Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Aneliya Beaton

Нелегална (предполагам) версия на Adobe прави компютъра ми да работи бавно

Препоръчан отговор


Здравейте, 
 

Имам следния проблем.
Закупих от eBay версиа на Adobe CS6, която ми я продадоха за лицензирана. Въпросната версия не търси активационен код, а върви само със сериен номер, което ми се видя съмнително, но понеже не претендитам, че знам всичко за активацията на адоб го приех за истина. 
Свалих инсталационните файлове от тук  http://bit.ly/2HbpqYp ако това има някакво значение.
След диспут с продавача, заради отказа му да се легитимира, като такъв, издавайки ми фактура, след като единия от серийните номера, които ми продаде не работи и след като инсталирах софтуера на няколко компютъра, започнах да се съмнявам, че софтуера му не е читав. Установих, че компютрите  почнаха да вървят бавно. Като се замислят забравят да спрат... Бавно зареждат самита програми на Адоб, но не само тях.... Като се опитам да включа Task Manager-ра той не се отваря веднага, а седи много дълго време като бяло квадратче на екрана, нещо което не се беше случвало преди. Също днес без предупреждение уиндоуса се бъгна и ми показа син екран.... и не започна да върти процентите, както обикновенно, а си остана на 0 поне 5-6 мин докъто не го резстартирах с копчето......

Предполагам съм направила някои "подобрения" на системата след качването на Adobe.
 

Дезинсталирах пакета, но компютъра се държи по същия начин. На другите компютри още седи инсталиран.
Интересува ме дали е вирус, това което бави машината(те).
Възможно ли е "пипания" софтуер да рови из машината и да търси пароли и банкови сметки. Ако да, възможно ли е тези му "функции" да останат и след деинсталация?
Също ако се установи нещо такова, може ли да се докаже времето, (дата, час) когато е качено.
 

та това ми е проблема.
Ако тука се установи нещо ще го махна от всички машини (още 6) и ще се наложи да почистя и тях.
 

Благодаря предварително за помоща.
Анелия


 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Анелия, изчакайте някой от антивирусния екип да се появи и следвайте само неговите насоки!

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте ,Анелия..! Добре дошли в нашия скромен подраздел за премахване на зловреден софтуер..! Аз се казвам Ицо и  ще ви съдействам за проблема ви със злонамерен софтуер ..ако се установи че ситемата ви е заразена с такъв..! :)

Преди да започнем, моля, прочетете и искрено се надявам да следвате тези важни насоки, така че нещата да преминат  плавно и безпроблемно.

  •  Както ще забележите, дневниците, които искаме тук, са доста дълги, затова е нормално да не отговарям точно след като ги публикувате. Това е така, защото ми трябва известно време, за да ги анализирам и след това да действам по съответния начин. Въпреки това винаги ще отговарям в рамките на 24 часа, най-много 48 часа, ако се случи нещо неочаквано
  • Инструкциите които ще Ви  давам, ще са само за вашия компютър и само за вашата система! Използването на тези инструкции на друг компютър могат да доведат до увреждане на този компютър и евентуално да го направи неизползваем !
  • Моля да следвате инструкциите ми в реда в който ги давам.
  • Трябва да имате права на администратор за този компютър,инструментите които ще използваме се стартират единствено от името на администратор.
  • Не стартирайте никакви други инструменти за премахване на зловреден софтуер, освен ако не сте инструктирани!
  • Не инсталирайте  софтуер (или хардуер) по време на процеса на почистване,както и не сваляйте или сканирай те с нищо  вашата система, защото към нея се  добавят повече елементи.Това прави анализа по-труден.
  • Вашите програми за сигурност могат да дават предупреждения за някои от инструментите които използваме.  Бъдете сигурни, всички връзки които давам за изтегляне на инструментите както и самите те, са безопасни.
  •  Моля,по възможност да отговаряте в темата  докато не ви потвърдя че тя е  " Чиста !"
  • Липсата на симптоми не означава, че всичко е чисто.

Моля, имайте предвид, че премахването на зловреден софтуер е непредвидим процес.. Аз ще се погрижа да ви  предложа начини на действие, които не могат да повредят вашия компютър. Въпреки това, за мен е невъзможно да  предвидя всички взаимодействия, които могат да се случат между софтуера на компютъра ви и инструментите които ще използваме , за да ви изчистим от инфекции, и в някои случаи аз не мога да  гарантирам целостта на вашата система. Възможно е, да възникнат ситуации, в които единственото решение е системата ви да се  форматира и да се преинсталира операционната система.Поради тази причина аз ви съветвам  да направите резервно копие на всички ваши лични файлове и папки, преди да започнем с почистването.

 

  • И последно и аз съм човек и  не съм всезнаещ. Има неща, които дори не мога да предвидя. Но това, което знам, отне години, за да науча и усъвършенствам . Аз и екипът ни напълно доброволно помагаме на хората в нужда използвайки собственото си свободно време. Бих искал да уважавате това и да бъдете търпеливи, тъй като понякога реалният живот изисква нашето време и отговорите ви могат да бъдат забавени. Благодаря..!

 

...и така време е да започнем ..! Моля следвайте стъпките от темата:

 

Системата ми е инфектирана - Какво да правя сега?

 

Очаквам в следващя си пост да публикувате дневници от програмата Farbar Recovery Scan Tool:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (прикачате..) 

 

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

За съжаление няма обратна връзка с автора на темата...! Темата маркирам като " Приключена" ..! Ако все пак автора има желание да продължим, моля да ме уведоми с лично съобщение..!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте отново,
 

Прилагам съдържанието на генерираните файлове (последна ъпдейтната версия на тях, която току що беше приключена, тъйкато след последната направена вчера, компютъра се ъпдейтна).
FRST:
 


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2247272 2018-08-29] (Guangzhou Ugee Computers Technology Co.,Ltd -> UGEE)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662 (the data entry has 44 more characters).
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [GoogleChromeAutoLaunch_FE4A4543431CDBB1D3752425BDF66A5F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-07-13] (Google LLC -> Google LLC)
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [AdobeBridge] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-08-12]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {014A4B1E-EB87-43CD-8771-3D54DF1E2FEF} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {04B91F18-5149-4C16-B37F-AB0B2B61BDF7} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-24] (Acer Incorporated -> )
Task: {0AB39C25-0879-435E-9F0F-5D56E3A138C4} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {0BD26A45-9552-4CC9-B6F7-DBFB1D6F6ABA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {1B7FAFCC-7B6C-4338-8C9A-36FBEFB2E11B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {21EFCF0F-D7E5-415F-9D4C-47811C875F5A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {27B37B28-F56A-4EC4-8297-EC519F12A84C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AAC5FDF-0122-469F-B5CF-02097774795A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {33C5F447-1E0B-48CC-88EA-1F13A16474A0} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {34910470-5ED1-48D2-A019-697167083F92} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [422704 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {3F3B38E4-F290-45BE-A984-8A7A27EEC9D0} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {48835C3F-DCD3-49EA-BF10-F84338580BF6} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated)
Task: {4BC6FF17-0170-4310-B3AF-37D5718078CE} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {4C850587-5334-4490-9BF5-5917C734163C} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {71BC7D34-AB7B-4A79-890D-F579C988584B} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {7A1114B3-BE7A-403E-9DE8-749333A208BE} - System32\Tasks\App Explorer => C:\Users\astra\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7241384 2019-05-22] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {8312D9D7-3701-433B-A083-10A6A2B7E5A9} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767152 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {88737B2D-E0DB-4ED7-BED9-00F6AF0B0BBF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {903FA2A0-D83F-43EE-8D86-B52A8EDF1AE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.)
Task: {A51114AA-9E48-4A0C-9D7F-956D10D153D5} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {A84FECC7-DBF5-4F97-B26B-10048D49DBE1} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {B2FD0A1B-C8D5-4EEC-9842-89EF760AAD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6D8FF7B-4BB1-48D2-935C-29B1348A05D5} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {D0A73DEB-437E-4129-A07C-0FA3925E82C9} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {D5092C74-28AB-425D-826B-9BC89BEEECF1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-12] (Acer Incorporated -> TODO: <Company name>)
Task: {D5F1D5F9-4EE8-4236-8816-BF4694DBBCC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.)
Task: {D6CAC0E2-774D-4065-A6A1-E2FEAD14E3C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5BD174C-13E0-4098-AB2D-264116D13CCF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504384 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {E743DBFC-E3E8-419E-ADF6-ADC2E84D97B3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5EB49F8-E72F-4AD4-B3F0-DE08F1B75DDA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{80bff6ca-ac63-49b4-b1c6-ad2f0eef04e7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge Extension: (Norton Password Manager) -> EdgeExtension_SymantecCorporation5478111E43ACF_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13]
Edge Extension: (Norton Safe Web) -> EdgeExtension_SymantecCorporationNortonSafeWeb_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26]

