Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Препоръчан отговор


 

Компютърът ми стана обект на хакерско нападение. Имах няколко заредени раздела в Хром и внезапно само за единия от тях (отворен по-рано) връзката падна. Не успях да изчета какво точно съобщение ми изписа тъй като по инерция дадох презареждане но помня че извършителят се беше подписал с подигравателен ник (от който ми стана ясно че следи последната ми активност в нета). Отделно вчера още отваряхме моя флашка на чужд компютър и ми казаха, че имала вируси – нямаше възможност да попитам какви точно. Миналата седмица същата флашка същият компютър я прие без проблем, така че вероятно става дума за нещо ново. Касперският ми не е успял да го спре, нито поне да засече нещо, за флашката при сканиране също не откриваше нищо.

Има ли начин да науча за какъв вид атака става въпрос и как лицето е успяло да проникне? Как да сканирам и изчистя системата и как да я опазя за в бъдеще от подобни поразии?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 2 минути, Шри Компютърджи написа:

 

Компютърът ми стана обект на хакерско нападение. Имах няколко заредени раздела в Хром и внезапно само за единия от тях (отворен по-рано) връзката падна. Не успях да изчета какво точно съобщение ми изписа тъй като по инерция дадох презареждане но помня че извършителят се беше подписал с подигравателен ник (от който ми стана ясно че следи последната ми активност в нета). Отделно вчера още отваряхме моя флашка на чужд компютър и ми казаха, че имала вируси – нямаше възможност да попитам какви точно. Миналата седмица същата флашка същият компютър я прие без проблем, така че вероятно става дума за нещо ново. Касперският ми не е успял да го спре, нито поне да засече нещо, за флашката при сканиране също не откриваше нищо.

Има ли начин да науча за какъв вид атака става въпрос и как лицето е успяло да проникне? Как да сканирам и изчистя системата и как да я опазя за в бъдеще от подобни поразии?

Помислете дали да не пуснете тема в този раздел: https://www.kaldata.com/forums/forum/137-%D0%BF%D1%80%D0%B5%D0%BC%D0%B0%D1%85%D0%B2%D0%B0%D0%BD%D0%B5-%D0%BD%D0%B0-%D0%B7%D0%BB%D0%BE%D0%B2%D1%80%D0%B5%D0%B4%D0%B5%D0%BD-%D1%81%D0%BE%D1%84%D1%82%D1%83%D0%B5%D1%80-hijackthis-%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B5/

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Току що, Шри Компютърджи написа:

Благодаря, сега ще я пусна и там.

Аз ще преместя тази. Вие прочетете тази тема и изпълнете инструкциите:

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Тъкмо поствах линка към инструкциите при зараза и системата ми връща - Няма такава тема... :)


Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)
преди 37 минути, ExaFlop написа:

Тъкмо поствах линка към инструкциите при зараза и системата ми връща - Няма такава тема... :)

За това ли става въпрос? Системата ми е инфектирана - Какво да правя сега? (дадена в по-горния пост)

Ето го съдържанието на FRST (странно защо е указано да се копира в поста вместо също да се даде в линк.. но , както и да е):


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by ******** (administrator) on INTERPOL (07-04-2016 17:43:05)
Running from C:\Users\********\Desktop
Loaded Profiles: ******** & UpdatusUser (Available Profiles: ******** & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872176 2013-09-07] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-534385318-1654252168-1830086393-1000\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2013-04-11] ()
HKU\S-1-5-21-534385318-1654252168-1830086393-1000\...\MountPoints2: {e3252dc0-4eb1-11e4-a084-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-21-534385318-1654252168-1830086393-1001\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-09-06] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll [2015-09-03] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2015-09-03] (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1CF9C21E-E679-401D-AAFA-914075661285}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-10-08] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-08] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-10-08] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-10-08] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-10-08] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-08] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-15] (Atheros Commnucations)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-10-08] (Kaspersky Lab ZAO)
BHO-x32: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> C:\Users\********\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-11-01] (Trend Media Group)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-10-08] (Kaspersky Lab ZAO)

