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
   S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-31] (Malwarebytes Inc -> Malwarebytes)
   S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [18234792 2020-01-05] (Mail.Ru LLC -> LLC Mail.Ru)
   R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
   R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
   R3 RTL8023x64; C:\Windows\System32\drivers\Rtnic64.sys [51712 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
   R3 VSScanner; C:\Windows\System32\DRIVERS\vsscanner.sys [29752 2018-06-25] (Microsoft Windows Hardware Compatibility Publisher -> VoodooSoft, LLC)
   S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45960 2020-03-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
   S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [391392 2020-03-27] (Microsoft Windows -> Microsoft Corporation)
   S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-27] (Microsoft Windows -> Microsoft Corporation)
   ==================== NetSvcs (Whitelisted) ===================
   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

   ==================== One month (created) ===================
   (If an entry is included in the fixlist, the file/folder will be moved.)
   2020-04-01 15:19 - 2020-04-01 15:20 - 000015114 _____ C:\Users\NightRider\Desktop\FRST.txt
   2020-04-01 15:18 - 2020-04-01 15:19 - 000000000 ____D C:\FRST
   2020-04-01 15:18 - 2020-04-01 15:18 - 002280448 _____ (Farbar) C:\Users\NightRider\Desktop\FRST64.exe
   2020-04-01 02:55 - 2020-04-01 02:55 - 000000641 _____ C:\Users\NightRider\Desktop\JRT.txt
   2020-04-01 02:50 - 2020-04-01 02:50 - 000000000 ____D C:\AdwCleaner
   2020-04-01 02:49 - 2020-04-01 02:49 - 008199856 _____ (Malwarebytes) C:\Users\NightRider\Desktop\AdwCleaner.exe
   2020-04-01 02:48 - 2020-04-01 02:48 - 001790024 _____ (Malwarebytes) C:\Users\NightRider\Desktop\JRT.exe
   2020-03-31 04:09 - 2020-03-31 04:09 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
   2020-03-31 04:09 - 2020-03-31 04:09 - 000214496 ____N (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
   2020-03-31 04:04 - 2020-03-31 04:04 - 000000000 ___HD C:\Windows\system32\GroupPolicy
   2020-03-31 02:42 - 2020-03-31 02:42 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 009930760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
   2020-03-31 02:42 - 2020-03-31 02:42 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 006522320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 004563416 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
   2020-03-31 02:42 - 2020-03-31 02:42 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
   2020-03-31 02:42 - 2020-03-31 02:42 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
   2020-03-31 02:42 - 2020-03-31 02:42 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
   2020-03-31 02:42 - 2020-03-31 02:42 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
   2020-03-31 02:42 - 2020-03-31 02:42 - 000768736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
   2020-03-31 02:42 - 2020-03-31 02:42 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 000420360 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
   2020-03-31 02:42 - 2020-03-31 02:42 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
   2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
   2020-03-27 02:57 - 2020-03-27 02:57 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 019813376 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 018027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 003799552 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
   2020-03-27 02:57 - 2020-03-27 02:57 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
   2020-03-27 02:57 - 2020-03-27 02:57 - 002768440 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 002369576 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 002188600 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 002087168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001659408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 001495864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001386296 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000628408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
   2020-03-27 02:57 - 2020-03-27 02:57 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
   2020-03-27 02:57 - 2020-03-27 02:57 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
   2020-03-27 02:57 - 2020-03-27 02:57 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
   2020-03-27 02:57 - 2020-03-27 02:57 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
   2020-03-27 02:57 - 2020-03-27 02:57 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
   2020-03-27 02:57 - 2020-03-27 02:57 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
   2020-03-27 02:57 - 2020-03-27 02:57 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
   2020-03-27 02:57 - 2020-03-27 02:57 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
   2020-03-27 02:57 - 2020-03-27 02:57 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