FireFox:
========
FF DefaultProfile: lrtt3h84.default
FF ProfilePath: C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default [2019-03-02]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\abb-acer@amazon.com [2017-08-12] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\langpack-en-US@firefox.mozilla.org [2017-08-12] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\partnerdefaults@mozilla.com [2017-08-12] [Legacy]
FF Extension: (Youtube Unblocker Remediation) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\features\{1bc4a344-5d8d-4fd1-97c6-f8c6065e34ec}\malware-remediation@mozilla.org.xpi [2017-08-12] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-01-06] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2017-01-06] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2017-01-06] [Legacy]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/","hxxp://google.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html"
CHR Profile: C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default [2019-07-23]
CHR Extension: (Norton Password Manager) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2019-07-13]
CHR Extension: (Flash Video Downloader) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-06-03]
CHR Extension: (Docs) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-29]
CHR Extension: (Google Drive) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-12]
CHR Extension: (YouTube) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-12]
CHR Extension: (Norton Safe Search) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2019-04-27]
CHR Extension: (Norton Safe Web) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2019-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-18]
CHR Extension: (Grammarly for Chrome) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-07-23]
CHR Extension: (Norton Home Page) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2019-04-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-21]
CHR Extension: (Gmail) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-26]
CHR Extension: (Chrome Media Router) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [181512 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [799928 2018-10-18] (ICEpower a/s -> ICEpower)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe [933200 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated -> Acer Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11969880 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3755176 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\BASHDefs\20190716.001\BHDrvx64.sys [1935880 2019-06-14] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\ccSetx64.sys [192704 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2019-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-07-12] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-07-13] (Symantec Corporation -> Symantec Corporation)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [172304 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\IPSDefs\20190722.061\IDSvia64.sys [1441800 2019-07-12] (Symantec Corporation -> Symantec Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7643648 2017-07-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-19] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSP64.SYS [864776 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSPX64.SYS [49672 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SYMEFASI64.SYS [1998552 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SymELAM.sys [25744 2019-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-27] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.0.183\SymPlatform\SymEvnt.sys [717832 2019-07-16] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\Ironx64.SYS [315912 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\symnets.sys [573448 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-09] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\wpCtrlDrv.sys [1012120 2019-06-20] (Symantec Corporation -> Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-23 16:42 - 2019-07-23 16:47 - 000023230 _____ C:\Users\astra\Desktop\FRST.txt
2019-07-22 19:34 - 2019-07-23 16:39 - 000000000 ____D C:\FRST
2019-07-22 19:20 - 2019-07-22 19:20 - 002095104 _____ (Farbar) C:\Users\astra\Desktop\FRST64.exe
2019-07-22 19:14 - 2019-07-22 19:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-07-22 18:47 - 2019-07-22 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-07-16 22:25 - 2019-07-16 22:25 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2019-07-15 15:41 - 2019-07-15 15:41 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-07-15 12:51 - 2019-07-15 12:43 - 027886358 _____ C:\Users\astra\Desktop\Evidence_2.avi
2019-07-15 12:51 - 2019-07-15 11:42 - 010416140 _____ C:\Users\astra\Desktop\Evidence_1.avi
2019-07-15 11:54 - 2019-07-15 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2019-07-15 11:52 - 2019-07-15 11:53 - 000001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk
2019-07-15 11:52 - 2019-07-15 11:53 - 000001271 _____ C:\Users\Public\Desktop\Express Burn Disc Burning Software.lnk
2019-07-15 11:52 - 2019-07-15 11:52 - 000002381 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2019-07-15 11:52 - 2019-07-15 11:52 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2019-07-15 11:47 - 2019-07-15 11:47 - 000001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2019-07-15 11:47 - 2019-07-15 11:47 - 000001215 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2019-07-15 11:42 - 2019-07-15 11:50 - 402587648 _____ C:\Users\astra\Downloads\Adobe-Master-Collection-CS6-Windows.iso
2019-07-15 11:38 - 2019-07-15 11:38 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1 (1).exe
2019-07-15 11:38 - 2019-07-15 11:38 - 000000000 ____D C:\Program Files (x86)\WinCDEmu
2019-07-15 11:37 - 2019-07-15 11:37 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1.exe
2019-07-15 11:34 - 2019-07-15 11:34 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2019-07-15 11:33 - 2019-07-15 11:33 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2019-07-15 11:26 - 2019-07-15 11:26 - 000791712 _____ (Disc Soft Ltd.) C:\Users\astra\Downloads\DTLiteInstaller.exe
2019-07-14 17:02 - 2019-07-04 10:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-14 17:02 - 2019-07-04 05:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-14 17:02 - 2019-07-04 05:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-14 17:02 - 2019-07-04 05:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-14 17:02 - 2019-07-04 05:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-14 17:02 - 2019-07-04 05:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-14 17:02 - 2019-05-17 07:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-07-14 17:02 - 2019-05-17 06:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-07-14 17:01 - 2019-07-04 10:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-14 17:01 - 2019-07-04 10:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-14 17:01 - 2019-07-04 10:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-14 17:01 - 2019-07-04 10:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-14 17:01 - 2019-07-04 10:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-14 17:01 - 2019-07-04 09:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-14 17:01 - 2019-07-04 09:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-14 17:01 - 2019-07-04 09:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-14 17:01 - 2019-07-04 09:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-14 17:01 - 2019-07-04 09:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-14 17:01 - 2019-07-04 06:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-14 17:01 - 2019-07-04 05:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-14 17:01 - 2019-07-04 05:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-14 17:01 - 2019-07-04 05:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-14 17:01 - 2019-07-04 05:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-14 17:01 - 2019-07-04 05:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-14 17:01 - 2019-07-04 05:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-14 17:01 - 2019-07-04 05:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-14 17:01 - 2019-07-04 05:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-14 17:01 - 2019-07-04 05:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-14 17:01 - 2019-07-04 05:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-14 17:01 - 2019-07-04 05:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-14 17:01 - 2019-07-04 05:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-14 17:01 - 2019-07-04 05:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-14 17:01 - 2019-07-04 05:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-14 17:01 - 2019-07-04 05:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-14 17:01 - 2019-07-04 05:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-14 17:01 - 2019-07-04 05:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-14 17:01 - 2019-07-04 05:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-14 17:01 - 2019-07-04 05:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-14 17:01 - 2019-07-04 05:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-14 17:01 - 2019-07-04 05:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-14 17:01 - 2019-07-04 05:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-14 17:01 - 2019-07-04 05:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-14 17:01 - 2019-07-04 05:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-14 17:01 - 2019-07-04 05:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-14 17:01 - 2019-07-04 05:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-14 17:01 - 2019-07-04 05:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-14 17:01 - 2019-06-13 13:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-14 17:01 - 2019-06-13 13:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-14 17:01 - 2019-06-13 13:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-14 17:01 - 2019-06-13 13:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-14 17:01 - 2019-06-13 13:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-14 17:01 - 2019-06-13 12:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-14 17:01 - 2019-06-13 12:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-14 17:01 - 2019-06-13 12:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-14 17:01 - 2019-06-13 12:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-14 17:01 - 2019-06-13 12:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-14 17:01 - 2019-06-13 12:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-14 17:01 - 2019-06-13 12:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-14 17:01 - 2019-06-13 12:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-14 17:01 - 2019-06-13 12:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-14 17:01 - 2019-06-13 12:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-14 17:01 - 2019-06-13 12:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-14 17:01 - 2019-06-13 12:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-14 17:01 - 2019-06-13 12:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-14 17:01 - 2019-06-13 12:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-14 17:01 - 2019-06-13 12:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-14 17:01 - 2019-06-13 12:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-14 17:01 - 2019-06-13 12:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-14 17:01 - 2019-06-13 12:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-14 17:01 - 2019-06-13 12:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-14 17:01 - 2019-06-13 12:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-14 17:01 - 2019-06-13 11:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-14 17:01 - 2019-06-13 11:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-14 17:01 - 2019-06-13 10:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-14 17:01 - 2019-06-13 10:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-14 17:01 - 2019-06-13 10:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-14 17:01 - 2019-06-13 08:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-14 17:01 - 2019-06-13 08:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-14 17:01 - 2019-06-13 08:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-14 17:01 - 2019-06-13 07:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-14 17:01 - 2019-06-13 07:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-14 17:01 - 2019-06-13 07:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-14 17:01 - 2019-06-13 07:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-14 17:01 - 2019-06-13 07:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-14 17:01 - 2019-06-13 07:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-14 17:01 - 2019-06-13 07:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-14 17:01 - 2019-06-13 07:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-14 17:01 - 2019-06-13 07:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-14 17:01 - 2019-06-13 07:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-14 17:01 - 2019-06-13 07:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-14 17:01 - 2019-06-13 07:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-14 17:01 - 2019-06-13 07:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-14 17:01 - 2019-06-13 07:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-14 17:01 - 2019-06-13 07:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-14 17:01 - 2019-06-13 07:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-14 17:01 - 2019-06-13 07:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-14 17:01 - 2019-06-13 06:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-14 17:01 - 2019-06-13 06:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-14 17:01 - 2019-06-13 06:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-14 17:01 - 2019-06-13 05:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-14 17:01 - 2019-06-13 05:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-14 17:01 - 2019-06-13 05:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-14 17:01 - 2019-06-13 05:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-14 17:01 - 2019-06-07 11:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-07-14 17:01 - 2019-06-07 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-07-14 17:01 - 2019-06-07 11:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-07-14 17:01 - 2019-06-07 06:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-07-14 17:01 - 2019-06-07 06:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-14 17:01 - 2019-06-07 06:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-07-14 17:01 - 2019-06-07 06:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-07-14 17:01 - 2019-06-07 06:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-07-14 17:01 - 2019-06-07 06:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-07-14 17:01 - 2019-06-07 06:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-07-14 17:01 - 2019-06-07 06:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-14 17:01 - 2019-06-07 06:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-14 17:01 - 2019-06-07 06:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-07-14 17:01 - 2019-06-07 06:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-07-14 17:01 - 2019-05-18 23:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-07-14 17:01 - 2019-05-17 13:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-07-14 17:01 - 2019-05-17 13:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-07-14 17:01 - 2019-05-17 13:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-07-14 17:01 - 2019-05-17 13:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-07-14 17:01 - 2019-05-17 12:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-07-14 17:01 - 2019-05-17 07:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-07-14 17:01 - 2019-05-17 07:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-14 17:01 - 2019-05-17 07:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-14 17:01 - 2019-05-17 07:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-14 17:01 - 2019-05-17 07:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-07-14 17:01 - 2019-05-17 07:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-07-14 17:01 - 2019-05-17 07:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-07-14 17:01 - 2019-05-17 07:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-07-14 17:01 - 2019-05-17 07:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-07-14 17:01 - 2019-05-17 07:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-07-14 17:01 - 2019-05-17 07:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-14 17:01 - 2019-05-17 07:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-07-14 17:01 - 2019-05-17 06:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-14 17:01 - 2019-05-17 06:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-14 17:01 - 2019-05-17 06:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-07-14 17:01 - 2019-05-17 06:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-07-14 17:01 - 2019-05-17 06:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-07-14 17:01 - 2019-05-17 06:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-07-14 17:01 - 2019-05-17 06:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-14 17:01 - 2019-05-17 06:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-07-14 17:00 - 2019-07-04 10:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-14 17:00 - 2019-07-04 10:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-14 17:00 - 2019-07-04 10:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-14 17:00 - 2019-07-04 10:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-14 17:00 - 2019-07-04 10:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-14 17:00 - 2019-07-04 10:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-14 17:00 - 2019-07-04 09:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-14 17:00 - 2019-07-04 05:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-14 17:00 - 2019-07-04 05:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-14 17:00 - 2019-07-04 05:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-14 17:00 - 2019-07-04 05:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-14 17:00 - 2019-07-04 05:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-14 17:00 - 2019-07-04 05:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-14 17:00 - 2019-07-04 05:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-14 17:00 - 2019-07-04 05:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-14 17:00 - 2019-07-04 05:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-14 17:00 - 2019-07-04 05:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-14 17:00 - 2019-07-04 05:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-14 17:00 - 2019-07-04 05:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-14 17:00 - 2019-07-04 05:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-14 17:00 - 2019-07-04 05:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-14 17:00 - 2019-07-04 05:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-14 17:00 - 2019-07-04 05:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-14 17:00 - 2019-07-04 05:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-14 17:00 - 2019-07-04 05:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-14 17:00 - 2019-07-04 05:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-14 17:00 - 2019-07-04 05:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-14 17:00 - 2019-07-04 05:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-14 17:00 - 2019-07-04 05:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-14 17:00 - 2019-07-04 05:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-14 17:00 - 2019-07-04 05:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-14 17:00 - 2019-07-04 05:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-14 17:00 - 2019-07-04 05:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-14 17:00 - 2019-07-04 05:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-14 17:00 - 2019-07-04 05:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-14 17:00 - 2019-07-04 05:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-14 17:00 - 2019-07-04 04:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-14 17:00 - 2019-06-21 09:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-14 17:00 - 2019-06-13 12:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-14 17:00 - 2019-06-13 12:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-14 17:00 - 2019-06-13 12:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-14 17:00 - 2019-06-13 12:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-14 17:00 - 2019-06-13 12:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-14 17:00 - 2019-06-13 12:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-14 17:00 - 2019-06-13 12:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-14 17:00 - 2019-06-13 12:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-14 17:00 - 2019-06-13 12:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-14 17:00 - 2019-06-13 12:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-14 17:00 - 2019-06-13 12:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-14 17:00 - 2019-06-13 12:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-14 17:00 - 2019-06-13 12:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-14 17:00 - 2019-06-13 12:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-14 17:00 - 2019-06-13 12:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-14 17:00 - 2019-06-13 11:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-14 17:00 - 2019-06-13 11:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-14 17:00 - 2019-06-13 10:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-14 17:00 - 2019-06-13 10:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-14 17:00 - 2019-06-13 10:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-14 17:00 - 2019-06-13 10:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-14 17:00 - 2019-06-13 10:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-14 17:00 - 2019-06-13 08:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-14 17:00 - 2019-06-13 08:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-14 17:00 - 2019-06-13 07:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-14 17:00 - 2019-06-13 07:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-14 17:00 - 2019-06-13 07:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-14 17:00 - 2019-06-13 07:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-14 17:00 - 2019-06-13 07:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-14 17:00 - 2019-06-13 07:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-14 17:00 - 2019-06-13 07:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-14 17:00 - 2019-06-13 07:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-14 17:00 - 2019-06-13 07:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-14 17:00 - 2019-06-13 07:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-14 17:00 - 2019-06-13 07:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-14 17:00 - 2019-06-13 07:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-14 17:00 - 2019-06-13 07:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-14 17:00 - 2019-06-13 07:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-14 17:00 - 2019-06-13 07:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-14 17:00 - 2019-06-13 07:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-14 17:00 - 2019-06-13 07:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-14 17:00 - 2019-06-13 07:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-14 17:00 - 2019-06-13 07:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-14 17:00 - 2019-06-13 07:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-14 17:00 - 2019-06-13 06:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-14 17:00 - 2019-06-13 06:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-14 17:00 - 2019-06-13 06:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-14 17:00 - 2019-06-13 06:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-14 17:00 - 2019-06-13 05:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-14 17:00 - 2019-06-13 05:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-14 17:00 - 2019-06-13 05:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-14 17:00 - 2019-06-13 05:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-14 17:00 - 2019-06-13 05:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-14 17:00 - 2019-06-13 05:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-14 17:00 - 2019-06-13 05:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-14 17:00 - 2019-06-13 05:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 05:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-14 17:00 - 2019-06-07 11:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-07-14 17:00 - 2019-06-07 11:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-14 17:00 - 2019-06-07 11:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-14 17:00 - 2019-06-07 07:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-07-14 17:00 - 2019-06-07 06:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-07-14 17:00 - 2019-06-07 06:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-07-14 17:00 - 2019-06-07 06:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-07-14 17:00 - 2019-06-07 06:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-07-14 17:00 - 2019-06-07 06:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-07-14 17:00 - 2019-06-07 06:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-07-14 17:00 - 2019-06-07 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-07-14 17:00 - 2019-06-07 06:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-07-14 17:00 - 2019-06-07 06:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-07-14 17:00 - 2019-06-07 06:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-07-14 17:00 - 2019-06-07 06:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-07-14 17:00 - 2019-06-07 06:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-14 17:00 - 2019-06-07 06:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-07-14 17:00 - 2019-06-07 06:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-14 17:00 - 2019-06-07 06:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-07-14 17:00 - 2019-06-07 06:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-07-14 17:00 - 2019-06-07 06:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-07-14 17:00 - 2019-06-07 06:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-07-14 17:00 - 2019-05-18 23:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-07-14 17:00 - 2019-05-18 23:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-07-14 17:00 - 2019-05-18 23:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-07-14 17:00 - 2019-05-17 13:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-07-14 17:00 - 2019-05-17 13:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-07-14 17:00 - 2019-05-17 13:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-07-14 17:00 - 2019-05-17 13:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-07-14 17:00 - 2019-05-17 13:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-07-14 17:00 - 2019-05-17 13:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-07-14 17:00 - 2019-05-17 13:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-07-14 17:00 - 2019-05-17 13:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-07-14 17:00 - 2019-05-17 13:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-07-14 17:00 - 2019-05-17 13:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-14 17:00 - 2019-05-17 13:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-07-14 17:00 - 2019-05-17 13:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-07-14 17:00 - 2019-05-17 12:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-07-14 17:00 - 2019-05-17 12:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-07-14 17:00 - 2019-05-17 12:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-07-14 17:00 - 2019-05-17 12:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-07-14 17:00 - 2019-05-17 12:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-07-14 17:00 - 2019-05-17 12:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-14 17:00 - 2019-05-17 12:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-07-14 17:00 - 2019-05-17 10:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-07-14 17:00 - 2019-05-17 09:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-07-14 17:00 - 2019-05-17 08:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-07-14 17:00 - 2019-05-17 07:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-07-14 17:00 - 2019-05-17 07:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-07-14 17:00 - 2019-05-17 07:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-07-14 17:00 - 2019-05-17 07:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-07-14 17:00 - 2019-05-17 07:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-07-14 17:00 - 2019-05-17 07:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-07-14 17:00 - 2019-05-17 07:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-07-14 17:00 - 2019-05-17 07:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-07-14 17:00 - 2019-05-17 07:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-07-14 17:00 - 2019-05-17 07:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-07-14 17:00 - 2019-05-17 07:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-07-14 17:00 - 2019-05-17 07:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-14 17:00 - 2019-05-17 07:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-07-14 17:00 - 2019-05-17 07:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-07-14 17:00 - 2019-05-17 07:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-07-14 17:00 - 2019-05-17 07:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-07-14 17:00 - 2019-05-17 07:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-07-14 17:00 - 2019-05-17 06:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-07-14 17:00 - 2019-05-17 06:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-14 17:00 - 2019-05-17 06:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-07-14 17:00 - 2019-05-17 06:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-07-14 17:00 - 2019-05-17 06:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-07-14 17:00 - 2019-05-17 06:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-07-14 17:00 - 2019-05-17 06:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-07-14 17:00 - 2019-05-17 06:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-07-14 17:00 - 2019-05-17 06:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-07-14 17:00 - 2019-05-17 06:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-07-14 17:00 - 2019-05-17 06:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-07-14 17:00 - 2019-05-17 06:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-07-14 17:00 - 2019-05-17 06:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-14 17:00 - 2019-05-17 06:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-07-14 17:00 - 2019-05-17 06:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-07-14 16:49 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Evidence.avi
2019-07-14 16:17 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Itdoesnt work.avi
2019-07-14 16:15 - 2019-02-13 06:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-07-14 16:00 - 2019-07-14 16:00 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5 (1).exe
2019-07-14 15:58 - 2019-07-23 16:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2019-07-14 15:51 - 2019-07-15 12:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-07-14 15:51 - 2019-07-14 15:51 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-07-14 15:28 - 2019-07-22 18:43 - 000000000 ____D C:\Users\astra\AppData\Roaming\NCH Software
2019-07-14 15:28 - 2019-07-22 18:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\ProgramData\NCH Software
2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\Program Files (x86)\NCH Software
2019-07-14 15:28 - 2019-07-14 15:28 - 000001317 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2019-07-14 15:28 - 2019-07-14 15:28 - 000001203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
2019-07-14 15:28 - 2019-07-14 15:28 - 000001191 _____ C:\Users\Public\Desktop\Debut Video Capture Software.lnk
2019-07-14 15:27 - 2019-07-14 15:27 - 002421848 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftwareFree.exe
2019-07-14 15:26 - 2019-07-14 15:26 - 002422872 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftware.exe
2019-07-14 15:24 - 2019-07-14 15:24 - 055488424 _____ (Apowersoft LIMITED ) C:\Users\astra\Downloads\apowerrec-135.exe
2019-07-14 15:22 - 2019-07-14 15:22 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5.exe
2019-07-14 15:18 - 2019-07-14 15:19 - 069823400 _____ (obsproject.com) C:\Users\astra\Downloads\OBS-Studio-23.2.1-Full-Installer-x64.exe
2019-07-13 19:31 - 2019-07-13 19:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-07-13 15:41 - 2019-07-15 13:40 - 000000000 ___RD C:\Users\astra\Dropbox
2019-07-13 15:41 - 2019-07-13 15:41 - 000001307 _____ C:\Users\astra\Desktop\Dropbox.lnk
2019-07-13 15:33 - 2019-07-13 15:33 - 000000000 ____D C:\Users\astra\AppData\Roaming\Dropbox
2019-07-13 15:32 - 2019-07-22 18:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-07-13 15:32 - 2019-07-13 17:06 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-07-13 15:32 - 2019-07-13 17:06 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-07-13 15:32 - 2019-07-13 15:41 - 000000000 ____D C:\Users\astra\AppData\Local\Dropbox
2019-07-13 15:32 - 2019-07-13 15:32 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller (1).exe
2019-07-13 15:32 - 2019-07-13 15:32 - 000003984 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-07-13 15:32 - 2019-07-13 15:32 - 000003752 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-07-13 15:32 - 2019-07-13 15:32 - 000000000 ____D C:\ProgramData\Dropbox
2019-07-13 15:25 - 2019-07-13 15:25 - 000000000 ____D C:\Program Files\UNP
2019-07-13 15:11 - 2019-07-13 15:11 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller.exe
2019-07-13 15:09 - 2019-07-13 15:09 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-23 16:46 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-23 16:42 - 2017-08-11 00:18 - 000000000 ____D C:\Users\astra\AppData\Local\Host App Service
2019-07-23 16:41 - 2018-08-10 03:36 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-23 16:41 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-23 16:38 - 2018-08-10 03:44 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
2019-07-23 16:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-23 16:37 - 2017-08-11 00:21 - 000000000 __SHD C:\Users\astra\IntelGraphicsProfiles
2019-07-23 16:36 - 2019-06-03 01:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-23 16:35 - 2018-08-10 03:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-23 16:34 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-23 16:33 - 2018-04-11 22:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2019-07-23 16:31 - 2018-08-10 03:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-23 06:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-07-22 18:58 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-22 18:45 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-16 22:55 - 2019-06-03 01:36 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-07-16 22:55 - 2019-06-03 01:36 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-07-16 22:49 - 2017-08-12 15:34 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-16 22:49 - 2017-08-12 15:34 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-16 22:46 - 2017-08-11 00:26 - 000000000 ____D C:\Users\astra\AppData\Local\CrashDumps
2019-07-15 16:17 - 2018-08-10 03:25 - 000000000 ____D C:\Users\astra
2019-07-15 15:42 - 2017-08-11 03:03 - 002033568 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-07-15 13:05 - 2019-04-27 20:35 - 000000000 ____D C:\Program Files\Common Files\AV
2019-07-15 12:24 - 2019-03-02 18:53 - 000000000 ____D C:\Users\astra\AppData\Local\D3DSCache
2019-07-15 12:22 - 2018-10-17 23:39 - 000000000 ___RD C:\Users\astra\3D Objects
2019-07-15 12:22 - 2017-01-06 00:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-15 12:19 - 2018-08-10 03:19 - 005061952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-15 12:18 - 2019-04-27 19:29 - 000002412 _____ C:\Users\Public\Desktop\Norton Security.lnk
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-15 12:12 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-14 16:59 - 2017-08-12 12:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-14 16:33 - 2017-08-12 12:01 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-14 16:05 - 2018-01-26 09:32 - 000000000 ____D C:\Program Files\rempl
2019-07-14 15:52 - 2019-04-27 19:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2019-07-14 15:39 - 2018-10-18 01:27 - 000000000 ____D C:\ProgramData\Adobe
2019-07-14 15:15 - 2018-10-18 01:26 - 000000000 ____D C:\Users\astra\AppData\Local\Adobe
2019-07-14 15:14 - 2017-08-11 00:21 - 000000000 ____D C:\Users\astra\AppData\Roaming\Adobe
2019-07-13 17:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ELAMBKUP
2019-07-13 15:16 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-07-13 15:07 - 2017-01-06 00:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-13 14:44 - 2018-08-10 03:44 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1801165484-3255497710-3470013671-1002
2019-07-13 14:44 - 2018-08-10 03:25 - 000002371 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-13 14:44 - 2017-08-11 00:24 - 000000000 ___RD C:\Users\astra\OneDrive

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

 

 