FireFox:
========
FF ProfilePath: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF NetworkProxy: "backup.ftp", "122.227.42.80"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "122.227.42.80"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "122.227.42.80"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", " 79.173.87.59 "
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", " 79.173.87.59 "
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", " 79.173.87.59 "
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", " 79.173.87.59 "
FF NetworkProxy: "ssl_port", 3128
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-534385318-1654252168-1830086393-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\********\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\searchplugins\hma-proxy.xml [2015-09-10]
FF Extension: Google Translator for Firefox - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\extensions\[email protected] [2015-11-19]
FF Extension: Amazon Assistant for Firefox - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\[email protected] [2016-02-11]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\[email protected] [2016-04-01]
FF Extension: United States English Spellchecker - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\[email protected] [2016-03-18]
FF Extension: Hide My Ass! Web Proxy - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\[email protected] [2015-09-25]
FF Extension: Russian Hunspell spellchecking dictionary - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\[email protected] [2015-12-17]
FF Extension: NextVid Stopper for YouTube - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\[email protected] [2015-10-05]
FF Extension: Easiest YouTube Video Downloader - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\[email protected]_easiestyoutube.xpi [2016-02-08]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\[email protected] [2016-04-06]
FF Extension: gtranslate - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2015-12-19]
FF Extension: Adblock Plus - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\onbsrmpj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-25]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2015-02-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2015-02-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2015-02-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2015-02-18] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2015-02-18] [not signed]