   2020-03-27 02:57 - 2020-03-27 02:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 003977216 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 003728384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 003586872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 002143232 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
   2020-03-27 02:56 - 2020-03-27 02:56 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000874512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000047208 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
   2020-03-27 02:56 - 2020-03-27 02:56 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
   2020-03-27 02:56 - 2020-03-27 02:56 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
   2020-03-27 02:56 - 2020-03-27 02:56 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
   2020-03-27 02:07 - 2020-04-01 15:06 - 000000384 _____ C:\Users\NightRider\Desktop\А1 - Пряк път.lnk
   2020-03-26 19:57 - 2020-03-26 19:57 - 000000000 ____D C:\Users\NightRider\AppData\Local\OneDrive
   2020-03-13 02:24 - 2020-03-13 02:24 - 000021718 _____ C:\Users\NightRider\Desktop\stp_01x07_2020_e-tle(subsunacs.net).rar
   2020-03-13 01:26 - 2020-02-28 03:44 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2dp.sys
   2020-03-10 22:06 - 2020-03-10 22:06 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 011607552 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 007755776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 005911040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 004855808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 004580352 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 003819520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 003488768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 002956688 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 002224952 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 002072664 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 002031104 _____ C:\Windows\system32\rdpnano.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001867816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001770552 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001490640 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001282944 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001108040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000757632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000510768 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
   2020-03-10 22:06 - 2020-03-10 22:06 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
   2020-03-10 22:06 - 2020-03-10 22:06 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000042296 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
   2020-03-10 22:06 - 2020-03-10 22:06 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
   2020-03-10 22:06 - 2020-03-10 22:06 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
   2020-03-10 22:06 - 2020-03-10 22:06 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
   2020-03-10 22:06 - 2020-03-10 22:06 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 007905784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 006084344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 002870272 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 002715648 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
   2020-03-10 22:05 - 2020-03-10 22:05 - 002698040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
   2020-03-10 22:05 - 2020-03-10 22:05 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001999952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001665416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001657120 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001581056 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001484600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000877232 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000734720 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000551824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000248064 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000221200 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
   2020-03-10 22:05 - 2020-03-10 22:05 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000165504 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000146712 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000120560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
   2020-03-10 22:05 - 2020-03-10 22:05 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
   2020-03-10 22:05 - 2020-03-10 22:05 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
   2020-03-10 22:05 - 2020-03-10 22:05 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
   2020-03-10 21:56 - 2020-02-11 07:48 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
   2020-03-10 21:56 - 2020-02-11 07:37 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
   ==================== One month (modified) ==================
   (If an entry is included in the fixlist, the file/folder will be moved.)
   2020-04-01 15:19 - 2020-01-04 22:52 - 000000000 ____D C:\ProgramData\VoodooShield
   2020-04-01 15:19 - 2020-01-03 23:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab
   2020-04-01 15:18 - 2019-03-19 07:50 - 000000000 ____D C:\Windows\INF