Addition|:
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by astra (23-07-2019 16:50:07)
Running from C:\Users\astra\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-08-10 02:46:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1801165484-3255497710-3470013671-500 - Administrator - Disabled)
astra (S-1-5-21-1801165484-3255497710-3470013671-1002 - Administrator - Enabled) => C:\Users\astra
DefaultAccount (S-1-5-21-1801165484-3255497710-3470013671-503 - Limited - Disabled)
Guest (S-1-5-21-1801165484-3255497710-3470013671-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1801165484-3255497710-3470013671-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3008 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Adobe Connect (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Adobe Connect App) (Version: 11.9.982.478 - Adobe Systems Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Host App Service) (Version: 0.273.3.484 - SweetLabs) <==== ATTENTION
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.49 - NCH Software)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3019 - Acer Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 77.4.131 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
ELAN HIDI2C Filter Driver X64 13.6.7.2_WHQL (HKLM\...\Elantech) (Version: 13.6.7.2 - ELAN Microelectronic Corp.)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 7.10 - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3A55D9C8-17B6-41F9-B9C2-4B1532DCD016}) (Version: 19.10.1635.0483 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed5cef80-a339-45bd-8c06-514eaf785ca8}) (Version: 19.71.0 - Intel Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
Norton Security (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Pentablet version 1.5.2.180829 (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 1.5.2.180829 - UGEE Technology Co.,Ltd)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 7.22 - NCH Software)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )

Packages:
=========
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-26] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-03] (Autodesk Inc.)
Booking.com -> C:\Program Files\WindowsApps\Booking.com_1.0.1606.2210_x64__96rgg7pjt343r [2017-01-06] (CN=Acer Incorporated)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-22] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-13] (king.com)
eBay -> C:\Program Files\WindowsApps\eBay_1.0.1606.2210_x64__96rgg7pjt343r [2017-01-06] (CN=Acer Incorporated)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-08-12] (AMZN Mobile LLC)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.1.0.6_x86__h6adky7gbf63m [2019-07-13] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-08-12] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-07-13] (Netflix, Inc.)
Norton Password Manager -> C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13] (Symantec Corporation)
Norton Safe Web -> C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26] (Symantec Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-10-18] (Twitter Inc.)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.76.0_x64__qt5r5pa5dyg8m [2019-07-13] (WildTangent Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1801165484-3255497710-3470013671-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\astra\Dropbox [2019-07-13 15:41]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxDTCM.dll [2018-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-10-26 18:15 - 2018-10-26 18:16 - 008034816 _____ () [File not signed] C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4\AcerCollection.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\astra\AppData\Local:fgLWSWvcNK90pVbNiuttcfY [2158]
AlternateDataStreams: C:\Users\astra\AppData\Local\6Xrb7BuFYhaI:6cAhTWwnId6ZmRcDBKN9ftXRfR [1988]
AlternateDataStreams: C:\Users\astra\AppData\Local\Temp:SRXsx872vxEMxDomUb [2152]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2019-04-27 19:22 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E5F7562B-8087-408D-BB92-FE85EAE24E06}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [{1CED9AF7-C2E4-4601-9F53-0D4A15D79526}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FCD7CA6-3EC3-4577-92C6-D62DF955E70A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2EAF120-A536-47AE-980D-EF2F8EA7BD08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{838AA21F-0809-4986-AD7A-2800780F07DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{29AB0F8B-66D4-4861-A599-D15A96774C1A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9F7B2182-4AD3-4CEF-87C9-9BA0940FD01E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{204B5F4D-1EF6-4678-A02B-5FCBE25E2DDD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{14B95CFD-0740-469F-9B61-52C1A692DF74}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{4B353FE0-2A63-48A1-96D5-465EF3CA5B31}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{DC36C9C9-C11B-43B8-9ED3-30347F18C419}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1E303C68-A431-4E0C-80B8-3FA642A19F5D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{2C9F3EF0-87ED-4525-9AE2-207182083A0A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{3ED16D29-665C-4147-8DD8-8DEAD8F9AEF3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{98B55E2D-4153-4DDB-A2BA-8919843ABB84}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{99C30625-10D2-4F6B-BBE8-91CFE7B92870}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{CB2D87E8-9BD0-4F41-944E-B122536C42C6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{1CDC0D08-EA3D-4177-AE6F-D3C83EA126E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A3323F7-E225-4DCE-8263-99C7EB92186F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F22EAC21-9A04-4333-A9FB-43688D470A57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{84A4FE6C-C5DF-4AA6-99AB-B01C079C62AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F4881749-9682-4F05-BE05-0F0C5D6A3382}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{0E06B349-AF00-4A12-B7C4-ABCA920C0E77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{637E078F-3C4D-4EF5-A713-7B007747D38A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

14-07-2019 16:02:52 Windows Update
22-07-2019 18:39:46 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2019 04:46:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x015b2b90
Faulting process ID: 0x21a8
Faulting application start time: 0x01d5416ce70e395a
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: 58aecf20-407d-42c2-b1ff-3bd260b9d60f
Faulting package full name: 
Faulting package-relative application ID:

Error: (07/23/2019 04:46:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Amundsen.LSM.Load()
   at Amundsen.Program.TimeIntervalElapsed(Boolean)
   at Amundsen.Program.Main(System.String[])

Error: (07/23/2019 04:43:13 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (07/23/2019 04:43:13 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (07/23/2019 04:43:13 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (07/23/2019 04:43:13 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (07/23/2019 04:42:54 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (07/23/2019 07:58:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1907


System errors:
=============
Error: (07/23/2019 04:43:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 04:41:46 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 04:41:21 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 04:40:47 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 04:40:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service did not respond on starting.

Error: (07/23/2019 04:39:38 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 04:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (07/23/2019 04:37:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0 service to connect.


Windows Defender:
===================================
Date: 2018-10-18 01:39:46.496
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.277.1243.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.06 11/02/2016
Motherboard: Acer T-Rex_SK
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 48%
Total physical RAM: 8060.22 MB
Available physical RAM: 4142.19 MB
Total Virtual: 9340.22 MB
Available Virtual: 5140.95 MB

==================== Drives ================================

Drive 😄 (Acer) (Fixed) (Total:481.18 GB) (Free:405.7 GB) NTFS
Drive e: (Work) (Fixed) (Total:449.22 GB) (Free:421.28 GB) NTFS

\\?\Volume{032d40ac-eca6-4db7-bcdb-a36256b5a3e4}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.57 GB) NTFS
\\?\Volume{1f5023ca-1e9d-40b1-808a-26b415179399}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4D3D691C)

Partition: GPT.

==================== End of Addition.txt ============================

 

 

Благодаря 
 

 

 

 


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

".............
Drive 😄 (Acer) (Fixed) (Total:481.18 GB) (Free:405.7 GB) NTFS
........................"
 

Drive С: (Acer)   е толкова весел....ха ха 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! Дневникът FRST не е пълен ..Явно при копирането нещо се е случило ...Може ли отново да го публикувате...!!!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

РАзбира се....
 

 


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2247272 2018-08-29] (Guangzhou Ugee Computers Technology Co.,Ltd -> UGEE)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662 (the data entry has 44 more characters).
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [GoogleChromeAutoLaunch_FE4A4543431CDBB1D3752425BDF66A5F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-07-13] (Google LLC -> Google LLC)
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [AdobeBridge] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-08-12]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {014A4B1E-EB87-43CD-8771-3D54DF1E2FEF} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {04B91F18-5149-4C16-B37F-AB0B2B61BDF7} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-24] (Acer Incorporated -> )
Task: {0AB39C25-0879-435E-9F0F-5D56E3A138C4} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {0BD26A45-9552-4CC9-B6F7-DBFB1D6F6ABA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {1B7FAFCC-7B6C-4338-8C9A-36FBEFB2E11B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {21EFCF0F-D7E5-415F-9D4C-47811C875F5A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {27B37B28-F56A-4EC4-8297-EC519F12A84C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AAC5FDF-0122-469F-B5CF-02097774795A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {33C5F447-1E0B-48CC-88EA-1F13A16474A0} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {34910470-5ED1-48D2-A019-697167083F92} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [422704 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {3F3B38E4-F290-45BE-A984-8A7A27EEC9D0} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {48835C3F-DCD3-49EA-BF10-F84338580BF6} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated)
Task: {4BC6FF17-0170-4310-B3AF-37D5718078CE} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {4C850587-5334-4490-9BF5-5917C734163C} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {71BC7D34-AB7B-4A79-890D-F579C988584B} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {7A1114B3-BE7A-403E-9DE8-749333A208BE} - System32\Tasks\App Explorer => C:\Users\astra\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7241384 2019-05-22] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {8312D9D7-3701-433B-A083-10A6A2B7E5A9} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767152 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {88737B2D-E0DB-4ED7-BED9-00F6AF0B0BBF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {903FA2A0-D83F-43EE-8D86-B52A8EDF1AE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.)
Task: {A51114AA-9E48-4A0C-9D7F-956D10D153D5} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {A84FECC7-DBF5-4F97-B26B-10048D49DBE1} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {B2FD0A1B-C8D5-4EEC-9842-89EF760AAD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6D8FF7B-4BB1-48D2-935C-29B1348A05D5} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {D0A73DEB-437E-4129-A07C-0FA3925E82C9} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {D5092C74-28AB-425D-826B-9BC89BEEECF1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-12] (Acer Incorporated -> TODO: <Company name>)
Task: {D5F1D5F9-4EE8-4236-8816-BF4694DBBCC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.)
Task: {D6CAC0E2-774D-4065-A6A1-E2FEAD14E3C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5BD174C-13E0-4098-AB2D-264116D13CCF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504384 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {E743DBFC-E3E8-419E-ADF6-ADC2E84D97B3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5EB49F8-E72F-4AD4-B3F0-DE08F1B75DDA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{80bff6ca-ac63-49b4-b1c6-ad2f0eef04e7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge Extension: (Norton Password Manager) -> EdgeExtension_SymantecCorporation5478111E43ACF_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13]
Edge Extension: (Norton Safe Web) -> EdgeExtension_SymantecCorporationNortonSafeWeb_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26]