Chrome:
=======
CHR DefaultSearchURL: Profile 3 -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> bing.com
CHR Profile: C:\Users\********\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Презентации) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-09]
CHR Extension: (Google Документи) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Диск) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-09]
CHR Extension: (Download Manager (video and mp3)) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\bapnjmgdanmelbcmjdjljogelnlfepcj [2015-04-10]
CHR Extension: (Adblock Plus) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-11]
CHR Extension: (АБВ Уведомител) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbekonjicgkldkmopnamgglbfaiojje [2015-01-31]
CHR Extension: (Tabs Backup & Restore) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2015-01-29]
CHR Extension: (Електронни таблици от Google) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-09]
CHR Extension: (Bookmark Manager) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-13]
CHR Extension: (Search the current site (Търсене в сайта)) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\jliolpcnkmolaaecncdfeofombdekjcp [2015-03-30]
CHR Extension: (Защита Kaspersky) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2014-10-08]
CHR Extension: (Google Wallet) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-13]
CHR Profile: C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Документи) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-18]
CHR Extension: (Google Диск) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-18]
CHR Extension: (YouTube) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-18]
CHR Extension: (Google Търсене) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-18]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-05-18]
CHR Extension: (Електронни таблици от Google) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-18]
CHR Extension: (Bookmark Manager) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-18]
CHR Extension: (Защита Kaspersky) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-05-18]
CHR Extension: (Google Wallet) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-18]
CHR Extension: (Gmail) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-18]
CHR Extension: (Anti-Banner) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-05-18]
CHR Profile: C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-18]
CHR Extension: (Google Docs) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-18]
CHR Extension: (Google Drive) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-18]
CHR Extension: (Bing) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2015-05-18]
CHR Extension: (Adblock Plus) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-18]
CHR Extension: (ABV Notifier) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cpbekonjicgkldkmopnamgglbfaiojje [2015-05-18]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-05-18]
CHR Extension: (Tabs Backup & Restore) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2015-05-18]
CHR Extension: (Google Sheets) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-18]
CHR Extension: (Bookmark Manager) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-18]
CHR Extension: (Search the current site) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jliolpcnkmolaaecncdfeofombdekjcp [2015-05-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-18]
CHR Extension: (Kaspersky Protection) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-05-18]
CHR Extension: (Google Wallet) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-18]
CHR Extension: (Anti-Banner) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-05-18]
CHR Profile: C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Docs) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-21]
CHR Extension: (Google Drive) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Adblock Plus) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-05-21]
CHR Extension: (Tabs Backup & Restore) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dehocbglhkaogiljpihicakmlockmlgd [2015-05-21]
CHR Extension: (Google Docs Offline) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (FVD Video Downloader) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gmngadifolibnaoikammfkfpfhoefadb [2015-05-24]
CHR Extension: (Search the current site) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jliolpcnkmolaaecncdfeofombdekjcp [2016-02-01]
CHR Extension: (The Great Suspender) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-02-16]
CHR Extension: (Kaspersky Protection) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-05-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Anti-Banner) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-05-21]
CHR HKU\S-1-5-21-534385318-1654252168-1830086393-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - hxxps://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [451072 2016-01-11] (Amazon Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-15] (Atheros Commnucations) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2013-09-07] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2013-09-07] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1473920 2012-05-29] (Crystal Rich Ltd)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-10-15] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-10-08] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-10-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-10-08] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-10-08] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-02-18] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-10-08] (Duplex Secure Ltd.)
U3 a0clrcj6; C:\Windows\System32\Drivers\a0clrcj6.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-07 17:43 - 2016-04-07 17:43 - 00029495 _____ C:\Users\********\Desktop\FRST.txt
2016-04-07 17:40 - 2016-04-07 17:40 - 02374144 _____ (Farbar) C:\Users\********\Desktop\FRST64.exe
2016-04-04 22:38 - 2016-04-04 22:38 - 00000959 _____ C:\Users\********\Desktop\стаж.lnk
2016-04-04 19:05 - 2016-04-04 19:05 - 00000000 ___RD C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-04-02 21:54 - 2016-04-02 21:54 - 00000000 ____D C:\Users\********\AppData\Local\Wondershare
2016-04-02 21:53 - 2016-04-02 21:53 - 00001143 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk
2016-04-02 21:53 - 2016-04-02 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-04-02 21:50 - 2016-04-02 21:52 - 00000000 ____D C:\Users\********\Documents\Wondershare Filmora
2016-04-02 21:50 - 2016-04-02 21:50 - 00000000 ____D C:\ProgramData\Wondershare Video Editor
2016-04-02 21:50 - 2016-04-02 21:50 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-04-02 21:47 - 2016-04-02 21:50 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-03-19 07:38 - 2016-03-21 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-07 17:43 - 2015-06-22 10:44 - 00000000 ____D C:\FRST
2016-04-07 17:41 - 2014-10-08 02:18 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-07 17:10 - 2015-08-02 17:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-07 16:53 - 2014-10-08 02:08 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-04-07 16:50 - 2015-04-20 17:25 - 00000000 ____D C:\Users\********\Documents\Файлове на Outlook
2016-04-07 00:41 - 2014-10-08 02:18 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-06 00:15 - 2009-07-14 08:13 - 00782218 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-06 00:15 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2016-04-04 01:04 - 2014-10-08 01:59 - 00109224 _____ C:\Users\********\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-03 23:51 - 2014-10-08 02:53 - 00000000 ____D C:\Users\********\AppData\Roaming\Skype
2016-04-02 21:54 - 2009-07-14 07:57 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-02 13:26 - 2015-12-15 22:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-02 13:26 - 2014-10-08 02:52 - 00000000 ____D C:\ProgramData\Skype
2016-04-02 00:33 - 2015-04-22 11:59 - 00000000 ____D C:\Users\********\AppData\Local\CrashDumps
2016-04-01 18:43 - 2014-10-13 17:09 - 00006417 _____ C:\Users\********\Desktop\New Text Document (5).txt
2016-04-01 17:16 - 2014-10-18 10:46 - 00000000 ____D C:\Users\********\AppData\Roaming\USBSafelyRemove
2016-04-01 15:51 - 2014-10-08 02:04 - 00000000 ____D C:\Users\********\AppData\Roaming\Atheros
2016-04-01 15:44 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-31 01:43 - 2014-10-08 02:19 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-31 01:43 - 2014-10-08 02:19 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-28 00:39 - 2015-04-15 16:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-24 16:10 - 2015-08-02 17:52 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-24 16:10 - 2014-10-08 18:41 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 16:10 - 2014-10-08 18:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 13:33 - 2015-08-02 18:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2016-01-12 13:56 - 2016-01-12 13:56 - 0000132 _____ () C:\Users\********\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-02-17 02:01 - 2016-02-17 02:01 - 0003584 _____ () C:\Users\********\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-12 14:35 - 2016-01-12 14:35 - 0000017 _____ () C:\Users\********\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\********\AppData\Local\Temp\amazon.exe
C:\Users\********\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\********\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\********\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\********\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\********\AppData\Local\Temp\Quarantine.exe
C:\Users\********\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2014-10-10 09:12] - [2014-11-05 19:28] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2014-10-10 09:12] - [2014-11-05 19:28] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-29 00:44