   2020-04-01 15:11 - 2020-01-03 23:07 - 000000000 ____D C:\Users\NightRider\AppData\LocalLow\Mozilla
   2020-04-01 15:02 - 2019-03-19 07:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
   2020-04-01 14:58 - 2020-01-03 22:32 - 000049064 _____ C:\Windows\system32\perfh002.dat
   2020-04-01 14:58 - 2020-01-03 22:32 - 000012206 _____ C:\Windows\system32\perfc002.dat
   2020-04-01 14:58 - 2020-01-03 20:16 - 000885446 _____ C:\Windows\system32\PerfStringBackup.INI
   2020-04-01 14:52 - 2020-01-03 20:04 - 000000006 ____H C:\Windows\Tasks\SA.DAT
   2020-04-01 14:51 - 2020-01-03 23:07 - 000003136 _____ C:\Windows\system32\Tasks\MSIAfterburner
   2020-04-01 14:51 - 2020-01-03 21:37 - 000017322 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
   2020-04-01 14:51 - 2020-01-03 21:37 - 000017260 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
   2020-04-01 14:51 - 2020-01-03 21:37 - 000012206 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
   2020-04-01 14:51 - 2019-03-19 07:37 - 000524288 _____ C:\Windows\system32\config\BBI
   2020-04-01 14:50 - 2020-01-03 20:03 - 000000000 ____D C:\Windows\system32\SleepStudy
   2020-04-01 11:34 - 2020-01-03 21:37 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
   2020-04-01 08:18 - 2020-01-03 23:23 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
   2020-04-01 03:44 - 2019-03-19 07:52 - 000000000 ___HD C:\Program Files\WindowsApps
   2020-04-01 03:44 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\AppReadiness
   2020-04-01 03:26 - 2020-01-03 21:21 - 000000000 ____D C:\Users\NightRider\AppData\Local\D3DSCache
   2020-03-31 03:18 - 2020-01-03 21:17 - 000000000 ____D C:\Users\NightRider\AppData\Local\Packages
   2020-03-31 03:12 - 2020-01-03 23:05 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
   2020-03-31 03:09 - 2019-03-19 07:37 - 000000000 ____D C:\Windows\CbsTemp
   2020-03-31 02:45 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\ShellExperiences
   2020-03-31 02:45 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\bcastdvr
   2020-03-31 02:44 - 2020-01-03 21:15 - 000000000 ____D C:\Users\NightRider
   2020-03-31 02:20 - 2020-01-04 03:56 - 000011069 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
   2020-03-27 03:10 - 2020-01-03 20:03 - 000257824 _____ C:\Windows\system32\FNTCACHE.DAT
   2020-03-27 03:08 - 2019-03-19 14:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
   2020-03-27 03:08 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SystemResources
   2020-03-27 03:08 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
   2020-03-27 03:08 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\Provisioning
   2020-03-27 03:08 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\PolicyDefinitions
   2020-03-27 02:42 - 2020-01-03 20:04 - 000000000 ____D C:\Windows\system32\Drivers\wd
   2020-03-27 01:57 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\NDF
   2020-03-27 01:41 - 2019-03-19 07:37 - 000032768 _____ C:\Windows\system32\config\ELAM
   2020-03-27 01:12 - 2020-01-04 00:34 - 000000000 ____D C:\Users\NightRider\AppData\Roaming\uTorrent
   2020-03-22 04:51 - 2020-01-03 21:20 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1903147458-2263829336-249963103-1001
   2020-03-22 04:51 - 2020-01-03 21:20 - 000000000 ___RD C:\Users\NightRider\OneDrive
   2020-03-22 04:51 - 2020-01-03 21:15 - 000002406 _____ C:\Users\NightRider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
   2020-03-15 00:17 - 2020-02-12 00:56 - 000000000 ____D C:\Users\NightRider\AppData\Local\ElevatedDiagnostics
   2020-03-13 02:38 - 2020-01-04 00:38 - 000000000 ____D C:\Users\NightRider\AppData\LocalLow\uTorrent
   2020-03-13 02:24 - 2020-01-04 00:38 - 000000000 ____D C:\Users\NightRider\AppData\Local\BitTorrentHelper
   2020-03-12 02:54 - 2020-01-05 23:15 - 000012201 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
   2020-03-10 22:15 - 2020-01-03 21:17 - 000000000 __RHD C:\Users\Public\AccountPictures
   2020-03-10 22:15 - 2020-01-03 21:17 - 000000000 ___RD C:\Users\NightRider\AppData\3D Objects
   2020-03-10 22:14 - 2020-02-19 23:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
   2020-03-10 22:14 - 2020-01-03 23:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
   2020-03-10 22:13 - 2019-03-19 07:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
   2020-03-10 22:13 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
   2020-03-10 22:13 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
   2020-03-10 22:13 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\Dism
   2020-03-10 22:13 - 2019-03-19 07:37 - 000000000 ____D C:\Windows\servicing
   2020-03-10 22:12 - 2020-01-03 22:19 - 000000000 ____D C:\Windows\system32\MRT
   2020-03-10 22:09 - 2020-01-03 22:19 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
   2020-03-09 17:47 - 2020-01-03 23:23 - 000000000 ____D C:\Program Files\CCleaner
   2020-03-09 16:32 - 2020-02-23 19:48 - 000000000 ____D C:\ProgramData\boost_interprocess
   ==================== SigCheck ============================
   (There is no automatic fix for files that do not pass verification.)
   ==================== End of FRST.txt ========================
   Addition.txt
 • Дарение

×
×
 • Добави ново...