FireFox:
========
FF DefaultProfile: lrtt3h84.default
FF ProfilePath: C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default [2019-03-02]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\abb-acer@amazon.com [2017-08-12] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\langpack-en-US@firefox.mozilla.org [2017-08-12] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\partnerdefaults@mozilla.com [2017-08-12] [Legacy]
FF Extension: (Youtube Unblocker Remediation) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\features\{1bc4a344-5d8d-4fd1-97c6-f8c6065e34ec}\malware-remediation@mozilla.org.xpi [2017-08-12] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-01-06] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2017-01-06] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2017-01-06] [Legacy]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/","hxxp://google.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html"
CHR Profile: C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default [2019-07-23]
CHR Extension: (Norton Password Manager) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2019-07-13]
CHR Extension: (Flash Video Downloader) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-06-03]
CHR Extension: (Docs) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-29]
CHR Extension: (Google Drive) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-12]
CHR Extension: (YouTube) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-12]
CHR Extension: (Norton Safe Search) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2019-04-27]
CHR Extension: (Norton Safe Web) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2019-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-18]
CHR Extension: (Grammarly for Chrome) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-07-23]
CHR Extension: (Norton Home Page) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2019-04-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-21]
CHR Extension: (Gmail) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-26]
CHR Extension: (Chrome Media Router) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [181512 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [799928 2018-10-18] (ICEpower a/s -> ICEpower)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe [933200 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated -> Acer Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11969880 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3755176 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\BASHDefs\20190716.001\BHDrvx64.sys [1935880 2019-06-14] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\ccSetx64.sys [192704 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2019-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-07-12] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-07-13] (Symantec Corporation -> Symantec Corporation)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [172304 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\IPSDefs\20190722.061\IDSvia64.sys [1441800 2019-07-12] (Symantec Corporation -> Symantec Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7643648 2017-07-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-19] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSP64.SYS [864776 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSPX64.SYS [49672 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SYMEFASI64.SYS [1998552 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SymELAM.sys [25744 2019-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-27] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.0.183\SymPlatform\SymEvnt.sys [717832 2019-07-16] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\Ironx64.SYS [315912 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\symnets.sys [573448 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-09] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\wpCtrlDrv.sys [1012120 2019-06-20] (Symantec Corporation -> Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-23 16:42 - 2019-07-23 16:47 - 000023230 _____ C:\Users\astra\Desktop\FRST.txt
2019-07-22 19:34 - 2019-07-23 16:39 - 000000000 ____D C:\FRST
2019-07-22 19:20 - 2019-07-22 19:20 - 002095104 _____ (Farbar) C:\Users\astra\Desktop\FRST64.exe
2019-07-22 19:14 - 2019-07-22 19:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-07-22 18:47 - 2019-07-22 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-07-16 22:25 - 2019-07-16 22:25 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2019-07-15 15:41 - 2019-07-15 15:41 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-07-15 12:51 - 2019-07-15 12:43 - 027886358 _____ C:\Users\astra\Desktop\Evidence_2.avi
2019-07-15 12:51 - 2019-07-15 11:42 - 010416140 _____ C:\Users\astra\Desktop\Evidence_1.avi
2019-07-15 11:54 - 2019-07-15 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2019-07-15 11:52 - 2019-07-15 11:53 - 000001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk
2019-07-15 11:52 - 2019-07-15 11:53 - 000001271 _____ C:\Users\Public\Desktop\Express Burn Disc Burning Software.lnk
2019-07-15 11:52 - 2019-07-15 11:52 - 000002381 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2019-07-15 11:52 - 2019-07-15 11:52 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2019-07-15 11:47 - 2019-07-15 11:47 - 000001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2019-07-15 11:47 - 2019-07-15 11:47 - 000001215 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2019-07-15 11:42 - 2019-07-15 11:50 - 402587648 _____ C:\Users\astra\Downloads\Adobe-Master-Collection-CS6-Windows.iso
2019-07-15 11:38 - 2019-07-15 11:38 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1 (1).exe
2019-07-15 11:38 - 2019-07-15 11:38 - 000000000 ____D C:\Program Files (x86)\WinCDEmu
2019-07-15 11:37 - 2019-07-15 11:37 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1.exe
2019-07-15 11:34 - 2019-07-15 11:34 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2019-07-15 11:33 - 2019-07-15 11:33 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2019-07-15 11:26 - 2019-07-15 11:26 - 000791712 _____ (Disc Soft Ltd.) C:\Users\astra\Downloads\DTLiteInstaller.exe
2019-07-14 17:02 - 2019-07-04 10:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-14 17:02 - 2019-07-04 05:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-14 17:02 - 2019-07-04 05:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-14 17:02 - 2019-07-04 05:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-14 17:02 - 2019-07-04 05:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-14 17:02 - 2019-07-04 05:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-14 17:02 - 2019-05-17 07:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-07-14 17:02 - 2019-05-17 06:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-07-14 17:01 - 2019-07-04 10:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-14 17:01 - 2019-07-04 10:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-14 17:01 - 2019-07-04 10:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-14 17:01 - 2019-07-04 10:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-14 17:01 - 2019-07-04 10:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-14 17:01 - 2019-07-04 09:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-14 17:01 - 2019-07-04 09:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-14 17:01 - 2019-07-04 09:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-14 17:01 - 2019-07-04 09:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-14 17:01 - 2019-07-04 09:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-14 17:01 - 2019-07-04 06:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-14 17:01 - 2019-07-04 05:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-14 17:01 - 2019-07-04 05:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-14 17:01 - 2019-07-04 05:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-14 17:01 - 2019-07-04 05:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-14 17:01 - 2019-07-04 05:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-14 17:01 - 2019-07-04 05:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-14 17:01 - 2019-07-04 05:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-14 17:01 - 2019-07-04 05:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-14 17:01 - 2019-07-04 05:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-14 17:01 - 2019-07-04 05:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-14 17:01 - 2019-07-04 05:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-14 17:01 - 2019-07-04 05:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-14 17:01 - 2019-07-04 05:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-14 17:01 - 2019-07-04 05:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-14 17:01 - 2019-07-04 05:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-14 17:01 - 2019-07-04 05:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-14 17:01 - 2019-07-04 05:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-14 17:01 - 2019-07-04 05:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-14 17:01 - 2019-07-04 05:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-14 17:01 - 2019-07-04 05:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-14 17:01 - 2019-07-04 05:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-14 17:01 - 2019-07-04 05:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-14 17:01 - 2019-07-04 05:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-14 17:01 - 2019-07-04 05:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-14 17:01 - 2019-07-04 05:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-14 17:01 - 2019-07-04 05:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-14 17:01 - 2019-07-04 05:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-14 17:01 - 2019-06-13 13:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-14 17:01 - 2019-06-13 13:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-14 17:01 - 2019-06-13 13:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-14 17:01 - 2019-06-13 13:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-14 17:01 - 2019-06-13 13:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-14 17:01 - 2019-06-13 12:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-14 17:01 - 2019-06-13 12:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-14 17:01 - 2019-06-13 12:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-14 17:01 - 2019-06-13 12:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-14 17:01 - 2019-06-13 12:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-14 17:01 - 2019-06-13 12:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-14 17:01 - 2019-06-13 12:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-14 17:01 - 2019-06-13 12:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-14 17:01 - 2019-06-13 12:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-14 17:01 - 2019-06-13 12:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-14 17:01 - 2019-06-13 12:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-14 17:01 - 2019-06-13 12:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-14 17:01 - 2019-06-13 12:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-14 17:01 - 2019-06-13 12:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-14 17:01 - 2019-06-13 12:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-14 17:01 - 2019-06-13 12:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-14 17:01 - 2019-06-13 12:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-14 17:01 - 2019-06-13 12:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-14 17:01 - 2019-06-13 12:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-14 17:01 - 2019-06-13 12:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-14 17:01 - 2019-06-13 11:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-14 17:01 - 2019-06-13 11:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-14 17:01 - 2019-06-13 10:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-14 17:01 - 2019-06-13 10:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-14 17:01 - 2019-06-13 10:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-14 17:01 - 2019-06-13 08:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-14 17:01 - 2019-06-13 08:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-14 17:01 - 2019-06-13 08:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-14 17:01 - 2019-06-13 07:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-14 17:01 - 2019-06-13 07:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-14 17:01 - 2019-06-13 07:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-14 17:01 - 2019-06-13 07:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-14 17:01 - 2019-06-13 07:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-14 17:01 - 2019-06-13 07:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-14 17:01 - 2019-06-13 07:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-14 17:01 - 2019-06-13 07:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-14 17:01 - 2019-06-13 07:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-14 17:01 - 2019-06-13 07:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-14 17:01 - 2019-06-13 07:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-14 17:01 - 2019-06-13 07:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-14 17:01 - 2019-06-13 07:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-14 17:01 - 2019-06-13 07:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-14 17:01 - 2019-06-13 07:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-14 17:01 - 2019-06-13 07:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-14 17:01 - 2019-06-13 07:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-14 17:01 - 2019-06-13 06:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-14 17:01 - 2019-06-13 06:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-14 17:01 - 2019-06-13 06:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-14 17:01 - 2019-06-13 05:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-14 17:01 - 2019-06-13 05:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-14 17:01 - 2019-06-13 05:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-14 17:01 - 2019-06-13 05:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-14 17:01 - 2019-06-07 11:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-07-14 17:01 - 2019-06-07 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-07-14 17:01 - 2019-06-07 11:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-07-14 17:01 - 2019-06-07 06:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-07-14 17:01 - 2019-06-07 06:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-14 17:01 - 2019-06-07 06:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-07-14 17:01 - 2019-06-07 06:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-07-14 17:01 - 2019-06-07 06:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-07-14 17:01 - 2019-06-07 06:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-07-14 17:01 - 2019-06-07 06:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-07-14 17:01 - 2019-06-07 06:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-14 17:01 - 2019-06-07 06:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-14 17:01 - 2019-06-07 06:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-07-14 17:01 - 2019-06-07 06:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-07-14 17:01 - 2019-05-18 23:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-07-14 17:01 - 2019-05-17 13:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-07-14 17:01 - 2019-05-17 13:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-07-14 17:01 - 2019-05-17 13:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-07-14 17:01 - 2019-05-17 13:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-07-14 17:01 - 2019-05-17 12:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-07-14 17:01 - 2019-05-17 07:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-07-14 17:01 - 2019-05-17 07:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-14 17:01 - 2019-05-17 07:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-14 17:01 - 2019-05-17 07:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-14 17:01 - 2019-05-17 07:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-07-14 17:01 - 2019-05-17 07:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-07-14 17:01 - 2019-05-17 07:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-07-14 17:01 - 2019-05-17 07:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-07-14 17:01 - 2019-05-17 07:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-07-14 17:01 - 2019-05-17 07:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-07-14 17:01 - 2019-05-17 07:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-14 17:01 - 2019-05-17 07:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-07-14 17:01 - 2019-05-17 06:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-14 17:01 - 2019-05-17 06:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-14 17:01 - 2019-05-17 06:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-07-14 17:01 - 2019-05-17 06:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-07-14 17:01 - 2019-05-17 06:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-07-14 17:01 - 2019-05-17 06:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-07-14 17:01 - 2019-05-17 06:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-14 17:01 - 2019-05-17 06:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-07-14 17:00 - 2019-07-04 10:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-14 17:00 - 2019-07-04 10:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-14 17:00 - 2019-07-04 10:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-14 17:00 - 2019-07-04 10:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-14 17:00 - 2019-07-04 10:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-14 17:00 - 2019-07-04 10:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-14 17:00 - 2019-07-04 09:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-14 17:00 - 2019-07-04 05:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-14 17:00 - 2019-07-04 05:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-14 17:00 - 2019-07-04 05:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-14 17:00 - 2019-07-04 05:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-14 17:00 - 2019-07-04 05:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-14 17:00 - 2019-07-04 05:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-14 17:00 - 2019-07-04 05:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-14 17:00 - 2019-07-04 05:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-14 17:00 - 2019-07-04 05:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-14 17:00 - 2019-07-04 05:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-14 17:00 - 2019-07-04 05:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-14 17:00 - 2019-07-04 05:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-14 17:00 - 2019-07-04 05:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-14 17:00 - 2019-07-04 05:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-14 17:00 - 2019-07-04 05:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-14 17:00 - 2019-07-04 05:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-14 17:00 - 2019-07-04 05:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-14 17:00 - 2019-07-04 05:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-14 17:00 - 2019-07-04 05:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-14 17:00 - 2019-07-04 05:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-14 17:00 - 2019-07-04 05:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-14 17:00 - 2019-07-04 05:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-14 17:00 - 2019-07-04 05:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-14 17:00 - 2019-07-04 05:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-14 17:00 - 2019-07-04 05:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-14 17:00 - 2019-07-04 05:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-14 17:00 - 2019-07-04 05:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-14 17:00 - 2019-07-04 05:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-14 17:00 - 2019-07-04 05:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-14 17:00 - 2019-07-04 04:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-14 17:00 - 2019-06-21 09:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-14 17:00 - 2019-06-13 12:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-14 17:00 - 2019-06-13 12:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-14 17:00 - 2019-06-13 12:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-14 17:00 - 2019-06-13 12:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-14 17:00 - 2019-06-13 12:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-14 17:00 - 2019-06-13 12:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-14 17:00 - 2019-06-13 12:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-14 17:00 - 2019-06-13 12:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-14 17:00 - 2019-06-13 12:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-14 17:00 - 2019-06-13 12:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-14 17:00 - 2019-06-13 12:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-14 17:00 - 2019-06-13 12:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-14 17:00 - 2019-06-13 12:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-14 17:00 - 2019-06-13 12:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-14 17:00 - 2019-06-13 12:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-14 17:00 - 2019-06-13 11:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-14 17:00 - 2019-06-13 11:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-14 17:00 - 2019-06-13 10:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-14 17:00 - 2019-06-13 10:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-14 17:00 - 2019-06-13 10:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-14 17:00 - 2019-06-13 10:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-14 17:00 - 2019-06-13 10:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-14 17:00 - 2019-06-13 08:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-14 17:00 - 2019-06-13 08:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-14 17:00 - 2019-06-13 07:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-14 17:00 - 2019-06-13 07:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-14 17:00 - 2019-06-13 07:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-14 17:00 - 2019-06-13 07:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-14 17:00 - 2019-06-13 07:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-14 17:00 - 2019-06-13 07:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-14 17:00 - 2019-06-13 07:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-14 17:00 - 2019-06-13 07:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-14 17:00 - 2019-06-13 07:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-14 17:00 - 2019-06-13 07:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-14 17:00 - 2019-06-13 07:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-14 17:00 - 2019-06-13 07:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-14 17:00 - 2019-06-13 07:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-14 17:00 - 2019-06-13 07:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-14 17:00 - 2019-06-13 07:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-14 17:00 - 2019-06-13 07:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-14 17:00 - 2019-06-13 07:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-14 17:00 - 2019-06-13 07:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-14 17:00 - 2019-06-13 07:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-14 17:00 - 2019-06-13 07:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-14 17:00 - 2019-06-13 06:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-14 17:00 - 2019-06-13 06:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-14 17:00 - 2019-06-13 06:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-14 17:00 - 2019-06-13 06:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-14 17:00 - 2019-06-13 05:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-14 17:00 - 2019-06-13 05:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-14 17:00 - 2019-06-13 05:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-14 17:00 - 2019-06-13 05:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-14 17:00 - 2019-06-13 05:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-14 17:00 - 2019-06-13 05:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-14 17:00 - 2019-06-13 05:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-14 17:00 - 2019-06-13 05:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 05:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-14 17:00 - 2019-06-07 11:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-07-14 17:00 - 2019-06-07 11:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-14 17:00 - 2019-06-07 11:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-14 17:00 - 2019-06-07 07:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-07-14 17:00 - 2019-06-07 06:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-07-14 17:00 - 2019-06-07 06:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-07-14 17:00 - 2019-06-07 06:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-07-14 17:00 - 2019-06-07 06:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-07-14 17:00 - 2019-06-07 06:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-07-14 17:00 - 2019-06-07 06:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-07-14 17:00 - 2019-06-07 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-07-14 17:00 - 2019-06-07 06:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-07-14 17:00 - 2019-06-07 06:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-07-14 17:00 - 2019-06-07 06:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-07-14 17:00 - 2019-06-07 06:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-07-14 17:00 - 2019-06-07 06:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-14 17:00 - 2019-06-07 06:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-07-14 17:00 - 2019-06-07 06:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-14 17:00 - 2019-06-07 06:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-07-14 17:00 - 2019-06-07 06:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-07-14 17:00 - 2019-06-07 06:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-07-14 17:00 - 2019-06-07 06:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-07-14 17:00 - 2019-05-18 23:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-07-14 17:00 - 2019-05-18 23:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-07-14 17:00 - 2019-05-18 23:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-07-14 17:00 - 2019-05-17 13:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-07-14 17:00 - 2019-05-17 13:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-07-14 17:00 - 2019-05-17 13:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-07-14 17:00 - 2019-05-17 13:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-07-14 17:00 - 2019-05-17 13:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-07-14 17:00 - 2019-05-17 13:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-07-14 17:00 - 2019-05-17 13:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-07-14 17:00 - 2019-05-17 13:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-07-14 17:00 - 2019-05-17 13:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-07-14 17:00 - 2019-05-17 13:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-14 17:00 - 2019-05-17 13:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-07-14 17:00 - 2019-05-17 13:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-07-14 17:00 - 2019-05-17 12:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-07-14 17:00 - 2019-05-17 12:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-07-14 17:00 - 2019-05-17 12:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-07-14 17:00 - 2019-05-17 12:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-07-14 17:00 - 2019-05-17 12:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-07-14 17:00 - 2019-05-17 12:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-14 17:00 - 2019-05-17 12:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-07-14 17:00 - 2019-05-17 10:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-07-14 17:00 - 2019-05-17 09:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-07-14 17:00 - 2019-05-17 08:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-07-14 17:00 - 2019-05-17 07:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-07-14 17:00 - 2019-05-17 07:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-07-14 17:00 - 2019-05-17 07:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-07-14 17:00 - 2019-05-17 07:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-07-14 17:00 - 2019-05-17 07:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-07-14 17:00 - 2019-05-17 07:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-07-14 17:00 - 2019-05-17 07:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-07-14 17:00 - 2019-05-17 07:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-07-14 17:00 - 2019-05-17 07:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-07-14 17:00 - 2019-05-17 07:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-07-14 17:00 - 2019-05-17 07:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-07-14 17:00 - 2019-05-17 07:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-14 17:00 - 2019-05-17 07:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-07-14 17:00 - 2019-05-17 07:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-07-14 17:00 - 2019-05-17 07:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-07-14 17:00 - 2019-05-17 07:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-07-14 17:00 - 2019-05-17 07:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-07-14 17:00 - 2019-05-17 06:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-07-14 17:00 - 2019-05-17 06:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-14 17:00 - 2019-05-17 06:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-07-14 17:00 - 2019-05-17 06:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-07-14 17:00 - 2019-05-17 06:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-07-14 17:00 - 2019-05-17 06:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-07-14 17:00 - 2019-05-17 06:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-07-14 17:00 - 2019-05-17 06:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-07-14 17:00 - 2019-05-17 06:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-07-14 17:00 - 2019-05-17 06:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-07-14 17:00 - 2019-05-17 06:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-07-14 17:00 - 2019-05-17 06:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-07-14 17:00 - 2019-05-17 06:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-14 17:00 - 2019-05-17 06:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-07-14 17:00 - 2019-05-17 06:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-07-14 16:49 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Evidence.avi
2019-07-14 16:17 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Itdoesnt work.avi
2019-07-14 16:15 - 2019-02-13 06:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-07-14 16:00 - 2019-07-14 16:00 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5 (1).exe
2019-07-14 15:58 - 2019-07-23 16:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2019-07-14 15:51 - 2019-07-15 12:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-07-14 15:51 - 2019-07-14 15:51 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-07-14 15:28 - 2019-07-22 18:43 - 000000000 ____D C:\Users\astra\AppData\Roaming\NCH Software
2019-07-14 15:28 - 2019-07-22 18:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\ProgramData\NCH Software
2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\Program Files (x86)\NCH Software
2019-07-14 15:28 - 2019-07-14 15:28 - 000001317 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2019-07-14 15:28 - 2019-07-14 15:28 - 000001203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
2019-07-14 15:28 - 2019-07-14 15:28 - 000001191 _____ C:\Users\Public\Desktop\Debut Video Capture Software.lnk
2019-07-14 15:27 - 2019-07-14 15:27 - 002421848 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftwareFree.exe
2019-07-14 15:26 - 2019-07-14 15:26 - 002422872 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftware.exe
2019-07-14 15:24 - 2019-07-14 15:24 - 055488424 _____ (Apowersoft LIMITED ) C:\Users\astra\Downloads\apowerrec-135.exe
2019-07-14 15:22 - 2019-07-14 15:22 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5.exe
2019-07-14 15:18 - 2019-07-14 15:19 - 069823400 _____ (obsproject.com) C:\Users\astra\Downloads\OBS-Studio-23.2.1-Full-Installer-x64.exe
2019-07-13 19:31 - 2019-07-13 19:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-07-13 15:41 - 2019-07-15 13:40 - 000000000 ___RD C:\Users\astra\Dropbox
2019-07-13 15:41 - 2019-07-13 15:41 - 000001307 _____ C:\Users\astra\Desktop\Dropbox.lnk
2019-07-13 15:33 - 2019-07-13 15:33 - 000000000 ____D C:\Users\astra\AppData\Roaming\Dropbox
2019-07-13 15:32 - 2019-07-22 18:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-07-13 15:32 - 2019-07-13 17:06 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-07-13 15:32 - 2019-07-13 17:06 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-07-13 15:32 - 2019-07-13 15:41 - 000000000 ____D C:\Users\astra\AppData\Local\Dropbox
2019-07-13 15:32 - 2019-07-13 15:32 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller (1).exe
2019-07-13 15:32 - 2019-07-13 15:32 - 000003984 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-07-13 15:32 - 2019-07-13 15:32 - 000003752 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-07-13 15:32 - 2019-07-13 15:32 - 000000000 ____D C:\ProgramData\Dropbox
2019-07-13 15:25 - 2019-07-13 15:25 - 000000000 ____D C:\Program Files\UNP
2019-07-13 15:11 - 2019-07-13 15:11 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller.exe
2019-07-13 15:09 - 2019-07-13 15:09 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-23 16:46 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-23 16:42 - 2017-08-11 00:18 - 000000000 ____D C:\Users\astra\AppData\Local\Host App Service
2019-07-23 16:41 - 2018-08-10 03:36 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-23 16:41 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-23 16:38 - 2018-08-10 03:44 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
2019-07-23 16:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-23 16:37 - 2017-08-11 00:21 - 000000000 __SHD C:\Users\astra\IntelGraphicsProfiles
2019-07-23 16:36 - 2019-06-03 01:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-23 16:35 - 2018-08-10 03:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-23 16:34 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-23 16:33 - 2018-04-11 22:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2019-07-23 16:31 - 2018-08-10 03:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-23 06:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-07-22 18:58 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-22 18:45 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-16 22:55 - 2019-06-03 01:36 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-07-16 22:55 - 2019-06-03 01:36 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-07-16 22:49 - 2017-08-12 15:34 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-16 22:49 - 2017-08-12 15:34 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-16 22:46 - 2017-08-11 00:26 - 000000000 ____D C:\Users\astra\AppData\Local\CrashDumps
2019-07-15 16:17 - 2018-08-10 03:25 - 000000000 ____D C:\Users\astra
2019-07-15 15:42 - 2017-08-11 03:03 - 002033568 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-07-15 13:05 - 2019-04-27 20:35 - 000000000 ____D C:\Program Files\Common Files\AV
2019-07-15 12:24 - 2019-03-02 18:53 - 000000000 ____D C:\Users\astra\AppData\Local\D3DSCache
2019-07-15 12:22 - 2018-10-17 23:39 - 000000000 ___RD C:\Users\astra\3D Objects
2019-07-15 12:22 - 2017-01-06 00:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-15 12:19 - 2018-08-10 03:19 - 005061952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-15 12:18 - 2019-04-27 19:29 - 000002412 _____ C:\Users\Public\Desktop\Norton Security.lnk
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-15 12:12 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-14 16:59 - 2017-08-12 12:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-14 16:33 - 2017-08-12 12:01 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-14 16:05 - 2018-01-26 09:32 - 000000000 ____D C:\Program Files\rempl
2019-07-14 15:52 - 2019-04-27 19:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2019-07-14 15:39 - 2018-10-18 01:27 - 000000000 ____D C:\ProgramData\Adobe
2019-07-14 15:15 - 2018-10-18 01:26 - 000000000 ____D C:\Users\astra\AppData\Local\Adobe
2019-07-14 15:14 - 2017-08-11 00:21 - 000000000 ____D C:\Users\astra\AppData\Roaming\Adobe
2019-07-13 17:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ELAMBKUP
2019-07-13 15:16 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-07-13 15:07 - 2017-01-06 00:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-13 14:44 - 2018-08-10 03:44 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1801165484-3255497710-3470013671-1002
2019-07-13 14:44 - 2018-08-10 03:25 - 000002371 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-13 14:44 - 2017-08-11 00:24 - 000000000 ___RD C:\Users\astra\OneDrive