==================== End of FRST.txt ============================
 

 

Ето го и Addition-a:

http://dox.bg/files/dw?a=b073be58a2

Редактирано от Шри Компютърджи (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 1 минута, Шри Компютърджи написа:

Някакви идеи?

Имайте търпение

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да добавя че компютърът стана по-бавен и при стартиране и при отваряне на програми или папки..

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Чисти логове...определено темата не е за нашия раздел и параноята ви идва малко в повече (както винаги става във вашите теми). За забавянето на системата вижте следните теми:

Оптимизиране на Windows с цел по-добра производителност

Ръководство за поддръжка на Windows (XP, Vista и 7) [Revision 2.0]

Какво да направя, ако компютърът ми работи бавно

Затова кой е прониквал и т.н. се обърнете към интернет доставчика ви или службите за сигурност и компютърни престъпления.

И не е добра идея да си едитвате логовете, защото ако се бе наложило да използваме скрипт, той нямаше да сработи заради променения path на файловете и папките...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.


  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от Brightdaylight
      Здравейте, 
      Получих спам имейл в АБВ пощата ми, който ме изнудваше за 1100 лв в биткойн валута срещу изтриване на потенциален мой клип с нецензурно съдържание. Порчетох, че е измама, но все пак има риск за троянки кон в системата. Изпълних инструкциите от темата, но не мога да ги разчета, затова ги прикачвам тук
      Благодаря предварително!
       
      FRST.txt Addition.txt
    • от plamen10
      здравейте моля и в тази тема специалистите за помощ,проблемът е следният последно си спомням че имах няколко имейла от които единият отворих и на следващият ден при включване на компютъра таск менаджера показва 100% и непрекъснат сигнал след което се изключва сам, с много мъки успях да инсталирам Kaspersky и в момента е по добре,но все още ми товари много без да има основание предимно при гледане на клип в ютуб,качвам ви резултата от сканирането

    • от мирослав24
      Здравейте,открих наличието на софтуер за дистанционен достъп до компютъра си ,след като видях курсора на мишката да се движи по екрана.Не знам дали има промяна в работата на компютъра,поне не съм забелязал.Прилагам файловете при сканиране с FRST 
      FRST.txt Addition.txt
    • от Rumen Velev
      Това е темата която ме насочи тук, с подробна информация, какво да правя сега?
    • от #Darth Vader
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
      Ran by NightRider (administrator) on OUTPOST (01-04-2020 15:19:27)
      Running from C:\Users\NightRider\Desktop
      Loaded Profiles: NightRider (Available Profiles: NightRider)
      Platform: Windows 10 Pro Version 1909 18363.753 (X64) Language: Български (България)
      Default browser: FF
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe
      (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avpui.exe
      (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe
      (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe
      (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
      (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
      (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
      (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
      (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe
      (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
      (Valve -> Valve Corporation) E:\Games\Steam\steam.exe
      (VoodooSoft, LLC -> VoodooSoft, LLC ) C:\Program Files\VoodooShield\VoodooShield.exe
      (VoodooSoft, LLC -> VoodooSoft, LLC ) C:\Program Files\VoodooShield\VoodooShieldService.exe
      ==================== Registry (Whitelisted) ===================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [Malwarebytes Windows Firewall Control] => C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe [647856 2020-01-05] (Malwarebytes Inc -> Malwarebytes)
      HKU\S-1-5-21-1903147458-2263829336-249963103-1001\...\Run: [Steam] => E:\Games\Steam\steam.exe [3370272 2020-03-27] (Valve -> Valve Corporation)
      ==================== Scheduled Tasks (Whitelisted) ============
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      Task: {221E7CE6-5148-42C5-A220-9EF6F74E9A63} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [739624 2018-04-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
      Task: {B4A41E61-B4EE-4894-B34F-69ED2CD1A78C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
      Task: {B9473F12-BF68-46A8-ABB2-FCE28B5FCEC6} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
      Task: {DAE116B0-629E-4A4B-B509-24E39DF374CC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
      Task: {E2964865-E1B7-4E2C-B492-BC9EB0C98BEE} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-01-21] () [File not signed]
      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
      Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 217.10.251.114
      Tcpip\..\Interfaces\{9706d7e1-ab22-4a95-8faa-594f0f5e1d81}: [NameServer] 1.1.1.1,1.0.0.1
      Tcpip\..\Interfaces\{9706d7e1-ab22-4a95-8faa-594f0f5e1d81}: [DhcpNameServer] 217.10.251.114
      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
      HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
      Edge:
      ======
      DownloadDir: C:\Users\NightRider\Downloads
      FireFox:
      ========
      FF DefaultProfile: 84toqkl3.default
      FF ProfilePath: C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\84toqkl3.default [2020-01-17]
      FF ProfilePath: C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release [2020-04-01]
      FF Homepage: Mozilla\Firefox\Profiles\ujtk5yth.default-release -> about:blank
      FF Extension: (HTTPS Навсякъде) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\[email protected] [2020-03-28]
      FF Extension: (Privacy Badger) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\[email protected] [2020-02-20]
      FF Extension: (Kaspersky Protection) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\[email protected] [2020-02-15]
      FF Extension: (uBlock Origin) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\[email protected] [2020-03-10]
      FF Extension: (Black Pixel Firefox) - C:\Users\NightRider\AppData\Roaming\Mozilla\Firefox\Profiles\ujtk5yth.default-release\Extensions\{46f60d87-d458-4083-b2a6-d8165d1c296c}.xpi [2020-01-03]
      FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-01-03] <==== ATTENTION (Points to *.cfg file)
      FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-01-03] <==== ATTENTION
      Chrome:
      =======
      CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
      CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
      ==================== Services (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2020-01-04] (BattlEye Innovations e.K. -> )
      S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2020-01-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
      S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
      S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-02-28] (Malwarebytes Inc -> Malwarebytes)
      S3 mracsvc; C:\Windows\System32\mracsvc.exe [18997912 2020-01-05] (Mail.Ru LLC -> LLC Mail.Ru)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
      R2 VoodooShieldService; C:\Program Files\VoodooShield\VoodooShieldService.exe [147968 2020-01-10] (VoodooSoft, LLC -> VoodooSoft, LLC )
      S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
      R2 wfcs; C:\Program Files\Malwarebytes\Windows Firewall Control\wfcs.exe [124592 2020-01-05] (Malwarebytes Inc -> Malwarebytes)
      S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
      R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
      ===================== Drivers (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2836840 2020-01-05] (BattlEye Innovations e.K. -> )