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 

 

 

започва и свършва както оригиналния фаил - би трябвало да е пълен (този път)

да прикача ли самите файлове ако има съмнение някакво?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Анелия , за съжаление - не,не е пълен..! Над Registry (Whitelisted)  трябва да има още информация..! Ще се наложи да направим повторни сканирания ...Но преди това:

Деинсталиране на нежелани / ненужни програми:

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:
Цитат

App Explorer (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Host App Service) (Version: 0.273.3.484 - SweetLabs) <==== ATTENTION

 

След това:

Да деинсталираме вашето копие на FRST така:

i_arrow-r.gif&key=65f9fbaa716d42178fcd1e  За да премахнете правилно инструмента Farbar Recovery Scan Tool  , преименувайте изпълнимия файл FRST64.exe (или FRST.exe) в Uninstall.exe..!

image.png.9cf9e0ab76b122782aff3552f54c5829.png     =>     image.png.44f957ce25ef61c76206655a46425152.png

Стартирайте  файла Uninstall.exe. Ще бъдете уведомени, че трябва да рестартирате системата, за да изтриете инструмента ..!

image.png.abcc20b28654d54fae08e7451bb5dc3b.png

 

 

...и след това наново сканиране...Не забравяйте че трябва да го направите като администратор:

 

Сканиране с Farbar Recovery Scan

  • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
  • Стартирайте файла FRST.exe (или FRST64.exe)
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Натиснете бутона YClYkft.jpg.
  • Изчакайте търпеливо проверката да приключи.
  • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
  • Копирайте съдържанието на файла FRST.txt в следващия си пост.Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).

pfNZP4A.png&key=0a487e0a7cff89c690a32d13  Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (прикачате..) 
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Този път изглежда различно...
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by astra (administrator) on ASTRAMUR (Acer Aspire ES1-572) (23-07-2019 19:33:06)
Running from C:\Users\astra\Desktop
Loaded Profiles: astra (Available Profiles: astra)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Acer Incorporated -> ) C:\OEM\Preload\FubTool\FubTool.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Amundsen\2.1.16258\awc.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer Incorporated) C:\ProgramData\OEM\UpgradeTool\Acer Collection\UpgradeTool.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\77.4.131\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\77.4.131\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Guangzhou Ugee Computers Technology Co.,Ltd -> UGEE) C:\Program Files\Pentablet\PentabletService.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\astra\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
Failed to access process -> awc.exe
Failed to access process -> chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2247272 2018-08-29] (Guangzhou Ugee Computers Technology Co.,Ltd -> UGEE)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662 (the data entry has 44 more characters).
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [GoogleChromeAutoLaunch_FE4A4543431CDBB1D3752425BDF66A5F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-07-13] (Google LLC -> Google LLC)
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [AdobeBridge] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-08-12]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04B91F18-5149-4C16-B37F-AB0B2B61BDF7} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-24] (Acer Incorporated -> )
Task: {0AB39C25-0879-435E-9F0F-5D56E3A138C4} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {0BD26A45-9552-4CC9-B6F7-DBFB1D6F6ABA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {1B6C24D2-3D71-4206-8C47-3926823CA88A} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {1B7FAFCC-7B6C-4338-8C9A-36FBEFB2E11B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {21EFCF0F-D7E5-415F-9D4C-47811C875F5A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {27B37B28-F56A-4EC4-8297-EC519F12A84C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AAC5FDF-0122-469F-B5CF-02097774795A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {33C5F447-1E0B-48CC-88EA-1F13A16474A0} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {34910470-5ED1-48D2-A019-697167083F92} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [422704 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {3F3B38E4-F290-45BE-A984-8A7A27EEC9D0} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {48835C3F-DCD3-49EA-BF10-F84338580BF6} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated)
Task: {4BC6FF17-0170-4310-B3AF-37D5718078CE} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> )
Task: {4C850587-5334-4490-9BF5-5917C734163C} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {71BC7D34-AB7B-4A79-890D-F579C988584B} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {8312D9D7-3701-433B-A083-10A6A2B7E5A9} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767152 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {88737B2D-E0DB-4ED7-BED9-00F6AF0B0BBF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {903FA2A0-D83F-43EE-8D86-B52A8EDF1AE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.)
Task: {A51114AA-9E48-4A0C-9D7F-956D10D153D5} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {A84FECC7-DBF5-4F97-B26B-10048D49DBE1} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {B2FD0A1B-C8D5-4EEC-9842-89EF760AAD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6D8FF7B-4BB1-48D2-935C-29B1348A05D5} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated)
Task: {D0A73DEB-437E-4129-A07C-0FA3925E82C9} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {D5092C74-28AB-425D-826B-9BC89BEEECF1} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-12] (Acer Incorporated -> TODO: <Company name>)
Task: {D5F1D5F9-4EE8-4236-8816-BF4694DBBCC3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.)
Task: {D6CAC0E2-774D-4065-A6A1-E2FEAD14E3C5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5BD174C-13E0-4098-AB2D-264116D13CCF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1504384 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {E743DBFC-E3E8-419E-ADF6-ADC2E84D97B3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113616 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5EB49F8-E72F-4AD4-B3F0-DE08F1B75DDA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448512 2019-07-13] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{80bff6ca-ac63-49b4-b1c6-ad2f0eef04e7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-13] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge Extension: (Norton Password Manager) -> EdgeExtension_SymantecCorporation5478111E43ACF_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13]
Edge Extension: (Norton Safe Web) -> EdgeExtension_SymantecCorporationNortonSafeWeb_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26]