      R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
      R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [93312 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
      S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
      R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [251512 2019-11-01] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [586496 2020-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1163216 2020-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
      R3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [203328 2020-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998296 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
      R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
      R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
      S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
      R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [251256 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
      R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [99152 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
      R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [306248 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
      R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [119744 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
      R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [204520 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
      S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [211048 2020-01-03] (Kaspersky Lab -> AO Kaspersky Lab)
      R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
      S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
      S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-31] (Malwarebytes Inc -> Malwarebytes)
      S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [18234792 2020-01-05] (Mail.Ru LLC -> LLC Mail.Ru)
      R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
      R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
      R3 RTL8023x64; C:\Windows\System32\drivers\Rtnic64.sys [51712 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
      R3 VSScanner; C:\Windows\System32\DRIVERS\vsscanner.sys [29752 2018-06-25] (Microsoft Windows Hardware Compatibility Publisher -> VoodooSoft, LLC)
      S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45960 2020-03-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
      S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [391392 2020-03-27] (Microsoft Windows -> Microsoft Corporation)
      S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-27] (Microsoft Windows -> Microsoft Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One month (created) ===================
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2020-04-01 15:19 - 2020-04-01 15:20 - 000015114 _____ C:\Users\NightRider\Desktop\FRST.txt
      2020-04-01 15:18 - 2020-04-01 15:19 - 000000000 ____D C:\FRST
      2020-04-01 15:18 - 2020-04-01 15:18 - 002280448 _____ (Farbar) C:\Users\NightRider\Desktop\FRST64.exe
      2020-04-01 02:55 - 2020-04-01 02:55 - 000000641 _____ C:\Users\NightRider\Desktop\JRT.txt
      2020-04-01 02:50 - 2020-04-01 02:50 - 000000000 ____D C:\AdwCleaner
      2020-04-01 02:49 - 2020-04-01 02:49 - 008199856 _____ (Malwarebytes) C:\Users\NightRider\Desktop\AdwCleaner.exe
      2020-04-01 02:48 - 2020-04-01 02:48 - 001790024 _____ (Malwarebytes) C:\Users\NightRider\Desktop\JRT.exe
      2020-03-31 04:09 - 2020-03-31 04:09 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
      2020-03-31 04:09 - 2020-03-31 04:09 - 000214496 ____N (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
      2020-03-31 04:04 - 2020-03-31 04:04 - 000000000 ___HD C:\Windows\system32\GroupPolicy
      2020-03-31 02:42 - 2020-03-31 02:42 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 009930760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2020-03-31 02:42 - 2020-03-31 02:42 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 006522320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 004563416 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
      2020-03-31 02:42 - 2020-03-31 02:42 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
      2020-03-31 02:42 - 2020-03-31 02:42 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
      2020-03-31 02:42 - 2020-03-31 02:42 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
      2020-03-31 02:42 - 2020-03-31 02:42 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
      2020-03-31 02:42 - 2020-03-31 02:42 - 000768736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
      2020-03-31 02:42 - 2020-03-31 02:42 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 000420360 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
      2020-03-31 02:42 - 2020-03-31 02:42 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
      2020-03-31 02:42 - 2020-03-31 02:42 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
      2020-03-27 02:57 - 2020-03-27 02:57 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 019813376 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 018027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 003799552 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2020-03-27 02:57 - 2020-03-27 02:57 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
      2020-03-27 02:57 - 2020-03-27 02:57 - 002768440 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 002369576 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 002188600 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 002087168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001659408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 001495864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001386296 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000628408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
      2020-03-27 02:57 - 2020-03-27 02:57 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
      2020-03-27 02:57 - 2020-03-27 02:57 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
      2020-03-27 02:57 - 2020-03-27 02:57 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
      2020-03-27 02:57 - 2020-03-27 02:57 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
      2020-03-27 02:57 - 2020-03-27 02:57 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
      2020-03-27 02:57 - 2020-03-27 02:57 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
      2020-03-27 02:57 - 2020-03-27 02:57 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
      2020-03-27 02:57 - 2020-03-27 02:57 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
      2020-03-27 02:57 - 2020-03-27 02:57 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
      2020-03-27 02:57 - 2020-03-27 02:57 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 003977216 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 003728384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 003586872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 002143232 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
      2020-03-27 02:56 - 2020-03-27 02:56 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000874512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000047208 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
      2020-03-27 02:56 - 2020-03-27 02:56 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
      2020-03-27 02:56 - 2020-03-27 02:56 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
      2020-03-27 02:56 - 2020-03-27 02:56 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
      2020-03-27 02:07 - 2020-04-01 15:06 - 000000384 _____ C:\Users\NightRider\Desktop\А1 - Пряк път.lnk
      2020-03-26 19:57 - 2020-03-26 19:57 - 000000000 ____D C:\Users\NightRider\AppData\Local\OneDrive
      2020-03-13 02:24 - 2020-03-13 02:24 - 000021718 _____ C:\Users\NightRider\Desktop\stp_01x07_2020_e-tle(subsunacs.net).rar
      2020-03-13 01:26 - 2020-02-28 03:44 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2dp.sys
      2020-03-10 22:06 - 2020-03-10 22:06 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 011607552 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 007755776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 005911040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 004855808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 004580352 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 003819520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 003488768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 002956688 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 002224952 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 002072664 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 002031104 _____ C:\Windows\system32\rdpnano.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001867816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001770552 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001490640 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001282944 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001108040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000757632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000510768 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
      2020-03-10 22:06 - 2020-03-10 22:06 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
      2020-03-10 22:06 - 2020-03-10 22:06 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000042296 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
      2020-03-10 22:06 - 2020-03-10 22:06 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
      2020-03-10 22:06 - 2020-03-10 22:06 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
      2020-03-10 22:06 - 2020-03-10 22:06 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
      2020-03-10 22:06 - 2020-03-10 22:06 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 007905784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 006084344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 002870272 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 002715648 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
      2020-03-10 22:05 - 2020-03-10 22:05 - 002698040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
      2020-03-10 22:05 - 2020-03-10 22:05 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001999952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001665416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001657120 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001581056 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001484600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000877232 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000734720 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000551824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000248064 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000221200 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
      2020-03-10 22:05 - 2020-03-10 22:05 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000165504 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000146712 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000120560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
      2020-03-10 22:05 - 2020-03-10 22:05 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
      2020-03-10 22:05 - 2020-03-10 22:05 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
      2020-03-10 22:05 - 2020-03-10 22:05 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
      2020-03-10 21:56 - 2020-02-11 07:48 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