FireFox:
========
FF DefaultProfile: lrtt3h84.default
FF ProfilePath: C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default [2019-03-02]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\abb-acer@amazon.com [2017-08-12] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\langpack-en-US@firefox.mozilla.org [2017-08-12] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\Extensions\partnerdefaults@mozilla.com [2017-08-12] [Legacy]
FF Extension: (Youtube Unblocker Remediation) - C:\Users\astra\AppData\Roaming\Mozilla\Firefox\Profiles\lrtt3h84.default\features\{1bc4a344-5d8d-4fd1-97c6-f8c6065e34ec}\malware-remediation@mozilla.org.xpi [2017-08-12] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-01-06] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2017-01-06] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2017-01-06] [Legacy]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-26] (Google Inc -> Google LLC)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/","hxxp://google.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html"
CHR Profile: C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default [2019-07-23]
CHR Extension: (Norton Password Manager) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2019-07-13]
CHR Extension: (Flash Video Downloader) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2019-06-03]
CHR Extension: (Docs) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-29]
CHR Extension: (Google Drive) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-12]
CHR Extension: (YouTube) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-12]
CHR Extension: (Norton Safe Search) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2019-04-27]
CHR Extension: (Norton Safe Web) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2019-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-18]
CHR Extension: (Grammarly for Chrome) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-07-23]
CHR Extension: (Norton Home Page) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2019-04-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-21]
CHR Extension: (Gmail) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-26]
CHR Extension: (Chrome Media Router) - C:\Users\astra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-07-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-07-16] (Dropbox, Inc -> Dropbox, Inc.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [181512 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [799928 2018-10-18] (ICEpower a/s -> ICEpower)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe [933200 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated -> Acer Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11969880 2019-07-03] (TeamViewer GmbH -> TeamViewer GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-09] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3755176 2017-07-03] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\BASHDefs\20190716.001\BHDrvx64.sys [1935880 2019-06-14] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\ccSetx64.sys [192704 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2019-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-07-12] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-07-13] (Symantec Corporation -> Symantec Corporation)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [217688 2016-08-17] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [172304 2016-09-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.0.183\Definitions\IPSDefs\20190722.061\IDSvia64.sys [1441800 2019-07-12] (Symantec Corporation -> Symantec Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7643648 2017-07-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-19] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSP64.SYS [864776 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSPX64.SYS [49672 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SYMEFASI64.SYS [1998552 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SymELAM.sys [25744 2019-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-04-27] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.0.183\SymPlatform\SymEvnt.sys [717832 2019-07-16] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\Ironx64.SYS [315912 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\symnets.sys [573448 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-09] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\wpCtrlDrv.sys [1012120 2019-06-20] (Symantec Corporation -> Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-23 19:33 - 2019-07-23 19:35 - 000032449 _____ C:\Users\astra\Desktop\FRST.txt
2019-07-23 19:32 - 2019-07-23 19:33 - 000000000 ____D C:\FRST
2019-07-23 19:31 - 2019-07-23 19:31 - 002095104 _____ (Farbar) C:\Users\astra\Downloads\FRST64.exe
2019-07-23 19:31 - 2019-07-23 19:31 - 002095104 _____ (Farbar) C:\Users\astra\Desktop\FRST64.exe
2019-07-22 19:14 - 2019-07-22 19:14 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-07-22 18:47 - 2019-07-22 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-07-16 22:25 - 2019-07-16 22:25 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-07-16 22:25 - 2019-07-16 22:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2019-07-15 15:41 - 2019-07-15 15:41 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-07-15 12:51 - 2019-07-15 12:43 - 027886358 _____ C:\Users\astra\Desktop\Evidence_2.avi
2019-07-15 12:51 - 2019-07-15 11:42 - 010416140 _____ C:\Users\astra\Desktop\Evidence_1.avi
2019-07-15 11:54 - 2019-07-15 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2019-07-15 11:52 - 2019-07-15 11:53 - 000001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk
2019-07-15 11:52 - 2019-07-15 11:53 - 000001271 _____ C:\Users\Public\Desktop\Express Burn Disc Burning Software.lnk
2019-07-15 11:52 - 2019-07-15 11:52 - 000002381 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2019-07-15 11:52 - 2019-07-15 11:52 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2019-07-15 11:47 - 2019-07-15 11:47 - 000001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2019-07-15 11:47 - 2019-07-15 11:47 - 000001215 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2019-07-15 11:42 - 2019-07-15 11:50 - 402587648 _____ C:\Users\astra\Downloads\Adobe-Master-Collection-CS6-Windows.iso
2019-07-15 11:38 - 2019-07-15 11:38 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1 (1).exe
2019-07-15 11:38 - 2019-07-15 11:38 - 000000000 ____D C:\Program Files (x86)\WinCDEmu
2019-07-15 11:37 - 2019-07-15 11:37 - 001576544 _____ (Sysprogs OU) C:\Users\astra\Downloads\WinCDEmu-4.1.exe
2019-07-15 11:34 - 2019-07-15 11:34 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2019-07-15 11:33 - 2019-07-15 11:33 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2019-07-15 11:26 - 2019-07-15 11:26 - 000791712 _____ (Disc Soft Ltd.) C:\Users\astra\Downloads\DTLiteInstaller.exe
2019-07-14 17:02 - 2019-07-04 10:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-14 17:02 - 2019-07-04 05:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-14 17:02 - 2019-07-04 05:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-14 17:02 - 2019-07-04 05:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-14 17:02 - 2019-07-04 05:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-14 17:02 - 2019-07-04 05:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-14 17:02 - 2019-05-17 07:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-07-14 17:02 - 2019-05-17 06:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-07-14 17:01 - 2019-07-04 10:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-14 17:01 - 2019-07-04 10:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-14 17:01 - 2019-07-04 10:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-14 17:01 - 2019-07-04 10:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-14 17:01 - 2019-07-04 10:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-14 17:01 - 2019-07-04 09:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-14 17:01 - 2019-07-04 09:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-14 17:01 - 2019-07-04 09:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-14 17:01 - 2019-07-04 09:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-14 17:01 - 2019-07-04 09:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-14 17:01 - 2019-07-04 06:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-14 17:01 - 2019-07-04 05:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-14 17:01 - 2019-07-04 05:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-14 17:01 - 2019-07-04 05:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-14 17:01 - 2019-07-04 05:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-14 17:01 - 2019-07-04 05:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-14 17:01 - 2019-07-04 05:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-14 17:01 - 2019-07-04 05:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-14 17:01 - 2019-07-04 05:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-14 17:01 - 2019-07-04 05:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-14 17:01 - 2019-07-04 05:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-14 17:01 - 2019-07-04 05:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-14 17:01 - 2019-07-04 05:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-14 17:01 - 2019-07-04 05:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-14 17:01 - 2019-07-04 05:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-14 17:01 - 2019-07-04 05:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-14 17:01 - 2019-07-04 05:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-14 17:01 - 2019-07-04 05:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-14 17:01 - 2019-07-04 05:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-14 17:01 - 2019-07-04 05:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-14 17:01 - 2019-07-04 05:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-14 17:01 - 2019-07-04 05:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-14 17:01 - 2019-07-04 05:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-14 17:01 - 2019-07-04 05:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-14 17:01 - 2019-07-04 05:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-14 17:01 - 2019-07-04 05:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-14 17:01 - 2019-07-04 05:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-14 17:01 - 2019-07-04 05:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-14 17:01 - 2019-07-04 05:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-14 17:01 - 2019-07-04 05:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-14 17:01 - 2019-07-04 05:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-14 17:01 - 2019-07-04 05:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-14 17:01 - 2019-07-04 05:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-14 17:01 - 2019-06-13 13:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-14 17:01 - 2019-06-13 13:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-14 17:01 - 2019-06-13 13:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-14 17:01 - 2019-06-13 13:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-14 17:01 - 2019-06-13 13:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-14 17:01 - 2019-06-13 12:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-14 17:01 - 2019-06-13 12:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-14 17:01 - 2019-06-13 12:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-14 17:01 - 2019-06-13 12:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-14 17:01 - 2019-06-13 12:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-14 17:01 - 2019-06-13 12:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-14 17:01 - 2019-06-13 12:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-14 17:01 - 2019-06-13 12:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-14 17:01 - 2019-06-13 12:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-14 17:01 - 2019-06-13 12:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-14 17:01 - 2019-06-13 12:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-14 17:01 - 2019-06-13 12:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-14 17:01 - 2019-06-13 12:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-14 17:01 - 2019-06-13 12:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-14 17:01 - 2019-06-13 12:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-14 17:01 - 2019-06-13 12:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-14 17:01 - 2019-06-13 12:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-14 17:01 - 2019-06-13 12:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-14 17:01 - 2019-06-13 12:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-14 17:01 - 2019-06-13 12:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-14 17:01 - 2019-06-13 11:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-14 17:01 - 2019-06-13 11:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-14 17:01 - 2019-06-13 10:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-14 17:01 - 2019-06-13 10:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-14 17:01 - 2019-06-13 10:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-14 17:01 - 2019-06-13 08:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-14 17:01 - 2019-06-13 08:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-14 17:01 - 2019-06-13 08:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-14 17:01 - 2019-06-13 07:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-14 17:01 - 2019-06-13 07:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-14 17:01 - 2019-06-13 07:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-14 17:01 - 2019-06-13 07:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-14 17:01 - 2019-06-13 07:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-14 17:01 - 2019-06-13 07:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-14 17:01 - 2019-06-13 07:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-14 17:01 - 2019-06-13 07:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-14 17:01 - 2019-06-13 07:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-14 17:01 - 2019-06-13 07:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-14 17:01 - 2019-06-13 07:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-14 17:01 - 2019-06-13 07:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-14 17:01 - 2019-06-13 07:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-14 17:01 - 2019-06-13 07:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-14 17:01 - 2019-06-13 07:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-14 17:01 - 2019-06-13 07:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-14 17:01 - 2019-06-13 07:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-14 17:01 - 2019-06-13 07:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-14 17:01 - 2019-06-13 07:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-14 17:01 - 2019-06-13 06:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-14 17:01 - 2019-06-13 06:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-14 17:01 - 2019-06-13 06:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-14 17:01 - 2019-06-13 05:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-14 17:01 - 2019-06-13 05:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-14 17:01 - 2019-06-13 05:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-14 17:01 - 2019-06-13 05:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-14 17:01 - 2019-06-07 11:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-07-14 17:01 - 2019-06-07 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-07-14 17:01 - 2019-06-07 11:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-07-14 17:01 - 2019-06-07 06:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-07-14 17:01 - 2019-06-07 06:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-14 17:01 - 2019-06-07 06:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-07-14 17:01 - 2019-06-07 06:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-07-14 17:01 - 2019-06-07 06:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-07-14 17:01 - 2019-06-07 06:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-07-14 17:01 - 2019-06-07 06:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-07-14 17:01 - 2019-06-07 06:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-14 17:01 - 2019-06-07 06:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-14 17:01 - 2019-06-07 06:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-07-14 17:01 - 2019-06-07 06:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-07-14 17:01 - 2019-05-18 23:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-07-14 17:01 - 2019-05-17 13:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-07-14 17:01 - 2019-05-17 13:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-07-14 17:01 - 2019-05-17 13:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-07-14 17:01 - 2019-05-17 13:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-07-14 17:01 - 2019-05-17 12:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-07-14 17:01 - 2019-05-17 07:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-07-14 17:01 - 2019-05-17 07:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-07-14 17:01 - 2019-05-17 07:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-14 17:01 - 2019-05-17 07:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-14 17:01 - 2019-05-17 07:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-14 17:01 - 2019-05-17 07:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-07-14 17:01 - 2019-05-17 07:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-07-14 17:01 - 2019-05-17 07:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-07-14 17:01 - 2019-05-17 07:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-07-14 17:01 - 2019-05-17 07:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-07-14 17:01 - 2019-05-17 07:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-07-14 17:01 - 2019-05-17 07:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-07-14 17:01 - 2019-05-17 07:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-14 17:01 - 2019-05-17 07:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-07-14 17:01 - 2019-05-17 06:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-14 17:01 - 2019-05-17 06:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-14 17:01 - 2019-05-17 06:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-07-14 17:01 - 2019-05-17 06:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-07-14 17:01 - 2019-05-17 06:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-07-14 17:01 - 2019-05-17 06:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-07-14 17:01 - 2019-05-17 06:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-07-14 17:01 - 2019-05-17 06:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-14 17:01 - 2019-05-17 06:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-07-14 17:00 - 2019-07-04 10:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-14 17:00 - 2019-07-04 10:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-14 17:00 - 2019-07-04 10:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-14 17:00 - 2019-07-04 10:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-14 17:00 - 2019-07-04 10:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-14 17:00 - 2019-07-04 10:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-14 17:00 - 2019-07-04 09:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-14 17:00 - 2019-07-04 05:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-14 17:00 - 2019-07-04 05:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-14 17:00 - 2019-07-04 05:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-14 17:00 - 2019-07-04 05:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-14 17:00 - 2019-07-04 05:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-14 17:00 - 2019-07-04 05:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-14 17:00 - 2019-07-04 05:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-14 17:00 - 2019-07-04 05:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-14 17:00 - 2019-07-04 05:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-14 17:00 - 2019-07-04 05:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-14 17:00 - 2019-07-04 05:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-14 17:00 - 2019-07-04 05:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-14 17:00 - 2019-07-04 05:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-14 17:00 - 2019-07-04 05:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-14 17:00 - 2019-07-04 05:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-14 17:00 - 2019-07-04 05:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-14 17:00 - 2019-07-04 05:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-14 17:00 - 2019-07-04 05:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-14 17:00 - 2019-07-04 05:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-14 17:00 - 2019-07-04 05:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-14 17:00 - 2019-07-04 05:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-14 17:00 - 2019-07-04 05:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-14 17:00 - 2019-07-04 05:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-14 17:00 - 2019-07-04 05:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-14 17:00 - 2019-07-04 05:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-14 17:00 - 2019-07-04 05:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-14 17:00 - 2019-07-04 05:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-14 17:00 - 2019-07-04 05:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-14 17:00 - 2019-07-04 05:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-14 17:00 - 2019-07-04 05:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-14 17:00 - 2019-07-04 05:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-14 17:00 - 2019-07-04 05:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-14 17:00 - 2019-07-04 04:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-14 17:00 - 2019-06-21 09:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-14 17:00 - 2019-06-13 12:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-14 17:00 - 2019-06-13 12:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-14 17:00 - 2019-06-13 12:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-14 17:00 - 2019-06-13 12:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-14 17:00 - 2019-06-13 12:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-14 17:00 - 2019-06-13 12:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-14 17:00 - 2019-06-13 12:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-14 17:00 - 2019-06-13 12:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-14 17:00 - 2019-06-13 12:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-14 17:00 - 2019-06-13 12:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-14 17:00 - 2019-06-13 12:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-14 17:00 - 2019-06-13 12:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-14 17:00 - 2019-06-13 12:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-14 17:00 - 2019-06-13 12:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-14 17:00 - 2019-06-13 12:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-14 17:00 - 2019-06-13 11:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-14 17:00 - 2019-06-13 11:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-14 17:00 - 2019-06-13 10:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-14 17:00 - 2019-06-13 10:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-14 17:00 - 2019-06-13 10:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-14 17:00 - 2019-06-13 10:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-14 17:00 - 2019-06-13 10:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-14 17:00 - 2019-06-13 08:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-14 17:00 - 2019-06-13 08:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-14 17:00 - 2019-06-13 07:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-14 17:00 - 2019-06-13 07:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-14 17:00 - 2019-06-13 07:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-14 17:00 - 2019-06-13 07:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-14 17:00 - 2019-06-13 07:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-14 17:00 - 2019-06-13 07:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-14 17:00 - 2019-06-13 07:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-14 17:00 - 2019-06-13 07:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-14 17:00 - 2019-06-13 07:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-14 17:00 - 2019-06-13 07:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-14 17:00 - 2019-06-13 07:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-14 17:00 - 2019-06-13 07:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-14 17:00 - 2019-06-13 07:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-14 17:00 - 2019-06-13 07:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-14 17:00 - 2019-06-13 07:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-14 17:00 - 2019-06-13 07:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-14 17:00 - 2019-06-13 07:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-14 17:00 - 2019-06-13 07:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-14 17:00 - 2019-06-13 07:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 07:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-14 17:00 - 2019-06-13 07:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-14 17:00 - 2019-06-13 06:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-14 17:00 - 2019-06-13 06:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-14 17:00 - 2019-06-13 06:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-14 17:00 - 2019-06-13 06:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-14 17:00 - 2019-06-13 05:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-14 17:00 - 2019-06-13 05:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-14 17:00 - 2019-06-13 05:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-14 17:00 - 2019-06-13 05:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-14 17:00 - 2019-06-13 05:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-14 17:00 - 2019-06-13 05:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-14 17:00 - 2019-06-13 05:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-14 17:00 - 2019-06-13 05:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-14 17:00 - 2019-06-13 05:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-14 17:00 - 2019-06-13 05:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-14 17:00 - 2019-06-07 11:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-07-14 17:00 - 2019-06-07 11:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-14 17:00 - 2019-06-07 11:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-14 17:00 - 2019-06-07 07:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-07-14 17:00 - 2019-06-07 06:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-07-14 17:00 - 2019-06-07 06:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-07-14 17:00 - 2019-06-07 06:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-07-14 17:00 - 2019-06-07 06:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-07-14 17:00 - 2019-06-07 06:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-07-14 17:00 - 2019-06-07 06:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-07-14 17:00 - 2019-06-07 06:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-07-14 17:00 - 2019-06-07 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-07-14 17:00 - 2019-06-07 06:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-07-14 17:00 - 2019-06-07 06:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-07-14 17:00 - 2019-06-07 06:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-07-14 17:00 - 2019-06-07 06:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-07-14 17:00 - 2019-06-07 06:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-14 17:00 - 2019-06-07 06:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-07-14 17:00 - 2019-06-07 06:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-14 17:00 - 2019-06-07 06:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-07-14 17:00 - 2019-06-07 06:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-07-14 17:00 - 2019-06-07 06:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-07-14 17:00 - 2019-06-07 06:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-07-14 17:00 - 2019-05-18 23:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-07-14 17:00 - 2019-05-18 23:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-07-14 17:00 - 2019-05-18 23:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-07-14 17:00 - 2019-05-17 13:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-07-14 17:00 - 2019-05-17 13:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-07-14 17:00 - 2019-05-17 13:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-07-14 17:00 - 2019-05-17 13:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-07-14 17:00 - 2019-05-17 13:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-07-14 17:00 - 2019-05-17 13:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-07-14 17:00 - 2019-05-17 13:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-07-14 17:00 - 2019-05-17 13:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-07-14 17:00 - 2019-05-17 13:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-07-14 17:00 - 2019-05-17 13:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-14 17:00 - 2019-05-17 13:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-07-14 17:00 - 2019-05-17 13:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-07-14 17:00 - 2019-05-17 12:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-07-14 17:00 - 2019-05-17 12:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-07-14 17:00 - 2019-05-17 12:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-07-14 17:00 - 2019-05-17 12:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-07-14 17:00 - 2019-05-17 12:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-07-14 17:00 - 2019-05-17 12:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-14 17:00 - 2019-05-17 12:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-07-14 17:00 - 2019-05-17 10:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-07-14 17:00 - 2019-05-17 09:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-07-14 17:00 - 2019-05-17 08:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-07-14 17:00 - 2019-05-17 07:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-07-14 17:00 - 2019-05-17 07:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-07-14 17:00 - 2019-05-17 07:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-07-14 17:00 - 2019-05-17 07:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-07-14 17:00 - 2019-05-17 07:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-07-14 17:00 - 2019-05-17 07:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-07-14 17:00 - 2019-05-17 07:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-07-14 17:00 - 2019-05-17 07:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-07-14 17:00 - 2019-05-17 07:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-07-14 17:00 - 2019-05-17 07:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-07-14 17:00 - 2019-05-17 07:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-07-14 17:00 - 2019-05-17 07:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-14 17:00 - 2019-05-17 07:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-07-14 17:00 - 2019-05-17 07:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-07-14 17:00 - 2019-05-17 07:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-07-14 17:00 - 2019-05-17 07:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-07-14 17:00 - 2019-05-17 07:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-07-14 17:00 - 2019-05-17 06:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-07-14 17:00 - 2019-05-17 06:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-14 17:00 - 2019-05-17 06:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-07-14 17:00 - 2019-05-17 06:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-07-14 17:00 - 2019-05-17 06:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-07-14 17:00 - 2019-05-17 06:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-07-14 17:00 - 2019-05-17 06:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-07-14 17:00 - 2019-05-17 06:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-07-14 17:00 - 2019-05-17 06:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-07-14 17:00 - 2019-05-17 06:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-07-14 17:00 - 2019-05-17 06:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-07-14 17:00 - 2019-05-17 06:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-07-14 17:00 - 2019-05-17 06:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-07-14 17:00 - 2019-05-17 06:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-14 17:00 - 2019-05-17 06:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-07-14 17:00 - 2019-05-17 06:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-07-14 16:49 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Evidence.avi
2019-07-14 16:17 - 2019-07-14 16:07 - 038481012 _____ C:\Users\astra\Desktop\Itdoesnt work.avi
2019-07-14 16:15 - 2019-02-13 06:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-07-14 16:00 - 2019-07-14 16:00 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5 (1).exe
2019-07-14 15:58 - 2019-07-23 19:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2019-07-14 15:51 - 2019-07-15 12:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-07-14 15:51 - 2019-07-14 15:51 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-07-14 15:28 - 2019-07-22 18:43 - 000000000 ____D C:\Users\astra\AppData\Roaming\NCH Software
2019-07-14 15:28 - 2019-07-22 18:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\ProgramData\NCH Software
2019-07-14 15:28 - 2019-07-15 11:52 - 000000000 ____D C:\Program Files (x86)\NCH Software
2019-07-14 15:28 - 2019-07-14 15:28 - 000001317 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2019-07-14 15:28 - 2019-07-14 15:28 - 000001203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk
2019-07-14 15:28 - 2019-07-14 15:28 - 000001191 _____ C:\Users\Public\Desktop\Debut Video Capture Software.lnk
2019-07-14 15:27 - 2019-07-14 15:27 - 002421848 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftwareFree.exe
2019-07-14 15:26 - 2019-07-14 15:26 - 002422872 _____ (NCH Software) C:\Users\astra\Downloads\DebutVideoCaptureSoftware.exe
2019-07-14 15:24 - 2019-07-14 15:24 - 055488424 _____ (Apowersoft LIMITED ) C:\Users\astra\Downloads\apowerrec-135.exe
2019-07-14 15:22 - 2019-07-14 15:22 - 022712608 _____ (Blueberry Software (UK) Ltd.) C:\Users\astra\Downloads\bbfbex5.exe
2019-07-14 15:18 - 2019-07-14 15:19 - 069823400 _____ (obsproject.com) C:\Users\astra\Downloads\OBS-Studio-23.2.1-Full-Installer-x64.exe
2019-07-13 19:31 - 2019-07-13 19:31 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-07-13 15:41 - 2019-07-15 13:40 - 000000000 ___RD C:\Users\astra\Dropbox
2019-07-13 15:41 - 2019-07-13 15:41 - 000001307 _____ C:\Users\astra\Desktop\Dropbox.lnk
2019-07-13 15:33 - 2019-07-13 15:33 - 000000000 ____D C:\Users\astra\AppData\Roaming\Dropbox
2019-07-13 15:32 - 2019-07-22 18:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-07-13 15:32 - 2019-07-13 17:06 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-07-13 15:32 - 2019-07-13 17:06 - 000000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-07-13 15:32 - 2019-07-13 15:41 - 000000000 ____D C:\Users\astra\AppData\Local\Dropbox
2019-07-13 15:32 - 2019-07-13 15:32 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller (1).exe
2019-07-13 15:32 - 2019-07-13 15:32 - 000003984 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-07-13 15:32 - 2019-07-13 15:32 - 000003752 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-07-13 15:32 - 2019-07-13 15:32 - 000000000 ____D C:\ProgramData\Dropbox
2019-07-13 15:25 - 2019-07-13 15:25 - 000000000 ____D C:\Program Files\UNP
2019-07-13 15:11 - 2019-07-13 15:11 - 000694184 _____ (Dropbox, Inc.) C:\Users\astra\Downloads\DropboxInstaller.exe
2019-07-13 15:09 - 2019-07-13 15:09 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-07-13 15:09 - 2019-07-13 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-23 19:32 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-23 19:30 - 2018-08-10 03:36 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-23 19:30 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-23 19:26 - 2018-08-10 03:44 - 000003508 _____ C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck
2019-07-23 19:25 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-23 19:25 - 2017-08-11 00:21 - 000000000 __SHD C:\Users\astra\IntelGraphicsProfiles
2019-07-23 19:24 - 2019-06-03 01:36 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-23 19:23 - 2018-08-10 03:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-23 19:22 - 2018-08-10 03:25 - 000000000 ____D C:\Users\astra
2019-07-23 19:22 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-23 16:52 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-23 16:33 - 2018-04-11 22:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2019-07-23 16:31 - 2018-08-10 03:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-23 06:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-07-22 18:45 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-16 22:55 - 2019-06-03 01:36 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-07-16 22:55 - 2019-06-03 01:36 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-07-16 22:49 - 2017-08-12 15:34 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-16 22:49 - 2017-08-12 15:34 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-16 22:46 - 2017-08-11 00:26 - 000000000 ____D C:\Users\astra\AppData\Local\CrashDumps
2019-07-15 15:42 - 2017-08-11 03:03 - 002033568 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-07-15 15:41 - 2017-08-11 03:02 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-07-15 13:05 - 2019-04-27 20:35 - 000000000 ____D C:\Program Files\Common Files\AV
2019-07-15 12:24 - 2019-03-02 18:53 - 000000000 ____D C:\Users\astra\AppData\Local\D3DSCache
2019-07-15 12:22 - 2018-10-17 23:39 - 000000000 ___RD C:\Users\astra\3D Objects
2019-07-15 12:22 - 2017-01-06 00:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-15 12:19 - 2018-08-10 03:19 - 005061952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-15 12:18 - 2019-04-27 19:29 - 000002412 _____ C:\Users\Public\Desktop\Norton Security.lnk
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-15 12:12 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-15 12:12 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-15 12:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-14 16:59 - 2017-08-12 12:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-14 16:33 - 2017-08-12 12:01 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-14 16:05 - 2018-01-26 09:32 - 000000000 ____D C:\Program Files\rempl
2019-07-14 15:52 - 2019-04-27 19:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2019-07-14 15:39 - 2018-10-18 01:27 - 000000000 ____D C:\ProgramData\Adobe
2019-07-14 15:15 - 2018-10-18 01:26 - 000000000 ____D C:\Users\astra\AppData\Local\Adobe
2019-07-14 15:14 - 2017-08-11 00:21 - 000000000 ____D C:\Users\astra\AppData\Roaming\Adobe
2019-07-13 17:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ELAMBKUP
2019-07-13 15:16 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-07-13 15:07 - 2017-01-06 00:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-13 14:44 - 2018-08-10 03:44 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1801165484-3255497710-3470013671-1002
2019-07-13 14:44 - 2018-08-10 03:25 - 000002371 _____ C:\Users\astra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-13 14:44 - 2017-08-11 00:24 - 000000000 ___RD C:\Users\astra\OneDrive

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
 

 

и Addition....
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by astra (23-07-2019 19:37:37)
Running from C:\Users\astra\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-08-10 02:46:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1801165484-3255497710-3470013671-500 - Administrator - Disabled)
astra (S-1-5-21-1801165484-3255497710-3470013671-1002 - Administrator - Enabled) => C:\Users\astra
DefaultAccount (S-1-5-21-1801165484-3255497710-3470013671-503 - Limited - Disabled)
Guest (S-1-5-21-1801165484-3255497710-3470013671-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1801165484-3255497710-3470013671-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3011 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3008 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Adobe Connect (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Adobe Connect App) (Version: 11.9.982.478 - Adobe Systems Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.49 - NCH Software)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3019 - Acer Incorporated)
Dropbox (HKLM-x32\...\Dropbox) (Version: 77.4.131 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
ELAN HIDI2C Filter Driver X64 13.6.7.2_WHQL (HKLM\...\Elantech) (Version: 13.6.7.2 - ELAN Microelectronic Corp.)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 7.10 - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{3A55D9C8-17B6-41F9-B9C2-4B1532DCD016}) (Version: 19.10.1635.0483 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed5cef80-a339-45bd-8c06-514eaf785ca8}) (Version: 19.71.0 - Intel Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
Norton Security (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Pentablet version 1.5.2.180829 (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 1.5.2.180829 - UGEE Technology Co.,Ltd)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 7.22 - NCH Software)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )

Packages:
=========
Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2018-10-26] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-03] (Autodesk Inc.)
Booking.com -> C:\Program Files\WindowsApps\Booking.com_1.0.1606.2210_x64__96rgg7pjt343r [2017-01-06] (CN=Acer Incorporated)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-22] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-13] (king.com)
eBay -> C:\Program Files\WindowsApps\eBay_1.0.1606.2210_x64__96rgg7pjt343r [2017-01-06] (CN=Acer Incorporated)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-08-12] (AMZN Mobile LLC)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.1.0.6_x86__h6adky7gbf63m [2019-07-13] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-08-12] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-07-13] (Netflix, Inc.)
Norton Password Manager -> C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.4.2.0_neutral__v68kp9n051hdp [2019-07-13] (Symantec Corporation)
Norton Safe Web -> C:\Program Files\WindowsApps\SymantecCorporation.NortonSafeWeb_3.8.0.0_neutral__v68kp9n051hdp [2019-05-26] (Symantec Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-10-18] (Twitter Inc.)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.76.0_x64__qt5r5pa5dyg8m [2019-07-13] (WildTangent Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1801165484-3255497710-3470013671-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\astra\Dropbox [2019-07-13 15:41]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-07-08] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxDTCM.dll [2018-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\astra\AppData\Local:fgLWSWvcNK90pVbNiuttcfY [2158]
AlternateDataStreams: C:\Users\astra\AppData\Local\6Xrb7BuFYhaI:6cAhTWwnId6ZmRcDBKN9ftXRfR [1988]
AlternateDataStreams: C:\Users\astra\AppData\Local\Temp:SRXsx872vxEMxDomUb [2152]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2019-04-27 19:22 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E5F7562B-8087-408D-BB92-FE85EAE24E06}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [{1CED9AF7-C2E4-4601-9F53-0D4A15D79526}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FCD7CA6-3EC3-4577-92C6-D62DF955E70A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2EAF120-A536-47AE-980D-EF2F8EA7BD08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{838AA21F-0809-4986-AD7A-2800780F07DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{29AB0F8B-66D4-4861-A599-D15A96774C1A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9F7B2182-4AD3-4CEF-87C9-9BA0940FD01E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{204B5F4D-1EF6-4678-A02B-5FCBE25E2DDD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{14B95CFD-0740-469F-9B61-52C1A692DF74}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{4B353FE0-2A63-48A1-96D5-465EF3CA5B31}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{DC36C9C9-C11B-43B8-9ED3-30347F18C419}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1E303C68-A431-4E0C-80B8-3FA642A19F5D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{2C9F3EF0-87ED-4525-9AE2-207182083A0A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{3ED16D29-665C-4147-8DD8-8DEAD8F9AEF3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{98B55E2D-4153-4DDB-A2BA-8919843ABB84}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{99C30625-10D2-4F6B-BBE8-91CFE7B92870}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{CB2D87E8-9BD0-4F41-944E-B122536C42C6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{1CDC0D08-EA3D-4177-AE6F-D3C83EA126E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A3323F7-E225-4DCE-8263-99C7EB92186F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F22EAC21-9A04-4333-A9FB-43688D470A57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{84A4FE6C-C5DF-4AA6-99AB-B01C079C62AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F4881749-9682-4F05-BE05-0F0C5D6A3382}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{0E06B349-AF00-4A12-B7C4-ABCA920C0E77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{637E078F-3C4D-4EF5-A713-7B007747D38A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

14-07-2019 16:02:52 Windows Update
22-07-2019 18:39:46 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2019 07:32:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWC.exe, version: 2.1.16258.0, time stamp: 0x57dc7237
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x01c52b90
Faulting process ID: 0x2e7c
Faulting application start time: 0x01d5418458272dfd
Faulting application path: C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe
Faulting module path: unknown
Report ID: 55864420-e3dd-4815-84d7-2015f7fe640b
Faulting package full name: 
Faulting package-relative application ID:

Error: (07/23/2019 07:32:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AWC.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Amundsen.LSM.Load()
   at Amundsen.Program.TimeIntervalElapsed(Boolean)
   at Amundsen.Program.Main(System.String[])

Error: (07/23/2019 07:28:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 75.0.3770.142 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2ab8

Start Time: 01d54184303bf1d1

Termination Time: 32

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 3cda8669-c302-4e51-bdef-4332bb5a88e1

Faulting package full name: 

Faulting package-relative application ID:

Error: (07/23/2019 07:28:50 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (07/23/2019 07:28:50 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (07/23/2019 07:28:50 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (07/23/2019 07:28:50 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (07/23/2019 07:28:35 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.


System errors:
=============
Error: (07/23/2019 07:31:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 07:28:55 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 07:27:31 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 07:25:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 07:25:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 07:24:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 04:43:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/23/2019 04:41:46 PM) (Source: DCOM) (EventID: 10016) (User: ASTRAMUR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user ASTRAMUR\astra SID (S-1-5-21-1801165484-3255497710-3470013671-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-10-18 01:39:46.496
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.277.1243.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15300.6
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.06 11/02/2016
Motherboard: Acer T-Rex_SK
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 54%
Total physical RAM: 8060.22 MB
Available physical RAM: 3639.06 MB
Total Virtual: 9340.22 MB
Available Virtual: 4399.75 MB

==================== Drives ================================

Drive 😄 (Acer) (Fixed) (Total:481.18 GB) (Free:403.93 GB) NTFS
Drive e: (Work) (Fixed) (Total:449.22 GB) (Free:421.28 GB) NTFS

\\?\Volume{032d40ac-eca6-4db7-bcdb-a36256b5a3e4}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.57 GB) NTFS
\\?\Volume{1f5023ca-1e9d-40b1-808a-26b415179399}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4D3D691C)

Partition: GPT.

==================== End of Addition.txt ============================

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Фикс с Farbar Recovery Scan Tool
 
icon13.gif Изтеглете прикачения файл
 fixlist.txt  и го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Press%20the%20FIX%20button_zpsdd5zi3mt.p


Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt

 

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by astra (23-07-2019 20:10:43) Run:1
Running from C:\Users\astra\Desktop
Loaded Profiles: astra (Available Profiles: astra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
HKLM\...\Run: [CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-23-C5C7662 (the data entry has 44 more characters).
HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\...\Run: [AdobeBridge] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-08-12]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\Users\astra\AppData\Local:fgLWSWvcNK90pVbNiuttcfY [2158]
AlternateDataStreams: C:\Users\astra\AppData\Local\6Xrb7BuFYhaI:6cAhTWwnId6ZmRcDBKN9ftXRfR [1988]
AlternateDataStreams: C:\Users\astra\AppData\Local\Temp:SRXsx872vxEMxDomUb [2152]
FirewallRules: [{9F7B2182-4AD3-4CEF-87C9-9BA0940FD01E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{204B5F4D-1EF6-4678-A02B-5FCBE25E2DDD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{14B95CFD-0740-469F-9B61-52C1A692DF74}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
Reboot:

*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\CL-23-C5C7662B-BF27-4E63-BAE2-CA182DB18B4F" => removed successfully
"HKU\S-1-5-21-1801165484-3255497710-3470013671-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => moved successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Users\astra\AppData\Local => ":fgLWSWvcNK90pVbNiuttcfY" ADS removed successfully
C:\Users\astra\AppData\Local\6Xrb7BuFYhaI => ":6cAhTWwnId6ZmRcDBKN9ftXRfR" ADS removed successfully
C:\Users\astra\AppData\Local\Temp => ":SRXsx872vxEMxDomUb" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F7B2182-4AD3-4CEF-87C9-9BA0940FD01E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{204B5F4D-1EF6-4678-A02B-5FCBE25E2DDD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14B95CFD-0740-469F-9B61-52C1A692DF74}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38875579 B
Java, Flash, Steam htmlcache => 1135 B
Windows/system/drivers => 275542 B
Edge => 14203202 B
Chrome => 114659827 B
Firefox => 22387690 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 17354 B
LocalService => 0 B
NetworkService => 8140 B
NetworkService => 0 B
astra => 389034 B

RecycleBin => 42947 B
EmptyTemp: => 189.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:13:00 ====

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Чудесно...! Някакви промени да наблюдавате по системата си...? Нещо нередно..? Първоначалните симптоми още ли са активни..?

 

Още малко проверки...:

 

GfiJrQ9.png&key=c8330b952021a3c1e5ae3771  Сканиране с Malwarebytes Anti-Malware (MBAM)

Моля изтеглете  Malwarebytes Anti -Malware и я запазете на вашия десктоп.

  • Стартирайте файла  mb3-setup-consumer-x.x.x.xxxx.exe и следвайте указанията за да инсталирате програмата.
  • След като инсталацията приключи програмата ще стартира автоматично.
  • Отидете до табът Settings => Protection > и под категорията Scan Options включете опцията "Scan for rootkits" като преместите плъзгача надясно.

xTvORSF.png

  • Отидете до табът Scan, и изберете Threat Scan и след това натиснете бутона Start Scan.

RUSrqgW.png

  • Ще започне проверка за зловреден софтуер.

4CJ90KI.png

  • При някои инфекции можете да видите съобщението:
  • "Could not load DDA driver"
  • Натиснете "Yes" на това съобщение за да позволите драйвера да се зареди след рестарт.
  • Разрешете на компютъра да се рестартира и след това продължете с останалите инструкции.
  • След като проверката приключи ще се появи списъка с резултатите (ако има намерени обекти). Ако програмата е минимизирана докато сканира ще се появи следното съобщение ако има открити заплахи. Натиснете бутона View Scan Results.

37b.png

  • . Натиснете бутона Quarantine Selected.

2CfXEk1.png

  • Изчакайте да се появи прозореца подканващ ви да рестартирате и след това натиснете бутона Yes.

8Jc9dl9.png

  • След рестарта, стартирайте отново Malwarebytes Anti-Malware.
  • Отидете то табът Reports и отворете лог файла с името Scan Report.

X0ha4sd.png

  • Натиснете бутона Export и след това =>  "Copy to Clipboard"

fE9qzai.png

  • Сега вече поставете съдържанието на лог файла с клавишната комбинация Ctrl + Vи го публикувайте в следващия си коментар.

 

==================================================================================================================================================

 

BY4dvz9.png Сканиране с AdwCleaner

  • Изтеглете и стартирайте 6sv1DN9.jpgAdwCleaner 7.1.1.0 Final
  • Натиснете бутона Scan Now (или Сканиране сега, ако ви е на български)

4lqbd6J.png

  • AdwCleaner ще обнови базата с дефинициите си и ще започне да проверява компютъра. Проверката ще отнеме не повече от няколко секунди.
  • След като проверката приключи ако има намерени обекти ще се появи диалогов прозорец подканващ ви да натиснете бутона Clean & Repair (Почисти & Поправи).
  • Програмата ще затвори всички излишни процеси и след почистването ще иска да рестартира машината. Съгласете се.

FCuQiuz.png

  • Ако не бъдат открити зарази ще видите следния прозорец:

CWWivYK.png

  • Натиснете бутона Skip Basic Repair (Пропускане на основното поправяне).
  • И в двата случая ако няма открити зарази или ако програмата е почистила такива, стартирайте пак програмата и отидете до табът Log files
  • Кликнете с двукратен клил на мишката върху лог файла с последната дата и част (новите файлове са най-отдолу в списъка) и публикувайте съдържанието на файла в следващия си коментар.

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • Дневник от Malwarebytes Anti -Malware
  • AdwCleaner .txt
  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Без съмнение системата е много по-пъргава и не се задъхва въобще.
Имаше ли много за чистене? Каво и беше?
Въпросния софтуер за който говорех първоначално го инсталирах на 15 и после на 16 и после го махнах но на същите дати уиндоуса се упдейтна и като гледах файловете имаше доста файлове променени на тези дати.... те ли се оказаха проблем или по пронцип си се е прецакала системата? 
Сега работя по последните задачи които м поставихте...

първия рапорт след прикл'чване на сканирането на malwarebytes

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 23/07/2019
Scan Time: 21:48
Log File: 40f5b8d8-ad8b-11e9-9d0c-30e37ae1387b.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11690
Licence: Trial

-System Information-
OS: Windows 10 (Build 17134.885)
CPU: x64
File System: NTFS
User: ASTRAMUR\astra

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 284179
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 11 min, 2 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

никакъв прозорец който ме подканва да рестартирам не се появи.... да рестарирам ли?
и тогава пак да изкопирам репорта?

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

ADWCLEANER намери нещо.......
 

 

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-24-2018
# Database: 
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-23-2019
# Duration: 00:00:18
# OS:       Windows 10 Home
# Scanned:  31372
# Detected: 8


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AmazonAssistant    C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com

***** [ Files ] *****

Adware.pokki                    C:\Windows\System32\Tasks_Migrated\App Explorer
PUP.Optional.Legacy             C:\Users\Public\Desktop\eBay.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

PUP.Optional.Assistant          Amazon Assistant for Firefox

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
 

 

и го почисти________________
 

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-24-2018
# Database: 
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-23-2019
# Duration: 00:00:11
# OS:       Windows 10 Home
# Cleaned:  8
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com

***** [ Files ] *****

Deleted       C:\Windows\System32\Tasks_Migrated\App Explorer
Deleted       C:\Users\Public\Desktop\eBay.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted       HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted       Amazon Assistant for Firefox

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

 

за кави дневници става дума - това последното дневник ли е или рапорт????

 


 

 

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Супер..! Първия дневник показва че системата е чиста..! AdwCleaner  е премахнал остатъци и една добавка за Firefox  - Amazon Assistant for Firefox ....! Според мен проблема ви се дължеше на това че имахте остатъци от Bitdefender и McAfee Site Advisor , които са влизали в конфликт със други програми ..! Премахнахме ги с фикса ..!

Преди да се ориентираме към приключване , да погледнем нови свежи дневници:

 

Сканиране с Farbar Recovery Scan

  • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
  • Стартирайте файла FRST.exe (или FRST64.exe)
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Натиснете бутона YClYkft.jpg.
  • Изчакайте търпеливо проверката да приключи.
  • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
  • Копирайте съдържанието на файла FRST.txt в следващия си пост.Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).

 

+

 

25.jpg?1426074241   Сканиране с SecurityCheck by glax24

  • Изтеглете SecurityCheck by glax24 от тук и запомнете инструмента на десктопа .
  • Стартирате програмата (ако използвате Windows XP) или стартирате с десен бутон на мишката от името на администратор (ако използватеWindows Vista/7/8/10)
  • Изчакайте да приключи сканирането.Ще се отвори в текстов файл с име SecurityCheck.txt. Копирайте съдържанието на  този файл  следващия си пост
  • Можете да намерите този файл в основната директория на системния диск в папка с име SecurityCheck, напр. C:\SecurityCheck\SecurityCheck.txt

pfNZP4A.png&key=0a487e0a7cff89c690a32d13  Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (прикачате..) 
  • SecurityCheck.txt
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

За съжаление отново автора на темата спря да отговаря...! Темата маркирам като " Приключена" ..! Този път я заключвам и повече няма да отговарям в нея  ..! Понякога трябва да се уважава труда на хората ...!

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Гост
Тази тема е заключена за нови отговори.

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от MisterDimchev
      Значи след инсталиране и ползване на Manjaro (сега се върнах на Windows 10) и ползването на Chromium това нещо от скрийншота не мога да го разкарам.
      Само Земана го открива, не вярвам дори да е вирус, Malwarebytes, Hitman Pro, Windows Defender - не го откриват или смятат за нещо зловредно.
      Но все пак, бих желал да го няма.
      Значи върнах настройките на Chrome (Default settings), изтрих всичко - история, сваляния, кукита....
      Това си стои.
      Предложения?