      2020-03-10 21:56 - 2020-02-11 07:37 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
      ==================== One month (modified) ==================
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2020-04-01 15:19 - 2020-01-04 22:52 - 000000000 ____D C:\ProgramData\VoodooShield
      2020-04-01 15:19 - 2020-01-03 23:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab
      2020-04-01 15:18 - 2019-03-19 07:50 - 000000000 ____D C:\Windows\INF
      2020-04-01 15:11 - 2020-01-03 23:07 - 000000000 ____D C:\Users\NightRider\AppData\LocalLow\Mozilla
      2020-04-01 15:02 - 2019-03-19 07:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
      2020-04-01 14:58 - 2020-01-03 22:32 - 000049064 _____ C:\Windows\system32\perfh002.dat
      2020-04-01 14:58 - 2020-01-03 22:32 - 000012206 _____ C:\Windows\system32\perfc002.dat
      2020-04-01 14:58 - 2020-01-03 20:16 - 000885446 _____ C:\Windows\system32\PerfStringBackup.INI
      2020-04-01 14:52 - 2020-01-03 20:04 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2020-04-01 14:51 - 2020-01-03 23:07 - 000003136 _____ C:\Windows\system32\Tasks\MSIAfterburner
      2020-04-01 14:51 - 2020-01-03 21:37 - 000017322 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
      2020-04-01 14:51 - 2020-01-03 21:37 - 000017260 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
      2020-04-01 14:51 - 2020-01-03 21:37 - 000012206 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
      2020-04-01 14:51 - 2019-03-19 07:37 - 000524288 _____ C:\Windows\system32\config\BBI
      2020-04-01 14:50 - 2020-01-03 20:03 - 000000000 ____D C:\Windows\system32\SleepStudy
      2020-04-01 11:34 - 2020-01-03 21:37 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
      2020-04-01 08:18 - 2020-01-03 23:23 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
      2020-04-01 03:44 - 2019-03-19 07:52 - 000000000 ___HD C:\Program Files\WindowsApps
      2020-04-01 03:44 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\AppReadiness
      2020-04-01 03:26 - 2020-01-03 21:21 - 000000000 ____D C:\Users\NightRider\AppData\Local\D3DSCache
      2020-03-31 03:18 - 2020-01-03 21:17 - 000000000 ____D C:\Users\NightRider\AppData\Local\Packages
      2020-03-31 03:12 - 2020-01-03 23:05 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
      2020-03-31 03:09 - 2019-03-19 07:37 - 000000000 ____D C:\Windows\CbsTemp
      2020-03-31 02:45 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\ShellExperiences
      2020-03-31 02:45 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\bcastdvr
      2020-03-31 02:44 - 2020-01-03 21:15 - 000000000 ____D C:\Users\NightRider
      2020-03-31 02:20 - 2020-01-04 03:56 - 000011069 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
      2020-03-27 03:10 - 2020-01-03 20:03 - 000257824 _____ C:\Windows\system32\FNTCACHE.DAT
      2020-03-27 03:08 - 2019-03-19 14:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
      2020-03-27 03:08 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SystemResources
      2020-03-27 03:08 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
      2020-03-27 03:08 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\Provisioning
      2020-03-27 03:08 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\PolicyDefinitions
      2020-03-27 02:42 - 2020-01-03 20:04 - 000000000 ____D C:\Windows\system32\Drivers\wd
      2020-03-27 01:57 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\NDF
      2020-03-27 01:41 - 2019-03-19 07:37 - 000032768 _____ C:\Windows\system32\config\ELAM
      2020-03-27 01:12 - 2020-01-04 00:34 - 000000000 ____D C:\Users\NightRider\AppData\Roaming\uTorrent
      2020-03-22 04:51 - 2020-01-03 21:20 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1903147458-2263829336-249963103-1001
      2020-03-22 04:51 - 2020-01-03 21:20 - 000000000 ___RD C:\Users\NightRider\OneDrive
      2020-03-22 04:51 - 2020-01-03 21:15 - 000002406 _____ C:\Users\NightRider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2020-03-15 00:17 - 2020-02-12 00:56 - 000000000 ____D C:\Users\NightRider\AppData\Local\ElevatedDiagnostics
      2020-03-13 02:38 - 2020-01-04 00:38 - 000000000 ____D C:\Users\NightRider\AppData\LocalLow\uTorrent
      2020-03-13 02:24 - 2020-01-04 00:38 - 000000000 ____D C:\Users\NightRider\AppData\Local\BitTorrentHelper
      2020-03-12 02:54 - 2020-01-05 23:15 - 000012201 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
      2020-03-10 22:15 - 2020-01-03 21:17 - 000000000 __RHD C:\Users\Public\AccountPictures
      2020-03-10 22:15 - 2020-01-03 21:17 - 000000000 ___RD C:\Users\NightRider\AppData\3D Objects
      2020-03-10 22:14 - 2020-02-19 23:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2020-03-10 22:14 - 2020-01-03 23:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2020-03-10 22:13 - 2019-03-19 07:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
      2020-03-10 22:13 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
      2020-03-10 22:13 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
      2020-03-10 22:13 - 2019-03-19 07:52 - 000000000 ____D C:\Windows\system32\Dism
      2020-03-10 22:13 - 2019-03-19 07:37 - 000000000 ____D C:\Windows\servicing
      2020-03-10 22:12 - 2020-01-03 22:19 - 000000000 ____D C:\Windows\system32\MRT
      2020-03-10 22:09 - 2020-01-03 22:19 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2020-03-09 17:47 - 2020-01-03 23:23 - 000000000 ____D C:\Program Files\CCleaner
      2020-03-09 16:32 - 2020-02-23 19:48 - 000000000 ____D C:\ProgramData\boost_interprocess
      ==================== SigCheck ============================
      (There is no automatic fix for files that do not pass verification.)
      ==================== End of FRST.txt ========================
      Addition.txt
  • Дарение

×
×
  • Добави ново...