    • от hjhj
      Здравейте.
      Вчера ОС-то тотално се скапа.
      Днес инсталирах Windows 8.1 всичко мина нормално. Образа е свален от сайта на Microsoft.
      Обаче след инсталацията при преглед на снимка видях, че всички снимки и текстови файлове са криптирани. До колкото видях в нета това е нов вирус. Имали начин да се декриптират файловете.
      Addition.txt FRST.txt
    • от YelloWonKEY
      Здравейте! 
      Накратко: докато играех CS от настолния и единствен компютър. Се опитах да вляза в сървър (руски) след това играта крашна и искаше позволение относно лаунчъра. Аваст показа, че им Malware?! Някъде в папка Windows или system32. Спрях и пуснах пц-то. Вече беше Много бавно. Направих нов опит и безуспешен доро да вляза в акаунта си. Успях, чрез другия акаунт, но не ми дава да вляза в user/administrator. Сега когато цъкна на администратор зарежда с часове и не влиза... Днес успях да отворя Браузър - прикачвам снимка да видите какво изписа антивирусната... 

      Прикачил съм файловете от FRST.

       

      Addition.txt
      FRST.txt
    • от apolaz
      Здравейте,
      Помолиха ме тук да пусна отново темата и да оставя нещата някой специалист да ми помогне.  В лаптопа ми се появи сериозен проблем - вследствие на вируса GandCrab v5.1  доста файлове се прекодираха с разширение .puiuf и във всяка заразена папка се появи един и същи файл  с име PUIUF-DECRYPT.txt, в който се обяснява как да възстановя (декриптирам) файловете. Да инсталирам TOR браузъра и да отида на определен сайт, където след заплащане ще ми изпратят декодиращ код. В Интернет се предлага да се сканира най-вече с SpyHunter, но след това за пълното му функциониране трябва да се закупи. Пробвах с други различни анти програми и скенери, но няма резултат - не откриват GandCrab v5.1. Интересното е, че не всички папки са заразени. Повечето са от D: устройството. На 24.01.19 от един торент реших да инсталирам InPixio Photo Clip Professional 8.3.0 и тогава се получи историята с GandCrab v5.1. Прикачвам файла PUIUF-DECRYPT.txt.
       Моля за помощ, благодаря предварително!
      PUIUF-DECRYPT.txt
    • от GroundZero
      Здравейте колеги   като тръгнем да свалям клип от камерата на компютъра започне да се копира и зацепи тотално а и някои път изпише "this operation returned because the timeout period expired"  
       
      съдържанието на файла FRST.txt : 
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-12-2014
      Ran by USER (administrator) on PC on 25-12-2014 21:05:39 Running from C:\Documents and Settings\USER\My Documents\Downloads Loaded Profile: USER (Available profiles: USER) Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English (United States) Internet Explorer Version 6 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/   ==================== Processes (Whitelisted) =================   (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)   (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe () C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Google Inc.) C:\Documents and Settings\USER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe () C:\Program Files\USB all-in-one game controller\GM_DevUpdate.exe (Oracle Corporation) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (GoldSolution Software, Inc.) C:\Program Files\PC Auto Shutdown\ShutdownService.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe     ==================== Registry (Whitelisted) ==================   (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)   HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17331200 2012-02-10] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [57344 2012-02-10] (Realtek Semiconductor Corp.) HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated) HKLM\...\Run: [switchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM\...\Run: [start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.) HKLM\...\Run: [NokiaMServer] => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles HKLM\...\Run: [PC Auto Shutdown] => C:\Program Files\PC Auto Shutdown\AutoShutdown.exe [1442472 2014-09-15] (GoldSolution Software, Inc.) HKU\S-1-5-21-220523388-842925246-839522115-1003\...\Run: [Google Update] => C:\Documents and Settings\USER\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2012-02-10] (Google Inc.) HKU\S-1-5-21-220523388-842925246-839522115-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3477312 2012-01-19] (DT Soft Ltd) HKU\S-1-5-21-220523388-842925246-839522115-1003\...\Run: [sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony) HKU\S-1-5-21-220523388-842925246-839522115-1003\...\Run: [KillCopy] => C:\WINDOWS\system32\killcopy.exe [1185792 2006-10-29] (Killer{R}) HKU\S-1-5-21-220523388-842925246-839522115-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd) HKU\S-1-5-21-220523388-842925246-839522115-1003\...\MountPoints2: {0fe8f172-dcb2-11e2-81e4-00252207b9ad} - J:\AutoRun.exe HKU\S-1-5-21-220523388-842925246-839522115-1003\...\MountPoints2: {1c77e5ef-5531-11e3-8263-00252207b9ad} - J:\Startme.exe HKU\S-1-5-21-220523388-842925246-839522115-1003\...\MountPoints2: {a27c8692-53ed-11e1-bfe5-00252207b9ad} - F:\Setup.exe HKU\S-1-5-21-220523388-842925246-839522115-1003\...\MountPoints2: {a27c86b7-53ed-11e1-bfe5-00252207b9ad} - F:\Setup.exe Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FlexType 2K.lnk ShortcutTarget: FlexType 2K.lnk -> C:\WINDOWS\Datecs\Flex2K.exe () Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Nokia Ovi Suite.lnk ShortcutTarget: Nokia Ovi Suite.lnk -> D:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe (Nokia) Startup: C:\Documents and Settings\USER\Start Menu\Programs\Startup\GM_DevUpdate.lnk ShortcutTarget: GM_DevUpdate.lnk -> C:\Program Files\USB all-in-one game controller\GM_DevUpdate.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION   ==================== Internet (Whitelisted) ====================   (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)   HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-220523388-842925246-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-220523388-842925246-839522115-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie URLSearchHook: HKU\S-1-5-21-220523388-842925246-839522115-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION SearchScopes: HKLM -> DefaultScope value is missing. SearchScopes: HKU\S-1-5-21-220523388-842925246-839522115-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) BHO: WatchItAdBaloccke -> {B2E843CC-3C5B-E701-E9AC-890CBB524C72} -> C:\Documents and Settings\All Users\Application Data\WatchItAdBaloccke\CJca1yvaQ.dll () BHO: IsAvero -> {D2906719-1233-0362-21FD-B396D6189892} -> C:\Documents and Settings\All Users\Application Data\IsAvero\AJlWe3jRP.dll () BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) BHO: AAlliSSavier -> {E1254057-2786-8347-11F0-6EB2DEEB8600} -> C:\Documents and Settings\All Users\Application Data\AAlliSSavier\mlVmqnk.dll () Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1   FireFox: ======== FF ProfilePath: C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\l5agnx6k.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.4.1 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.4.1 -> C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-220523388-842925246-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\USER\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-220523388-842925246-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\USER\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\911bg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\diribg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\pe-bg.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\portalbgdict.xml FF Extension: DownloadHelper - C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\l5agnx6k.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-03-25] FF Extension: DownThemAll! - C:\Documents and Settings\USER\Application Data\Mozilla\Firefox\Profiles\l5agnx6k.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-03-15] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-05-23]   Chrome:  ======= CHR Profile: C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-21] CHR Extension: (Отдалечен работен плот на Chrome) - C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-06-13] CHR Extension: (WatchItAdBaloccke) - C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmbljhkcgldnegdmapofijpccfjmddil [2014-02-05] CHR Extension: (Google Wallet) - C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\USER\Local Settings\Application Data\Google\Chrome\Application\chrome.exe   ========================== Services (Whitelisted) =================   (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)   S3 chromoting; C:\Program Files\Google\Chrome Remote Desktop\35.0.1916.52\remoting_host.exe [51016 2014-04-17] (Google Inc.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] R2 JavaQuickStarterService; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161664 2012-04-04] (Oracle Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc.) R2 PCAutoShutdown_Service; C:\Program Files\PC Auto Shutdown\ShutdownService.exe [442136 2011-11-14] (GoldSolution Software, Inc.) S3 ServiceLayer; D:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [572416 2008-05-30] (Nokia.) [File not signed] S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S2 e64a4d03; "C:\WINDOWS\system32\rundll32.exe" "c:\docume~1\alluse~1\applic~1\assist~1\AssistantSvc.dll",service   ==================== Drivers (Whitelisted) ====================   (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)   R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [165376 2012-06-10] () [File not signed] R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2012-02-10] (DT Soft Ltd) R1 eusk2par; C:\WINDOWS\system32\Drivers\eusk2par.sys [30656 2006-12-13] (Eutron) R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed] U3 GMFilter; C:\WINDOWS\system32\Drivers\GMFilter.sys [20992 2004-12-16] () [File not signed] R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2012-06-10] () [File not signed] R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [9902112 2010-08-19] (NVIDIA Corporation) [File not signed] R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-12-05] (Sonic Solutions) [File not signed] S3 s0016bus; C:\WINDOWS\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation) S3 s0016mdfl; C:\WINDOWS\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation) S3 s0016mdm; C:\WINDOWS\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation) S3 s0016mgmt; C:\WINDOWS\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation) S3 s0016nd5; C:\WINDOWS\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation) S3 s0016obex; C:\WINDOWS\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation) S3 s0016unic; C:\WINDOWS\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation) R2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [12464 2012-02-10] (Macrovision Europe Ltd) [File not signed] R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed] R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed] R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [File not signed] R3 skbusenum; C:\WINDOWS\System32\DRIVERS\skbusenum.sys [10880 2004-12-16] (Windows ® 2000 DDK provider) [File not signed] R0 speedfan; C:\WINDOWS\System32\speedfan.sys [25240 2011-03-18] (Almico Software) S3 upperdev; C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys [8064 2008-06-06] (Windows ® Codename Longhorn DDK provider) S3 UsbserFilt; C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys [8064 2008-05-07] (Windows ® Codename Longhorn DDK provider) R0 VirtualK; C:\WINDOWS\System32\drivers\VirtualK.sys [3968 2003-11-27] (Windows ® 2000 DDK provider) [File not signed] R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.) S3 WmFilter; C:\WINDOWS\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.) S3 WmHidLo; C:\WINDOWS\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.) R3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.) R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.) S1 EterlogicVirtualSerialDriver; \??\C:\DOCUME~1\USER\LOCALS~1\Temp\VSPE.sys [X] S4 IntelIde; No ImagePath U1 WS2IFSL; No ImagePath   ==================== NetSvcs (Whitelisted) ===================     (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)     ==================== One Month Created Files and Folders ========   (If an entry is included in the fixlist, the file\folder will be moved.)   2014-12-25 21:05 - 2014-12-25 21:05 - 00000000 ____D () C:\FRST 2014-12-25 21:03 - 2014-12-25 21:03 - 00057008 _____ () C:\Documents and Settings\USER\Desktop\Extras.Txt 2014-12-25 21:02 - 2014-12-25 21:02 - 00067834 _____ () C:\Documents and Settings\USER\Desktop\OTL.Txt 2014-12-25 20:55 - 2014-12-25 20:56 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\USER\Desktop\OTL.exe 2014-12-25 20:51 - 2014-12-25 20:51 - 03563072 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-12-25 18:07 - 2014-12-25 18:07 - 00005122 _____ () C:\Documents and Settings\USER\My Documents\cc_20141225_180743.reg 2014-12-25 18:02 - 2014-12-25 18:02 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk 2014-12-25 01:14 - 2014-12-25 01:14 - 00000000 ____D () C:\Program Files\KillSoft 2014-12-25 01:14 - 2014-12-25 01:14 - 00000000 ____D () C:\Documents and Settings\USER\Start Menu\Programs\KillCopy 2014-12-25 01:11 - 2014-12-25 20:56 - 00000000 ____D () C:\Documents and Settings\USER\Application Data\TeraCopy 2014-12-25 01:11 - 2014-12-25 01:11 - 00000000 ____D () C:\Program Files\TeraCopy 2014-12-25 01:11 - 2014-12-25 01:11 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeraCopy 2014-12-25 00:54 - 2014-12-25 00:54 - 00000000 ____D () C:\Program Files\FastCopy 2014-12-17 23:00 - 2014-12-17 23:00 - 00000000 ____D () C:\Documents and Settings\USER\My Documents\Rockstar Games 2014-12-17 22:51 - 2014-12-17 22:51 - 00000000 __SHD () C:\Documents and Settings\All Users\Application Data\SecuROM 2014-12-17 22:51 - 2014-12-17 22:51 - 00000000 ____D () C:\Documents and Settings\USER\Local Settings\Application Data\Rockstar Games 2014-12-17 22:37 - 2014-12-17 22:37 - 00000581 _____ () C:\Documents and Settings\USER\Desktop\Grand Theft Auto IV - Winter.lnk 2014-12-17 22:37 - 2014-12-17 22:37 - 00000000 ____D () C:\Documents and Settings\USER\Start Menu\Programs\Grand Theft Auto IV - Winter 2014-12-08 00:18 - 2014-12-08 00:18 - 00000019 _____ () C:\Documents and Settings\USER\Desktop\wrc.txt 2014-12-03 01:14 - 2014-12-03 01:21 - 00000000 ____D () C:\Documents and Settings\USER\Desktop\Pejo skoda 2014-11-30 19:13 - 2014-11-30 19:44 - 00000000 ____D () C:\Documents and Settings\USER\Desktop\29.11.2014   ==================== One Month Modified Files and Folders =======   (If an entry is included in the fixlist, the file\folder will be moved.)   2014-12-25 21:05 - 2012-02-10 12:04 - 00000000 ____D () C:\Documents and Settings\USER\Local Settings\Temp 2014-12-25 20:58 - 2012-02-10 11:53 - 00354841 _____ () C:\WINDOWS\WindowsUpdate.log 2014-12-25 20:56 - 2012-02-28 22:02 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-25 20:56 - 2012-02-10 15:23 - 00000000 ____D () C:\Documents and Settings\USER\Desktop\_2 2014-12-25 20:56 - 2012-02-10 13:43 - 00000263 _____ () C:\WINDOWS\wiadebug.log 2014-12-25 20:56 - 2012-02-10 13:39 - 00521942 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-25 20:52 - 2012-02-10 13:43 - 00000053 _____ () C:\WINDOWS\wiaservc.log 2014-12-25 20:51 - 2014-01-08 00:02 - 00000610 ____H () C:\WINDOWS\Tasks\GS.Enabler-S-848671963.job 2014-12-25 20:51 - 2012-02-28 22:02 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-25 20:51 - 2012-02-10 12:01 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-12-25 20:51 - 2004-08-04 03:07 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl 2014-12-25 20:11 - 2012-02-10 12:48 - 00001074 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-842925246-839522115-1003UA.job 2014-12-25 18:11 - 2012-02-10 12:01 - 00032500 _____ () C:\WINDOWS\SchedLgU.Txt 2014-12-25 18:09 - 2014-11-09 01:48 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Street Legal Racing - Redline NF 2010 2014-12-25 18:09 - 2013-02-10 21:53 - 00000000 ____D () C:\Documents and Settings\USER\Desktop\др 2014-12-25 18:07 - 2012-11-13 16:24 - 00000000 ____D () C:\Program Files\Steam 2014-12-25 18:07 - 2012-02-10 18:29 - 00000000 ____D () C:\Documents and Settings\USER\Application Data\DAEMON Tools Lite 2014-12-25 18:06 - 2012-02-10 12:49 - 00000000 ____D () C:\Documents and Settings\USER\Application Data\uTorrent 2014-12-25 18:05 - 2012-11-20 20:55 - 00000000 ____D () C:\Program Files\SpeedFan 2014-12-25 18:05 - 2012-04-01 17:20 - 00000000 ____D () C:\WINDOWS\Minidump 2014-12-25 18:02 - 2012-10-30 15:19 - 00000000 ____D () C:\Program Files\CCleaner 2014-12-25 11:11 - 2013-05-16 14:03 - 00001022 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-842925246-839522115-1003Core1ce522d61660a2a.job 2014-12-25 02:00 - 2012-09-13 23:58 - 00000340 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-PC-USER.job 2014-12-23 04:01 - 2012-02-10 12:04 - 00000178 ___SH () C:\Documents and Settings\USER\ntuser.ini 2014-12-18 20:15 - 2014-10-08 19:23 - 00000000 ____D () C:\temp 2014-12-17 17:52 - 2012-12-17 16:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Wenson 2014-12-17 17:50 - 2012-12-17 16:36 - 00000000 ____D () C:\WINDOWS\Downloaded Installations 2014-12-17 17:50 - 2012-04-13 23:49 - 00000000 ____D () C:\Documents and Settings\USER\Desktop\Простотииии 2014-12-16 21:34 - 2014-10-09 00:21 - 00000000 ____D () C:\Documents and Settings\USER\My Documents\Euro Truck Simulator 2 2014-12-03 23:50 - 2012-02-11 15:47 - 00000000 ____D () C:\Documents and Settings\USER\My Documents\Rigs of Rods 0.38 2014-12-02 16:55 - 2013-04-19 11:06 - 00001739 _____ () C:\Documents and Settings\All Users\Desktop\Sony PC Companion 2.1.lnk 2014-12-02 16:55 - 2012-03-08 17:15 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sony 2014-12-02 16:54 - 2012-02-10 12:15 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information   Some content of TEMP: ==================== C:\Documents and Settings\USER\Local Settings\Temp\NEventMessages.dll C:\Documents and Settings\USER\Local Settings\Temp\sfamcc00001.dll C:\Documents and Settings\USER\Local Settings\Temp\sfamcc00002.dll     ==================== Bamital & volsnap Check =================   (There is no automatic fix for files that do not pass verification.)   C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed   ==================== End Of Log ============================ Addition.txt
  • Дарение

×
×
  • Добави ново...